Is it possible to create firewall rules in PfSense by script or with an API ?
-
I'am working on a virtualisation project (with VMWARE ESX) where we deploy all servers (OS and specific software) and network components (VLAN, Load-Balancing Rules, …) automatically by script. But we don't have solution for the firewalls.
I'am looking for a firewall with an API to enable the creation of new rules by script from outside the PfSense machine.
Is there a way to do that with PfSense ?
Thanks
-
from outside the PfSense machine.
That will be the part that gets you.
There are ways to create rules, but none that I would call an "API" and certainly not anything meant to be called remotely.
You can look at the recent additions to the dashboard package, the "Easy Rule" stuff, for some pointers, but that still isn't something I'd recommend implementing in an automated fashion.
-
May be creating config.xml off-site, pushing it into pfSense and reloading config?
config.xml has very straightforward syntax. -
Thank you for these answers.
Il will try the new dashboard package.And about modifying config.xml and reloading the config, do you know if, when you reload the config , the current sessions will be cut or not ?
-
IMHO uploading a changed config.xml requires a reboot.
I tend to believe that current sessions will be cut then. :)Another route to go might be the centralized management interface that popped up as a bounty several times already and never was finished. I think it's withdrawn but look in the bounty section.
