Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
18.7 Legacy Series
(Moderator:
fabian
) »
<SOLVED> Help needed for firewall API and creating Aliases<
« previous
next »
Print
Pages: [
1
]
Author
Topic: <SOLVED> Help needed for firewall API and creating Aliases< (Read 228 times)
The_Sage
Newbie
Posts: 45
Karma: 4
<SOLVED> Help needed for firewall API and creating Aliases<
«
on:
December 28, 2018, 12:36:49 am »
Thanks for taking time to read this.
I am trying to add an alias using the Firewall API. I can get a list of aliases, and a list of values for an alias so I have the curl set properly.
$key ="key";
$secret = "secret";
$url = "
https://OPNsense.gateway/api/firewall/alias/addItem/xyzzy
";
$handle = curl_init($url);
curl_setopt_array($handle,
array(
CURLOPT_USERPWD => "$key:$secret",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => false,
CURLOPT_POSTFIELDS => "", // Tried with this line out as well
CURLOPT_POST => true,
)
);
My issue occurs when trying to add an Alias using the above code. (I am stepping out of comfort zone here ), but I have traced the calls back to the
/usr/local/opnsense/mvc/app/controllers/OPNsense/Base/ApiMutableModelControllerBase.php
And added some extra results to see where (??) the process is failing.
from the lines here in the addBase function,
$result = array("result" => "failed");
if ($this->request->isPost() && $this->request->hasPost($post_field)) {
hasPost($post_field) is NULL or empty from results
error =: (No curl error)
result => {
"result":"failed 1st step addbase //renamed result to see output
$isPost :alias // $post_fields var
Is req. : 1 // $this->request->isPost()
has post : // $this->request->hasPost()
"}
I am probably barking up the wrong tree, but can someone point me in the right direction please. I am sure the API is OK, and I am sure there is something in my code.
Thanks
the Sage !!
«
Last Edit: December 29, 2018, 04:51:41 am by The_Sage
»
Logged
The_Sage
Newbie
Posts: 45
Karma: 4
Re: Help needed for firewall API and creating Aliases
«
Reply #1 on:
December 28, 2018, 11:21:20 pm »
Maybe in other words, the comment in the code
/**
* Add new alias and
set with attributes from post
* @return array save result + validation output
* @throws \OPNsense\Base\ModelException when not bound to model
* @throws \Phalcon\Validation\Exception when field validations fail
* @throws \ReflectionException when not bound to model
*/
What are the "set with attributes from post" meant to be. Are they the same as the attributes from getItem ?
Can anyone provide the correct syntax for the addItem method.
Logged
The_Sage
Newbie
Posts: 45
Karma: 4
<Solved> Help needed for firewall API and creating Aliases
«
Reply #2 on:
December 29, 2018, 04:51:00 am »
Thanks for taking time to read this and I hope this can help out someone else.
After 2 days of trial and lots of error I have worked out the correct code and the correct POST variables.
I added echo checks during the code flow and realised that the MODEL for the API is in the directory
/usr/local/opnsense/mvc/app/models/OPNsense/"API"/Alias.xml
This shows the required fields for AddAction
So for the firewall, Add alias API call i used the following code.
<?php
$key ="
key
";
$secret = "
secret
";
// This is the 4 REQUIRED fields for successful Alias addition
$post_data = '{"alias": { "name": "xyzzy", "content": "192.168.5.5", "enabled" : "1", "type" : "host"}}';
//
// Can also add "description": "My NEW Alias descritpion"
//
$url = '
https://my.secure.gateway/api/firewall/alias/addItem/xyzzy';
$headers = array();
$headers[] = "Content-Type: application/json";
$handle = curl_init();
curl_setopt_array($handle,
array(
CURLOPT_URL => $url,
CURLOPT_USERPWD => "$key:$secret",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POSTFIELDS => $data,
CURLOPT_POST => true,
CURLOPT_HTTPHEADER => $headers,
)
);
$result = curl_exec($handle);
echo "Result => " . $result ;
curl_close($handle);
/>
Logged
guest19757
Guest
Re: <SOLVED> Help needed for firewall API and creating Aliases<
«
Reply #3 on:
January 01, 2019, 03:40:20 am »
Hello there,
Out of curiousity, isn't the API documented? Does opnsense developers officially support accessing the API remotely? In fact, IIRC, one of reasons why I chosen opnsense, though, if the API isn't documented, this seems tedious no?
Regards
Logged
The_Sage
Newbie
Posts: 45
Karma: 4
Re: <SOLVED> Help needed for firewall API and creating Aliases<
«
Reply #4 on:
January 01, 2019, 03:51:09 am »
As far as I can tell, most of OPNSense API is documented. BUT the firewall modules still use legacy code (can't find the link to info) So to make a great product even better, the guys have started with the Aliases first, then I think they move on to the actual firewall itself. So, therefore, this API is NOT documented yet. The article mentions following the code to find how it works. I posted what I could work out hoping it may help someone until the conversion is finished.
I still have a problem with the FLUSH table API call it comes back DONE but nothing is deleted and with creating an empty Alias and trying to add an IP address to it.
I will wait in anticipation for future developments from the team.
Keep up the good work team.
Logged
guest19757
Guest
Re: <SOLVED> Help needed for firewall API and creating Aliases<
«
Reply #5 on:
January 01, 2019, 03:57:36 am »
Oh okay, I haven't begun any work on testing API, this is just for Hobby testing, I'll keep that in mind when I get around to it. Though, I wonder how easy it is setup a development environment with opensense code base.
Thanks for info.
Regards
Logged
The_Sage
Newbie
Posts: 45
Karma: 4
Re: <SOLVED> Help needed for firewall API and creating Aliases<
«
Reply #6 on:
January 01, 2019, 03:59:51 am »
I use JetBrains PHPStorm, but it is best to quiz the devs.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
18.7 Legacy Series
(Moderator:
fabian
) »
<SOLVED> Help needed for firewall API and creating Aliases<