Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Shell creation of VLAN Interfaces, assign names, create firewall rules, add dhcp

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 2 Posters 787 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      michael_samer
      last edited by

      Hello all
      I'm currently facing the order to create new VLANs on a regular basis (on one host NIC). With any VLAN comes creation of a static firewall ruleset, adding dhcp + dns + ntp to it and name the function accordingly.
      Because I create the VLANs (Trunking and co) via ssh on the switches it would be great (and saves me about 15 min work) to do such a standard work via shell. I found a lot of ways via GUI, but for such tasks I find shell perfect and it's quite more errorprone than doing it manual.
      I'm using V2.4.1 on a XG2758.
      Is there a discription/docu how to do the GUI Stuff via shell?
      Currently it runs this way:
      a) creation of the VLAN Interface and assign the right NIC
      b) enable the Interface and assign IP/name/Stat. IP/Limit it to IPv4
      c) create 3 basic FW rules (one with an Alias)
      d) enable DHCP, setting ranges, assign suffix+name
      e) enable DNS Resolver for than VLaN
      f) enable NTP  for than VLaN

      Cheers
      Michael

      1 Reply Last reply Reply Quote 0
      • M
        michael_samer
        last edited by

        Hi folks
        is this the wrong focus group or is this shell creation stuff so unusual?
        Cheers
        Michael

        1 Reply Last reply Reply Quote 0
        • SammyWooS
          SammyWoo
          last edited by

          Unusual? Don't know but I had a Cisco certification now expired but hated CLI, call me a "picture" guy much rather point and click.

          Found THIS:  https://doc.pfsense.org/index.php/Using_the_PHP_pfSense_Shell

          1 Reply Last reply Reply Quote 0
          • M
            michael_samer
            last edited by

            Hello SammyWoo
            then you will remember the reverse-poisoning just as well the split-hoizon. My CSA is long ago (2001) and I surely forgot all the nuts and bolts. GUI dominates (everywhere) no question about it.
            The CLI is great for redoing complex tasks. In the past small failures /TCP instead of UDP forwarding, x-address instaed of x-network used, …) in the FW rules accured, the naming was not the standard, DNS was forgotten or DNS search suffix wrong (we have about 150 VLANs now and still growing fast ...). Shell skripts shall help make it more easy to administrate it.
            The PHP Shell is surely the way it should go, but the syntax is quite well hidden/not documentated. Is there a -vvv Version available or (more to my likeing) examples? The FW rules seems not mentioned there at all.

            Cheers and thanks for the startup!
            Michael

            1 Reply Last reply Reply Quote 0
            • M
              michael_samer
              last edited by

              Hi folks
              again: is there a more expanded or sampled php_shell explanation?
              Important is the
              -VLAN creation
              -assigning VLAN+Naming it
              -enable DHCP+setting the right suffixes
              -enable NTP
              -enable DNS
              -copy or create FW rule set

              Cheers
              Michael

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.