Project

General

Profile

Actions

Feature #14710

open

Possible Idea for new firewall feature "ACL CONNECTED RED LED FLAG FEATURE"

Added by Jonathan Lee over 1 year ago. Updated over 1 year ago.

Status:
New
Priority:
Low
Assignee:
-
Category:
New Package Request
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:

Description

Hello fellow Netgate pfSense Redmine community members,

I wanted to share this with you all to see if this is anything that could be tied directly into the GUI firewall rules page.

RULE BASE FLAGGING VIA VISUAL LED ON FRONT PANEL

Value addon: Increase in visibility for specific firewall rules and or devices that are connecting without any changes to hardware. Can be coded to only work with dormant non utilized LEDS.

Example:
Example of what can occur: .... Drifting off into dreamland ....

It's 11pm and someone turns on a gaming system, you know this individual has a test or maybe a soccer game tomorrow, all the sudden your firewall'a state established LED turns on and glows red.

I sprang from my bed to see what was the matter. Away to the TV I flew like a flash, tore open the door, and went with dash. When, what to my wondering eyes should appear, the little one again with game controller in hand. Now little one, you stand with a solemn face... go to bed ! Go to bed! Go back to bed now!"

Reality this is a possible way to tie LEDS directly into a rule id within the ACL list

You could even tie this into VPN rules or anything you wanted to alarm you.

I have tested this and it does work with cron

deviceonlinenight.sh

#!/bin/sh
pfctl -vvss | grep ', rule 79' >/dev/null
res=$?
if [ $res = 0 ];
then
sysctl -q dev.gpio.2.led.0.pwm=1
gpioctl -f /dev/gpioc2 0 duty 200 >/dev/null
sysctl -q dev.gpio.2.led.1.pwm=1
gpioctl -f /dev/gpioc2 3 duty 200 >/dev/null
sysctl -q dev.gpio.2.led.2.pwm=1
gpioctl -f /dev/gpioc2 6 duty 200 >/dev/null
else
sysctl -q dev.gpio.2.led.0.pwm=1
gpioctl -f /dev/gpioc2 0 duty 0 >/dev/null
gpioctl -f /dev/gpioc2 1 duty 0 >/dev/null
gpioctl -f /dev/gpioc2 2 duty 0 >/dev/null
sysctl -q dev.gpio.2.led.1.pwm=1
gpioctl -f /dev/gpioc2 3 duty 0 >/dev/null
gpioctl -f /dev/gpioc2 4 duty 0 >/dev/null
gpioctl -f /dev/gpioc2 5 duty 0 >/dev/null
sysctl -q dev.gpio.2.led.2.pwm=1
gpioctl -f /dev/gpioc2 6 duty 0 >/dev/null
gpioctl -f /dev/gpioc2 7 duty 0 >/dev/null
gpioctl -f /dev/gpioc2 8 duty 0 >/dev/null
fi

deviceonlineday

#!/bin/sh
pfctl -vvss | grep ', rule 79' >/dev/null
res=$?
if [ $res = 0 ];
then
sysctl -q dev.gpio.2.led.1.pwm=1
gpioctl -f /dev/gpioc2 3 duty 100 >/dev/null
sysctl -q dev.gpio.2.led.2.pwm=1
gpioctl -f /dev/gpioc2 6 duty 100 >/dev/null
else
sysctl -q dev.gpio.2.led.1.pwm=1
gpioctl -f /dev/gpioc2 3 duty 0 >/dev/null
sysctl -q dev.gpio.2.led.2.pwm=1
gpioctl -f /dev/gpioc2 7 duty 100 >/dev/null
fi

Ref researching:
https://forum.netgate.com/topic/182391/2100-led-question
https://forums.freebsd.org/threads/bin-sh-how-to-save-a-shell-command-output-into-a-string-variable.90088/
https://github.com/luckman212/Netgate-SG2100-scripts
https://www.zacharyschneider.ca/2019/12/customizing-leds-netgate-sg-3100/
https://forum.netgate.com/topic/122407/netgate-sg-3100-leds?ref=zacharyschneider.ca


Files

IMG_20230824_104757565.jpg (2 MB) IMG_20230824_104757565.jpg Researching proof of concept with RED led activated Jonathan Lee, 08/25/2023 01:11 AM
IMG_20230824_220920858.jpg (1.6 MB) IMG_20230824_220920858.jpg Three LED test with device online test completed Jonathan Lee, 08/25/2023 03:59 PM
IMG_20230825_171454810.jpg (1.17 MB) IMG_20230825_171454810.jpg Purple Jonathan Lee, 08/26/2023 12:18 AM
Actions

Also available in: Atom PDF