• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

[SOLVED]Control webGUI via wget

Scheduled Pinned Locked Moved webGUI
5 Posts 2 Posters 1.1k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • H
    highc
    last edited by Jan 3, 2018, 7:54 AM Dec 24, 2017, 1:01 PM

    Hi,

    I'm trying to enable/disable a firewall rule via a script on another machine in the LAN here.

    Inspired by the docs https://doc.pfsense.org/index.php/Remote_Config_Backup, I have put the following together:

    wget -qO- --keep-session-cookies --save-cookies cookies.txt \
  --no-check-certificate https://192.168.1.1/diag_backup.php \
  | grep "name='__csrf_magic'" | sed 's/.*value="\(.*\)".*/\1/' > csrf.txt
wget -qO- --keep-session-cookies --load-cookies cookies.txt \
  --save-cookies cookies.txt --no-check-certificate \
  --post-data "login=Login&usernamefld=admin&passwordfld=pfsense&__csrf_magic=$(cat csrf.txt)" \
  https://192.168.1.1/firewall_rules.php  | grep "name='__csrf_magic'" \
  | sed 's/.*value="\(.*\)".*/\1/' > csrf2.txt
wget --keep-session-cookies --load-cookies cookies.txt --no-check-certificate \
  --post-data "if=opt1&act=toggle&id=106__csrf_magic=$(head -n 1 csrf2.txt)" \
  https://192.168.1.1/firewall_rules.php

    However, that doesn't quite do the trick, as I'm getting the following in response to the third wget:

    403 Forbidden
2017-12-24 13:58:39 ERROR 403: Forbidden.

    Not sure what the problem is?

    The link that works is https://192.168.1.1/firewall_rules.php?if=opt1&act=toggle&id=106

    Thanks for any hint!

    pfSense+ 24.03 on Netgate SG-2100 (replaced SG-2440)
    pfSense 2.6 on Super Micro 5018D-FN4T (retired)

    1 Reply Last reply Reply Quote 0
    • J
      jimp Rebel Alliance Developer Netgate
      last edited by Dec 26, 2017, 3:22 PM

      Use the same page in all three requests. Your first command still hits diag_backup.php

      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

      Need help fast? Netgate Global Support!

      Do not Chat/PM for help!

      1 Reply Last reply Reply Quote 0
      • H
        highc
        last edited by Dec 29, 2017, 2:33 PM

        Yes, sorry. That was left over from my various attempts to get it working. Also with firewall_rules.php in the first command, I get error 403.

        pfSense+ 24.03 on Netgate SG-2100 (replaced SG-2440)
        pfSense 2.6 on Super Micro 5018D-FN4T (retired)

        1 Reply Last reply Reply Quote 0
        • J
          jimp Rebel Alliance Developer Netgate
          last edited by Jan 2, 2018, 7:16 PM

          You are also missing a & between the ID and the csrf parameters in the third command.

          Plus you'll need to apply changes.

          This works:

          wget -qO- --keep-session-cookies --save-cookies cookies.txt \
  --no-check-certificate https://192.168.1.1/firewall_rules.php \
  | grep "name='__csrf_magic'" | sed 's/.*value="\(.*\)".*/\1/' > csrf.txt
wget -qO- --keep-session-cookies --load-cookies cookies.txt \
  --save-cookies cookies.txt --no-check-certificate \
  --post-data "login=Login&usernamefld=admin&passwordfld=pfsense&__csrf_magic=$(cat csrf.txt)" \
  https://192.168.1.1/firewall_rules.php  | grep "name='__csrf_magic'" \
  | sed 's/.*value="\(.*\)".*/\1/' > csrf2.txt
wget -qO- --keep-session-cookies --load-cookies cookies.txt --no-check-certificate \
  --post-data "if=opt1&act=toggle&id=28&__csrf_magic=$(tail -n 1 csrf2.txt)" \
  https://192.168.1.1/firewall_rules.php | grep "name='__csrf_magic'" \
  | sed 's/.*value="\(.*\)".*/\1/' > csrf3.txt
wget -q --keep-session-cookies --load-cookies cookies.txt --no-check-certificate \
  --post-data "apply=Apply%20Changes&__csrf_magic=$(tail -n 1 csrf3.txt)" \
  https://192.168.1.1/firewall_rules.php -O /dev/null

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • H
            highc
            last edited by Jan 3, 2018, 7:54 AM

            Indeed, that works - thank you!

            I had thought I'd need to apply changes to the rules by running /etc/rc.filter_configure via ssh, but this is even simpler.

            pfSense+ 24.03 on Netgate SG-2100 (replaced SG-2440)
            pfSense 2.6 on Super Micro 5018D-FN4T (retired)

            1 Reply Last reply Reply Quote 0
            5 out of 5
            • First post
              5/5
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
              This community forum collects and processes your personal information.
              consent.not_received