Reload firewall rules via SSH
-
Hello,
I've been spending my afternoon writing a small script in python in order to automate some operation regarding PFSense and my Home Network. The script is executed on another machine than the PFSense gatway.
Basically what I'm doing:
-
Get the IP from an OpenVPN tunnel interface (parsed from the SSH greetings)
-
Generate a port number from that address
-
SCP the config.xml file PFSense -> machine
-
Replace the port in an existing NAT rule (config.xml)
-
Replace the port in an existing filter rule (config.xml)
-
Do some other call on another system in order to configure that port
-
SCP the config.xml file machine -> PFSense
-
rm -Rf /tmp/config.cache on pfsense
Things are going fine, for most of it, but the firewall rule doesn't seem to apply before I go in the webconfigurator and force the reload of the rules. I've found this: http://doc.pfsense.org/index.php/How_can_I_reload_the_config_after_manually_editing_config.xml%3F, giving me a path of solution. Needless to say I'd like to avoid writing HTTP calls and manage the authentification for that very simple call. Is there anything I can call through SSH that would do the same thing?
FYI: I'm using a snapshot of PfSense2.1
Thanks in advance,
-
-
/etc/rc.filter_configure
-
That seems the only part that was missing. Thanks a lot!
