Hi,

Just test the API against a pfsense 2.3.2-RELEASE-p1 with bash cli.
I obtain the fauxapi-auth, but the curl process gives no response, with no error message.

I setup the package as describe from your github(download package and install it manually).

if i remove the silent option from curl command :

% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:39 --:--:-- 0

No data is transmitted...

Thanks for your help

Hi,

Firstly, I think this is great, thanks for the initiative!

I was wondering - could you confirm if for config changes, I would need to supply the entire modified config in the payload? Lets say I want to modify my aliases, would I need to make the modification to the json file in its entirety, and then submit it?

Thanks!
James

It would be nice if get/status API calls do not log or if logging can be disabled for those. Our general system log is now clogged up with API calls (gateway_status).

API calls which change the config should always be logged.

I am currently writing a client for managing the "Host Overrides" table in "Services/DNS Forwarder" page and I succeed in posting a new JSON format configuration file via the config_set() API, which is proven by the instant change of table revealed in the web page (after my client emit that config_set() API).

However, it seems that though the shown table in the web page changes, the actual DNS behavior does not change as expected. Therefore, I am wondering if there is some mechanism I had ignored, like pressing the "apply" button when I manually change the table in the web page.

Another question: I still do not understand the difference between config_set() and config_reload(). The docs say that the former will call the latter when the code is "written and tested". What does it mean?

Thanks

Could you please provide uninstall instructions please? I didn't see them anywhere, and it's not showing up in the package manager.

Thanks!

I'm using PFSense 2.3.4 with the latest FauxAPI and have setup my crenditials.ini with the correct information. However, my authentication keeps telling me I have an invalid hash from the debug's and Postman but it should be valid.

Thanks.

Hello,
It would be nice if this API would have a call for retrieving the status of all interfaces and gateways (including up/down, uptime for PPPoE, last ping delay, packetloss, all the stuff pfSense measures).
Has anyone looked into this? Does anyone know where this data is saved? I may look into implement this myself, I really need it. Please share anything you may already know about this.

Kind regards.

Hi, I've been trying to authenticate using your guide to no avail.

As per the below:

fauxapi-auth: <apikey>:<timestamp>:<nonce>:<hash>

For example:-
fauxapi-auth: PFFA4797d073:20161119Z144328:833a45d8:9c4f96ab042f5140386178618be1ae40adc68dd9fd6b158fb82c99f3aaa2bb55

I have the following code:

apisecret="longsecrethere"
timestamp=`date +%Y%m%dZ%H%M%S`
nonce="**what is this and how do i get it?**"
hash=`echo ${apisecret}${timestamp}${nonce} | shasum -a 256 | tr -d "[:space:]-"`

curl -X GET --silent --insecure --header "fauxapi-auth: PFFAwZz0dFMaX1nrlr095Ei2:${timestamp}:${nonce}:${hash}" "https://192.168.1.1/fauxapi/v1/?action=rule_get"

With the above I'm getting failed auth. Any help on how to use the mentioned is appreciated

How could i add/remove/list all the dns hosts overrides ?
Can you give me a example, thank you.

Hello,
i try to take an function_call in bash but i got the error "api action is not defined" ...
i tried as curl call to but its the same error.

any idea?
thanks

Hi there! First things first, awesome work on this one!

I would like to know if I can get the equivalent of the pfctl -vvs rules command from the faux_api call, but the call does pfctl -sr -vv instead. Is there any way I can amend this to use the option I need?

Need this because the -vvs gives a nice list with the rule number included, while -sr -vv does not. I need this so I am able to parse the rules according to its rule number in a single call. Any help would be appreciated

Following is the command,

curl -X POST --silent --insecure --header "Content Type: application/json" --header "fauxapi-auth:XXX" http://XX.XXX.XXX.XX:XXXX/fauxapi/v1/\?action=function_call --data '{"function":"easyrule_block_host_add","args":["XXX.XXX.XXX.XX/32","wan","inet"]}'

Fatal error: Call to undefined function ifridx() in /etc/inc/easyrule.inc on line 158

Call Stack:
0.0001 119380 1. {main}() /usr/local/www/fauxapi/v1/index.php:0
0.0022 290008 2. fauxapi\v1\fauxApi->function_call() /usr/local/www/fauxapi/v1/index.php:32
0.0022 290480 3. fauxapi\v1\fauxApi->__call() /usr/local/www/fauxapi/v1/index.php:32
0.0035 297880 4. fauxapi\v1\fauxApiActions->function_call() /etc/inc/fauxapi/fauxapi.inc:83
0.0036 298416 5. fauxapi\v1\fauxApiPfsenseInterface->function_call() /etc/inc/fauxapi/fauxapi_actions.inc:388
0.0092 402684 6. call_user_func_array:{/etc/inc/fauxapi/fauxapi_pfsense_interface.inc:689}() /etc/inc/fauxapi/fauxapi_pfsense_interface.inc:689
0.0092 402996 7. easyrule_block_host_add() /etc/inc/fauxapi/fauxapi_pfsense_interface.inc:689
0.0096 404376 8. easyrule_block_rule_create() /etc/inc/easyrule.inc:289

I has been resolved by adding "require_once('filter.inc');" in easyrule.inc

I have a simple example that is simply trying to print a config_get() and I get the following error.

requests.exceptions.ConnectionError: HTTPSConnectionPool(host='192.168.1.1', port=443): Max retries exceeded with url: /fauxapi/v1/?action=config_get& (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f6871baeba8>: Failed to establish a new connection: [Errno 110] Connection timed out'))

Code is below

#!/usr/bin/python
import os, sys, json
from PfsenseFauxapi.PfsenseFauxapi import PfsenseFauxapi

def usage():
    print()
    print('usage: ' + sys.argv[0] + ' <host>')
    print()
    print('pipe JSON output through jq for easy pretty print output:-')
    print(' $ ' + sys.argv[0] + ' <host> | jq .')
    print()
    sys.exit(1)

if(len(sys.argv) != 2) or not os.getenv('FAUXAPI_APIKEY') or not os.getenv('FAUXAPI_APISECRET'):
    usage()

# config
fauxapi_host=sys.argv[1]
fauxapi_apikey=os.getenv('FAUXAPI_APIKEY')
fauxapi_apisecret=os.getenv('FAUXAPI_APISECRET')

FauxapiLib = PfsenseFauxapi(fauxapi_host, fauxapi_apikey, fauxapi_apisecret, debug=True)


# system_stats
# =============================================================================
print(FauxapiLib.system_stats())

Checking the system logs even with debug set to true I have no indication the script was even able to reach the firewall and I don't see drops from my machine.

I checked and the time for the pfsense server and my machine are within 60 seconds of each other, let me know if any other info is needed to help with this.

Is it possible to return the pfSense version using FauxAPI? If not would be a useful function when looking to see if a box needs updating to latest version, especially in regards to security updates etc.

I'm currently trying to build a device presence detection (for integration with SmartThings) and I want to know if a device is present in the DHCP leases table (status="online").

At first it seems it's not available directly in fauxapi, but I'm wondering if it's something which can be easily added.

Since I'm definitely not familiar with PHP nor developping for pfSense (I'm a dotnet guy), I don't know where to start to add this in fauxapi.

My apologies if this is the wrong way to ask a question or make a request.

Could your API be made to get or set static DHCP mappings in pfSense?

I have a CSV of mappings I'd like to import and then have pfSense maintain them, using the pfSense Web UI to add/delete.

I'd also like to export the current mappings to a CSV to upload into my remote WiFI access points (running Tomato) so their client lists will accurately reflect the IPs and hostnames of the connected clients.

I tried to use FauxApi's patch_config , passing to it a json as data, Here's the actual command :

curl -X POST --silent --insecure -L --header "fauxapi-auth: <fauxapi-auth-val>" --header "Content-Type: application/json" --data @patch.json "http://192.168.100.2/fauxapi/v1/?action=config_patch"

The reason for -L is to allow forwarding (due to the pfsense having been moved) , The is dynamically generated (the problem is not related to authentication).

The error i keep getting is :
PHP ERROR: Type: 4096, File: /etc/inc/fauxapi/fauxapi_pfsense_interface.inc, Line: 135, Message: Argument 2 passed to fauxapi\v1\fauxApiPfsenseInterface::array_merge_recursive_distinct() must be of the type array, null given, called in /etc/inc/fauxapi/fauxapi_pfsense_interface.inc on line 121 and defined @ 2018-10-27 01:39:36

To be sure. the file patch.json is existing in the same path where i'm running the command, and has a valid json of a new list of CA's

Many addon packages have files in that directory. It would be helpful to allow included files form that directory as well.

Sorry for opening these issues... wasn't sure how else to communicate. I'm developing an EventGhost plugin using your fauxapi library provided here. I really need to be able to set firewall rules (such as enable/disable existing rules) much like you do when you get the rules providing the rule number. Do you know if this is possible? This would be so very helpful! I understand you could pull/modify/restore the entire configuration, and then reboot - but I need something much quicker - like set the rule, then do a filter reload kind of thing. TIA

Hi,
I am facing some confusion regarding this play how to create API string i am trying to sync this firewall with 3rd party tool.

Here is my Credentials. ini file config.

;; PFFAexample01 is hardcoded to be inoperative
[PFFAfahad09800552]
secret = 8897562242abcdefghijklmnopqrtsuvwxyz09812345
permit = alias_, config_, gateway_, rule_, send_, system_, function_*
comment = PFFAfahad09800552 - hardcoded to be inoperative

How i can check this one working? What is the roll of Python in it? What next configuration i need to do after this? How this API string create in below format?

fauxapi-auth: PFFA4797d073:20161119Z144328:833a45d8:9c4f96ab042f5140386178618be1ae40adc68dd9fd6b158fb82c99f3aaa2bb55

Is this example Auth ??

Just getting started with this package and noticed it's exec'ing curl like this: curl --silent --insecure "http://127.0.0.1/index.php?__fauxapi_callid=5b8ac08e9846d\

This causes the app to stall for me as I run the webgui on 8080. If we could make that a bit more dynamic that would be great. Thanks!

Took me some time to find the problem:

From README.md:

echo PPFA`head /dev/urandom | base64 -w0 | tr -d /+= | head -c 20`

Should be:

echo PFFA`head /dev/urandom | base64 -w0 | tr -d /+= | head -c 20`

Hello,

Is there any intentions on adding the ability to update the PFsense server via this API?

We have a few hundred PFsense's deployed throughout our environments, and let me tell you. That is one of the largest saviors of time we could possibly get.

curl -X POST --silent --insecure --header "Content Type: application/json" --header "fauxapi-auth:XXX" http://XX.XXX.XXX.XX:XXXX/fauxapi/v1/\?action=function_call --data '{"function":"easyrule_block_host_add","args":["XXX.XXX.XXX.XX/32","wan","inet"]}'

Above command adds

Alias

with the name

"WAN"

and also creates

Rule

in rules section. But if I change the 2nd argument (i.e. int) with something different name function only creates the alias but no rules get added.
Also its very vague if the network gets blocked even if the alias and rule added with 'WAN' name. I need to change the name manually by GUI to make blocking work 100%.

Hi,
My API call for system_stats, config_reload, etc are working fine but it fails for config_get and rule_get. In the logs I can see the request reaches pfsense and also it is a valid request, but after about a min it says authentication failed 401 Unauthorized because of timeout.
This is my request:
curl -k -s -X GET -H "fauxapi-auth: ${fauxapi_auth}" http://${fauxapi_host}/fauxapi/v1/?action=rule_get

Note: Just to add, I am using http instead of https because I was getting certificate issues with https.

rule_update Rule_ID(1) type:(UDP/TCP/ICMP/ALL/OTHER) Port(80;443;21:22) Description (TEST)
return (True?False)

rule_create type:(UDP/TCP/ICMP/ALL/OTHER) Port(80;443;21:22) Description (TEST)
return (Rule_ID?-1)

rule_delect Rule_ID(1)
return (True?False)

rule_search source(192.168.1) || destination(192.1681.2)
return Serialization(List)

I would argue that marking the library usable as an ansible module would make it even more valuable for configuration management.

Are there any functions to do the following:
1) create a user certificate '/system_certmanager.php?act=new'
2) create an openvpn client specific override '/vpn_openvpn_csc.php?act=new'
3) exporting the client certificate package '/vpn_openvpn_export.php'

Hi everybody!
I would like to compliment you greatly on your work.

I'm trying to authenticate users on the captive portal using function_call with portal_allow function.
Unfortunately it doesn't works.

I think the problem is the cpzone, with portal_allow called by the API PfSense doesn't recognize in which zone I want to authenticate the user.

Is there anybody who can help me?

Hi,
I have created config backups for applying rules to WAN interface.
Backup1.xml : Apply icmp and tcp pass rules on WAN
Backup2.xml : Remove icmp and tcp pass rules on WAN

I am calling the backup files using config_restore, the configurations are reflected in config.xml but the rules are not working on the interface. I tried config_reload too, but that's not working too.

HI,

I was trying to create a user with fauxapi. From dev shell you can create a new user by running the following command:

$config['system']['user'][] = <name>

The only .inc file that makes sense of creatin a user is auth.inc line 480.
I have tried with several functions with the method function_call() from fauxapi, but it doesn't create the user.
Have you been able to generate a user via fauxapi? I have been trying all day, eventhough the function is passing the arguments properly, and in the debugging is showing but the 200 ok, the user is not being created. Fo you have any clue on how to do this?

Best regards,

Jose Gerardo Pineda

I am unable to understand these two terms. in first apikey is being used while taking taking hash apisecret is being used.

fauxapi-auth: :::
= sha256()

What if i use below as it is. I use it, it gives no error.

curl
-X GET
--silent
--insecure
--header "fauxapi-auth: PFFA4797d073:20161119Z144328:833a45d8:9c4f96ab042f5140386178618be1ae40adc68dd9fd6b158fb82c99f3aaa2bb55"
"https://192.168.10.10/fauxapi/v1/?action=config_get"

i'd like to enable/disable or toggle a firewall rule through your rest api, do you think thats possible ?

Hi,
I am entirely new to "pfsense" and "fauxApi".
I have pfsense installed in a VM and i am trying to get its config details using RESTClient.
I always get a "Unauthorized"error whenever i try to do "config_get" or any other operation.
I am pretty sure the issue is with the "fauxapi_auth" that i provide in the header but the issue is i don't understand how to solve it. I did try giving certain values in the credentials.ini file but still the same error.
It will be very helpful if anyone could provide me a solution.

Hello,

I'm using a cluster of two pfsense using the HA Sync. I create new rules without a problem on the master, but there is no HA Sync being done.

Is there a function to use to start the sync between the two devices?

Thxs

Have you thought about putting FauxAPI Python Library on PyPI, that way one can just pip install pfsense_fauxapi and have all of the dependencies (requests) and library installed super easily?

Hi,
I don’t know howw to contact you for clarification.
I hope this is a good way.
I’ve setup fauxapi to a test installation.
I’m trying to use bash client to make changes to the existing configuration and see how it works on the device.
I see the same issue with pfsense version 2.4.3 and 2.4.4.p3

I’m able to get the config using the script with
system_config=$(fauxapi_config_get ${fauxapi_host})

I’m facing two problems:
One with real alias value , on with rules patching

Real Alias Value
I’m able to change the value of an alias with
fauxapi_config_patch $fauxapi_host /root/Desktop/pfs_alias.cfg
(the file contains the json needed that changes the only alias from 192.168.204.55 to 192.168.204.54)
but the change is only aesthetical (the alis value is displayed correctly in the gui, but the value in diagnostic>Tables>Alias_name is still the old one (the only way to change it is mannually via Status>Filter Reload> Reload Filter)

Rules patching
the other problem is that when i try to patch the firewall rules (even with a unmodifyed copy of the same rules) I get an error like this one

_{
"callid": "5d4a943c378b4",
"action": "config_patch",
"message": "failed to patch config data",
"logs": [
{
"INFO": "20190807Z110500 :: fauxapi\v1\fauxApi::__call",
"DATA": {
"user_action": "config_patch",
"callid": "5d4a943c378b4",
"client_ip": "192.168.204.54"
}
},
{
"DEBUG": "20190807Z110500 :: fauxapi\v1\fauxApi::__check_user_action_call"
},
{
"DEBUG": "20190807Z110500 :: fauxapi\v1\fauxApiAuth::is_authenticated"
},
{
"DEBUG": "20190807Z110500 :: fauxapi\v1\fauxApiAuth::load_credentials"
},
{
"DEBUG": "20190807Z110500 :: valid auth for call",
"DATA": {
"apikey": "PFFATestUser",
"callid": "5d4a943c378b4",
"client_ip": "192.168.204.54"
}
},
{
"DEBUG": "20190807Z110500 :: fauxapi\v1\fauxApiAuth::is_authorized"
},
{
"DEBUG": "20190807Z110500 :: permit allows action",
"DATA": {
"action": "config_patch",
"permit": "",
"permits": [
""
]
}
},
{
"DEBUG": "20190807Z110500 :: fauxapi\v1\fauxApi::_check_user_action_call() checks all passed"
},
{
"DEBUG": "20190807Z110500 :: fauxapi\v1\fauxApiActions::config_patch"
},
{
"DEBUG": "20190807Z110500 :: fauxapi\v1\fauxApiPfsenseInterface::config_patch",
"DATA": {
"do_backup": true,
"do_reload": true
}
},
{
"DEBUG": "20190807Z110500 :: fauxapi\v1\fauxApiPfsenseInterface::config_load",
"DATA": {
"config_file": "/cf/conf/config.xml"
}
},
{
"INFO": "20190807Z110500 :: config_patch merged with current config, attempting to save"
},
{
"DEBUG": "20190807Z110500 :: fauxapi\v1\fauxApiPfsenseInterface::config_save",
"DATA": {
"do_backup": true,
"do_reload": true
}
},
{
"DEBUG": "20190807Z110500 :: fauxapi\v1\fauxApiPfsenseInterface::config_backup",
"DATA": "/cf/conf/config.xml"
},
{
"DEBUG": "20190807Z110500 :: fauxapi\v1\fauxApiPfsenseInterface::get_next_backup_config_filename",
"DATA": {
"type": "pfsense"
}
},
{
"DEBUG": "20190807Z110500 :: fauxapi\v1\fauxApiPfsenseInterface::config_load",
"DATA": {
"config_file": "/cf/conf/config.xml"
}
},
{
"DEBUG": "20190807Z110500 :: fauxapi\v1\fauxApiPfsenseInterface::config_load",
"DATA": {
"config_file": "/cf/conf/backup/config-1565168700.xml"
}
},
{
"DEBUG": "20190807Z110500 :: fauxapi\v1\fauxApiPfsenseInterface::config_load",
"DATA": {
"config_file": "/cf/conf/config.xml"
}
},
{
"DEBUG": "20190807Z110500 :: attempting to (re)load a temp copy of the config supplied",
"DATA": {
"config_temp_file": "/tmp/fauxApi_wpSDSf"
}
},
{
"DEBUG": "20190807Z110500 :: fauxapi\v1\fauxApiPfsenseInterface::config_load",
"DATA": {
"config_file": "/tmp/fauxApi_wpSDSf"
}
},
{
"ERROR": "20190807Z110500 :: saved config does not match config when saved and reloaded"
}
]
}

Thanks for any suport you can provide.

I noted a very similar issue #2 and I am sending (via bash client for testing currently) the full json document that was previously retrieved, with the sections added for the new VLAN/Interface (and also DHCP config) I wanted to send.

I will try to clearly lay out what I did here: -

First I set up a clean server and downloaded the config.xml using your API.

Then I added VLAN 75 on interface igb1.
I then added the interface (opt1), set an IP. (IPv4)
I then enabled DHCP Server on this interface and added a simple range.

At this point I re-downloaded config.xml and used diff to see the result of my changes above.

I then duplicated the newly added sections but changed (on the duplicate elements): -
VLAN ID from 75 to 76
IP Address to be a non-conflicting subnet.
opt1 to opt2
and the vlan interface from igb1_vlan75 to igb1_vlan76

I then set this new config and got an OK response.
{"callid":"593b30536e267","action":"config_set","message":"ok","data":{"do_backup":true,"do_reload":true}}

When looking in the GUI after posting the new config via the API, I can see that what I added has been created but the interface shows as down.

Going in with ssh and running ipconfig shows me that it did not actually create the vlan tagged interface "igb1_vlan76"

Any idea what I did wrong?
Any help you can offer would be very much appreciated.

config-cleaned.zip

Recently upgraded PFSense to 2.4.4 and started getting the following exception using faux v1.3.3:

Fatal error: Uncaught Error: Call to undefined function fauxapi\v1\split() in /etc/inc/fauxapi/fauxapi_auth.inc:48
Stack trace: #0 /etc/inc/fauxapi/fauxapi.inc(131): fauxapi\v1\fauxApiAuth->is_authenticated() 
#1 /etc/inc/fauxapi/fauxapi.inc(63): fauxapi\v1\fauxApi->__check_user_action_call(Object(fauxapi\v1\fauxApiActions), 'config_get', Array, '')
#2 /usr/local/www/fauxapi/v1/index.php(32): fauxapi\v1\fauxApi->__call('config_get', Array)
#3 {main} thrown in /etc/inc/fauxapi/fauxapi_auth.inc on line 48 PHP ERROR: Type: 1, File: /etc/inc/fauxapi/fauxapi_auth.inc, Line: 48,
Message: Uncaught Error: Call to undefined function fauxapi\v1\split() in /etc/inc/fauxapi/fauxapi_auth.inc:48
Stack trace: #0 /etc/inc/fauxapi/fauxapi.inc(131): fauxapi\v1\fauxApiAuth->is_authenticated() 
#1 /etc/inc/fauxapi/fauxapi.inc(63): fauxapi\v1\fauxApi->__check_user_action_call(Object(fauxapi\v1\fauxApiActions), 'config_get', Array, '')
#2 /usr/local/www/fauxapi/v1/index.php(32): fauxapi\v1\fauxApi->__call('config_get', Array)
#3 {main} thrown

Hi, Do you mind if I publish this package under my unofficial pfSense repo?

https://github.com/marcelloc/Unofficial-pfSense-packages

When creating an interface with the following JSON:

{'wan': {'enable': '', 'if': 'igb0', 'descr': 'pfSYNC', 'ipaddr': '<IP>', 'subnet': '30', 'spoofmac': ''}, 'lan': {'enable': '', 'if': 'igb1', 'ipaddr': '<IP>', 'subnet': '24', 'ipaddrv6': '', 'subnetv6': '', 'media': '', 'mediaopt': '', 'track6-interface': 'wan', 'track6-prefix-id': '0', 'gateway': 'GW_LAN', 'gatewayv6': ''}, 'opt1': {'descr': 'WANBOND', 'if': 'lagg0', 'enable': '', 'spoofmac': '', 'mtu': '9000'}, 'opt2': {'descr': 'WAN', 'if': 'lagg0_vlan1112', 'enable': '', 'ipaddr': '<IP>', 'subnet': '29', 'gateway': 'WANv4GW', 'spoofmac': ''}, 'opt3': {'descr': 'VL3301Pub', 'if': 'lagg0_vlan3301', 'spoofmac': '', 'enable': 'True', 'blockpriv': '', 'blockbogons': '', 'ipaddr': '<IP>', 'subnet': '30'}}

The interfaces appear on the pfSense dashboard as down and doesn't come up unless i disable and re-enable the interface via the GUI. This occurs despite using config.reload().

Is this expected behaviour and if not, can you suggest a possible cause?

Regards,
Ochuko

Hi,

I am faicng an authenticaiton issue. I get the following error

{"ERROR":"20180712Z175234 :: apikey not defined in credential file","DATA":{"apikey":"PFFAzM7GB9aBoXSEwsAH6tZV","filename":"\/etc\/fauxapi\/credentials.ini"},"source":"fauxapi"}

My configuraiton.ini (/etc/fauxapi/configuration.ini) has the following:

[PFFAzM7GB9aBoXSEwsAH6tZV]
secret= zvhBVMGdUF3V03fJLFyMkdOTpMB7uLARwbrZm6g1DXLOPOjqOKe5oMIhOo7t
permit = permit = alias_*, config_*, gateway_*, rule_*, send_*, system_*, function_*
comment = admin token

And this is the curl call:

curl -X GET --silent --insecure --header "fauxapi-auth: PFFAzM7GB9aBoXSEwsAH6tZV:20180712Z174348:833a45d8:ae6af6e76532ca8c37edceb87f492ca827387c250998125265909b7834271961" "https://172.16.20.20/fauxapi/v1/?action=config_get&__debug=true"

I changed the values several times and the error still appears.
Could you please provide some guidance on what may be wrong?

I use config_patch to change the content of an alias and it works great but the new configuration is not active in pFsense so I would like to use a config_reload request to activate my new configuration but config_reload does not work, the request is successful but the new pfsense config is not loaded.

pfsense 2.4.4.p3

I am using the following URI
https://$pfsense/fauxapi/v1/?action=config_reload&__debug=true

The API request is successful as seen in the response:

StatusDescription : OK
Content           : {"callid":"5ce267915ba49","action":"config_reload","message":"ok","logs":[{"DEBUG":"20190520Z103841 :: fauxapi\\v1\\fauxApi::__call","DATA":{"user_action":"config_reload","callid":"5ce267915ba49","cli...
RawContent        : HTTP/1.1 200 OK
                    Transfer-Encoding: chunked
                    Connection: keep-alive
                    fauxapi-callid: 5ce267915ba49
                    Strict-Transport-Security: max-age=31536000
                    X-Content-Type-Options: nosniff
                    Content-Type: applicat...
Forms             : {}
Headers           : {Server, Transfer-Encoding, Content-Type, Date...}
Images            : {}
InputFields       : {}
Links             : {}
ParsedHtml        : mshtml.HTMLDocumentClass
RawContentLength  : 1302
PSComputerName    :xxxxxxxxxx

but nothing is logged in pfsense System Logs (despite the presence of debug=true, while config_patch is present) and my new config is not loaded.

Thanks for your help,

Hello all,

There is a possibility to manage IP Alias, with this API? I saw the option with URL Alias.

thanks

Trying to block the host using command line but getting exception,
command :
curl -X POST --silent --insecure --header "Content Type: application/json" --header "fauxapi-auth:XXX" http://xx.xxx.xxx.xx:xxxx/fauxapi/v1/\?action=function_call --data '{"function":"easyrule_block_alias_add","host":"xxx.xxx.xxx.xx","$int":"wan"}'

Response :

{"callid":"5a3ab9fa764ac","action":"function_call","message":"problem calling function","logs":[{"INFO":"20171220Z192858 :: fauxapi\v1\fauxApi::__call","DATA":{"user_action":"function_call","callid":"5a3ab9fa764ac","client_ip":"xx.xxx.xxx.xx"}},{"INFO":"20171220Z192858 :: valid auth for call","DATA":{"apikey":"PFFAwZz0dFMaX1nrlr095Ei2","callid":"5a3ab9fa764ac","client_ip":"xx.xxx.xxx.xx"}},{"ERROR":"20171220Z192858 :: function not defined as valid in function calls reference file","DATA":{"function":"easyrule_block_alias_add","function calls reference file":"/etc/fauxapi/pfsense_function_calls.txt"}}],"error":{"error":{"xdebug_message":"\nException: function not defined as valid in function calls reference file in /etc/inc/fauxapi/fauxapi_pfsense_interface.inc on line 633\n\nCall Stack:\n 0.0001 119368 1. {main}() /usr/local/www/fauxapi/v1/index.php:0\n 0.0022 289984 2. fauxapi\v1\fauxApi->function_call() /usr/local/www/fauxapi/v1/index.php:32\n 0.0022 290456 3. fauxapi\v1\fauxApi->__call() /usr/local/www/fauxapi/v1/index.php:32\n 0.0031 297616 4. fauxapi\v1\fauxApiActions->function_call() /etc/inc/fauxapi/fauxapi.inc:83\n 0.0032 298228 5. fauxapi\v1\fauxApiPfsenseInterface->function_call() /etc/inc/fauxapi/fauxapi_actions.inc:388\n"}}}

Hi
Is there a way to get the consumed speed on wan interface like the data we get under Status -> Traffic Graph?
Bandwidth In and Bandwidth Out

Thanks

Please add argument to class FauxAPIPy: to allow users to specify the port that pfsense is listening on for http and https traffic.

Hi, We wrote a client sdk in nodejs/typescript for the FauxAPI. You can find it here. Would it be a good thing to include the library in your project? If so, is a pull request the best approach for that?

I'm trying to access the function_call API by making the HTTP request using JAVA code as follows,

phpFn = 'easyrule_block_alias_getid' and fnParams='wan'

HttpURLConnection con = (HttpURLConnection)url.openConnection();
		con.setRequestProperty("fauxapi-auth", getAuth());
		con.setRequestProperty("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8");
		con.setRequestProperty("Accept-Encoding", "gzip, deflate, br");
		con.setRequestProperty("Accept-Language", "en-US,en;q=0.9,hi;q=0.8");
		con.setRequestProperty("Cache-Control", "max-age=0");
		con.setRequestProperty("Connection", "keep-alive");
		con.setRequestProperty("Upgrade-Insecure-Requests", "11");
		con.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36");
		con.setRequestProperty("Origin", "");
		con.setAllowUserInteraction(true);
		con.setRequestMethod("POST");
		con.setDoInput(true);
		con.setDoOutput(true);

		OutputStream os = con.getOutputStream();
		BufferedWriter writer = new BufferedWriter(
		        new OutputStreamWriter(os, "UTF-8"));
		writer.write("{\"function\":\""+phpFn+"\",\"int\":\""+fnParams[0]+"\"}");
		writer.flush();
		writer.close();
		os.close();
		con.connect();

same code works for the

get_services
function of the

function_call

API.