Project

General

Profile

Actions
Copy link

Feature #16286

closed

pfSense Firewall Alias List API

Added by Josias L. Gonçalves 3 months ago. Updated 2 months ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
Aliases / Tables
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default

Description

The objective is create a API for add and remove IPs from the black list.
A agent in the other side can operate this list. The agent can be general and monitor Windows login operations (failures), IIS, nginx and others services. In Linux/BSD/OmniOS can monitor ssh, nextcloud and other services. The api is open to all kind of agents, in any language. This will extend the protection where the backend can manipulate a specific list.
The agent can be write to monitor everything in real time: fail logins on any service (can capture logs). Remove and add ips (the api can search IP before add, warning the user by api).
The agent can control what kind of penalty will be apply. Block for some hours, days, months or forever. The pfSense just receive commands from the agent.
In the future i see this be used by Aritificial Inteligences and rmm agents, controling the firewall for best security results.

For concept prove, i make a code in my github (BSD-3 clause) with this functions implemented:
https://github.com/josiaslg/pfSense_Firewall_Alias_List_API

Files

tela.png (74.5 KB) tela.png List created by the API. Accept IPv4 and IPv6. Josias L. Gonçalves, 06/25/2025 02:00 AM
Actions
Copy link
 #1

Updated by Marcos M 2 months ago

  • Status changed from New to Rejected

A native method already exists to externally manage the contents of aliases. Though the update frequency control is not fine-grained (as it would be with this) that's something that can be worked on separately.

Actions
Copy link

Also available in: Atom PDF