is there a way to make aliases set with /sbin/pfctl command persistent ?

[shade_ch]

Hello,

I have a script which updates an alias twice a day (it replaces its content with a list of IPs taken from various sources). The script and cron job both (seem to) work fine. I only have one issue: if the opnsense box is rebooted, the alias is empty, it does not keep the last values which have been set by the script.

Here is the last part of the script which updates the alias:

Code Select Expand


# Update table from temp file
RESULT=`/sbin/pfctl -t ${ALIAS_NAME} -T replace -f ${TMP_FILE} 2>&1`


Is there a way to make this persistent in order to not have an empty list after reboot ? Is there another problem (such as alias flush at reboot) ?

Thank you in advance!

[Maurice]

There is an API which you can use for handling aliases: https://docs.opnsense.org/development/api/core/firewall.html

Cheers
Maurice

[meyergru]

1. If you have a cron job which updates the tables, why don't you use an @reboot entry in crontab to call that update script on reboot as well?

2. If the file is from a URL, you could as well use one or more "URL Table (IPs)"-type alias(es).

[shade_ch]

There is an API which you can use for handling aliases: https://docs.opnsense.org/development/api/core/firewall.html

Cheers
Maurice

Once again, thanks a lot Maurice.

[shade_ch]

1. If you have a cron job which updates the tables, why don't you use an @reboot entry in crontab to call that update script on reboot as well?

2. If the file is from a URL, you could as well use one or more "URL Table (IPs)"-type alias(es).

Hi,
1. This is what I'm doing, but it's a workaround
2. No it isn't, it is built from multiple sources that are processed/filtered