pfSense API?

  • I have been wanting to automate certain tasks on pfSense. Some of the tasks like firewall rules can be controlled via Schedules; however, there are other use cases where public APIs access into pfSense would be awesome. Two such scenarios, among others, I can think of are:

    • Automate VPN Connections: I would like to switch my VPN provider servers on a daily basis. My OpenVPN config currently has a static entry for the server host. I would like to 1) Stop VPN Client 2) Change server host entry 3) Start VPN Client without manually changing the entry. For example, every day at 11 pm, switch to one of the servers in the "server list". How to best accomplish this task? Should it be scripted so that the script calls the appropriate PHP code and passes in the arguments? Or are there any pfSense APIs to accomplish similar tasks?

    • I've been thinking about an extensible iOS app that would allow native pfSense management capabilities (instead of using a browser-based interaction on a smartphone). What would be nice is to have a baseline/most common management activities and then custom controls that can be added by the user.

    For now, I need a quick & dirty way of controlling my/changing my VPN configuration to reflect new VPN provider servers. What's the best way?

  • Hi,

    The question is known . Check pfsense API.
    Not something for tomorrow, it's a huge job, and needs an entire GUI internal rewrite (like the GUI will be using also the API to handle ALL settings).

    HP code and passes in the arguments? A huge hassle I guess.
    A local scripts that read the concerned VPN section in the config file, changes, sets the Disable flag for one VPN server, and resets (removes) the same flag for another server. The write back your changes. Then a "reload_filters".
    Maybe you should stop the VPN server first - do what I said above, and start VPN.

Log in to reply