Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Is it possible to create firewall rules in PfSense by script or with an API ?

    Firewalling
    4
    5
    8.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      prospy
      last edited by

      I'am working on a virtualisation project (with VMWARE ESX) where we deploy all servers (OS and specific software) and network components (VLAN, Load-Balancing Rules, …) automatically by script. But we don't have solution for the firewalls.

      I'am looking for a firewall with an API to enable the creation of new rules by script from outside the PfSense machine.

      Is there a way to do that with PfSense ?

      Thanks

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        @prospy:

        from outside the PfSense machine.

        That will be the part that gets you.

        There are ways to create rules, but none that I would call an "API" and certainly not anything meant to be called remotely.

        You can look at the recent additions to the dashboard package, the "Easy Rule" stuff, for some pointers, but that still isn't something I'd recommend implementing in an automated fashion.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • E
          Eugene
          last edited by

          May be creating config.xml off-site, pushing it into pfSense and reloading config?
          config.xml has very straightforward syntax.

          http://ru.doc.pfsense.org

          1 Reply Last reply Reply Quote 0
          • P
            prospy
            last edited by

            Thank you for these answers.
            Il will try the new dashboard package.

            And about modifying config.xml and reloading the config, do you know if, when you reload the config , the current sessions will be cut or not ?

            1 Reply Last reply Reply Quote 0
            • jahonixJ
              jahonix
              last edited by

              IMHO uploading a changed config.xml requires a reboot.
              I tend to believe that current sessions will be cut then.  :)

              Another route to go might be the centralized management interface that popped up as a bounty several times already and never was finished. I think it's withdrawn but look in the bounty section.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.