Can you enter firewall rules from command line (for injection from eleswhere)



  • We use pfSense as our firewall and would like to configure our DHCP/DNS registration system to inject firewall rules into pfSense when we set up a new device.

    Is there some kind of command line (or other) way of injecting a firewall rule that doesn't involve manually using the web interface?  (Maybe some long php string that we can pass directly to the web server?)


  • Rebel Alliance Developer Netgate

    There isn't an API for doing such things as it is.

    Though if you look at the easyrule code in 2.0 you can see how it could be done for the simple case of adding firewall rules (though deleting them would be much more difficult!)



  • @jimp:

    There isn't an API for doing such things as it is.

    Though if you look at the easyrule code in 2.0 you can see how it could be done for the simple case of adding firewall rules (though deleting them would be much more difficult!)

    pfSense 2.0?  Any idea of when we might expect that?


  • Rebel Alliance Developer Netgate

    We keep saying RC1 will drop any day now… So hopefully soon. :-)


Locked