4. Shell creation of VLAN Interfaces, assign names, create firewall rules, add dhcp

Shell creation of VLAN Interfaces, assign names, create firewall rules, add dhcp

  • M

    Hello all
    I'm currently facing the order to create new VLANs on a regular basis (on one host NIC). With any VLAN comes creation of a static firewall ruleset, adding dhcp + dns + ntp to it and name the function accordingly.
    Because I create the VLANs (Trunking and co) via ssh on the switches it would be great (and saves me about 15 min work) to do such a standard work via shell. I found a lot of ways via GUI, but for such tasks I find shell perfect and it's quite more errorprone than doing it manual.
    I'm using V2.4.1 on a XG2758.
    Is there a discription/docu how to do the GUI Stuff via shell?
    Currently it runs this way:
    a) creation of the VLAN Interface and assign the right NIC
    b) enable the Interface and assign IP/name/Stat. IP/Limit it to IPv4
    c) create 3 basic FW rules (one with an Alias)
    d) enable DHCP, setting ranges, assign suffix+name
    e) enable DNS Resolver for than VLaN
    f) enable NTP  for than VLaN

    Cheers
    Michael

    0
  • M

    Hi folks
    is this the wrong focus group or is this shell creation stuff so unusual?
    Cheers
    Michael

    0

  • Unusual? Don't know but I had a Cisco certification now expired but hated CLI, call me a "picture" guy much rather point and click.

    Found THIS:  https://doc.pfsense.org/index.php/Using_the_PHP_pfSense_Shell

    0
  • M

    Hello SammyWoo
    then you will remember the reverse-poisoning just as well the split-hoizon. My CSA is long ago (2001) and I surely forgot all the nuts and bolts. GUI dominates (everywhere) no question about it.
    The CLI is great for redoing complex tasks. In the past small failures /TCP instead of UDP forwarding, x-address instaed of x-network used, …) in the FW rules accured, the naming was not the standard, DNS was forgotten or DNS search suffix wrong (we have about 150 VLANs now and still growing fast ...). Shell skripts shall help make it more easy to administrate it.
    The PHP Shell is surely the way it should go, but the syntax is quite well hidden/not documentated. Is there a -vvv Version available or (more to my likeing) examples? The FW rules seems not mentioned there at all.

    Cheers and thanks for the startup!
    Michael

    0
  • M

    Hi folks
    again: is there a more expanded or sampled php_shell explanation?
    Important is the
    -VLAN creation
    -assigning VLAN+Naming it
    -enable DHCP+setting the right suffixes
    -enable NTP
    -enable DNS
    -copy or create FW rule set

    Cheers
    Michael

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy