Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Reload firewall rules via SSH

    Scheduled Pinned Locked Moved NAT
    3 Posts 2 Posters 11.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      KarboN
      last edited by

      Hello,

      I've been spending my afternoon writing a small script in python in order to automate some operation regarding PFSense and my Home Network.  The script is executed on another machine than the PFSense gatway.

      Basically what I'm doing:

      • Get the IP from an OpenVPN tunnel interface (parsed from the SSH greetings)

      • Generate a port number from that address

      • SCP the config.xml file PFSense -> machine

      • Replace the port in an existing NAT rule (config.xml)

      • Replace the port in an existing filter rule (config.xml)

      • Do some other call on another system in order to configure that port

      • SCP the config.xml file machine -> PFSense

      • rm -Rf /tmp/config.cache on pfsense

      Things are going fine, for most of it, but the firewall rule doesn't seem to apply before I go in the webconfigurator and force the reload of the rules.  I've found this: http://doc.pfsense.org/index.php/How_can_I_reload_the_config_after_manually_editing_config.xml%3F, giving me a path of solution.  Needless to say I'd like to avoid writing HTTP calls and manage the authentification for that very simple call.  Is there anything I can call through SSH that would do the same thing?

      FYI: I'm using a snapshot of PfSense2.1

      Thanks in advance,

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        /etc/rc.filter_configure

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • K
          KarboN
          last edited by

          That seems the only part that was missing.  Thanks a lot!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.