That's Cool Nishant
Does the
write_config("Alias updated by CLI script");
also bring the change live ?
Claus
-----Original Message-----
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Nishant Sharma
Sent: Saturday, November 5, 2016 2:25 PM
To: list@lists.pfsense.org
Subject: Re: [pfSense] FW: Programatically add IP to Alias
Hi Claus,
Here is a small script that I use to modify alias entries on around 60
firewalls in one go.
If you want to append IP to the alias then you will need to query the
alias values first and then add the new IP to already existing string of
IPs.
Hope it helps.
Regards,
Nishant
========================
#!/bin/bash
for i in {1..10}
do
echo "Connecting to 172.16.${i}.1..."
SSHPASS=your_password sshpass -e ssh -o "ConnectionAttempts 1" \ -o
"ConnectTimeout 5" -o "StrictHostKeyChecking no" -l root 172.16.${i}.1\
/usr/local/sbin/pfSsh.php <<END
global \$config;
global \$mykey;
\$config = parse_config(true);
foreach (array_keys(\$config['aliases']['alias']) as \$key) {
if (\$config['aliases']['alias'][\$key]['name'] === 'ALIAS NAME') {
\$mykey = \$key;
echo "\$attr ";
echo \$config['aliases']['alias'][\$key][\$attr];
echo "\n";
echo "Setting address...\n";
\$config['aliases']['alias'][\$key]['address'] = "IP1 IP2 IP3\
IP4 IP5";
}
}
print_r(\$config['aliases']['alias'][\$mykey]);
write_config("Alias updated by CLI script");
echo "done. \n";
exec;
exit
END
echo "RESULT: 172.16.${i}.1 = $?"
done
==============================
On Saturday 05 November 2016 06:19 PM, Claus@pfSense wrote:
> Hi
>
> I never got an answer on my question back then, but maybe someone can help me
> now.
>
> Basically I want to run a service on the firewall or another system, that let
> me silently tell/ask the firewall (using PSK and OTP) to add my IP to a
> group/alias.
> That group/alias would the grant me other access for a timelimited period.
> Kind of a 2FA.
>
> So if I could find a way to do 1-2 below from the pfSense command line I
> could easily build the rest.
>
> Maybe there are existing addon's that supports this without going fullblown
> VPN.
>
> Thanks
> Claus
>
> -----Original Message-----
> From: list-boun...@lists.pfsense.org [mailto:list-boun...@lists.pfsense.org]
> On Behalf Of Claus Bruun
> Sent: Tuesday, March 13, 2012 3:39 PM
> To: pfSense support and discussion <list@lists.pfsense.org>
> Subject: Re: [pfSense] Programatically add IP to Alias
>
> Sorry for being unclear.
>
> I would
>
> 1) like to modify a pfSense-alias from command line.
> 2) tell pfSense to pick-up the change and go live from command line.
>
> Thanks
> Claus
>
> -----Original Message-----
> From: list-boun...@lists.pfsense.org [mailto:list-boun...@lists.pfsense.org]
> On Behalf Of Chris Buechler
> Sent: Tuesday, March 13, 2012 2:39 PM
> To: pfSense support and discussion
> Subject: Re: [pfSense] Programatically add IP to Alias
>
> On Mon, Mar 12, 2012 at 6:04 PM, Claus@pfSense <pfse...@mail-fwd.archie.dk>
> wrote:
>> Any comments on this one ?
>>
>
> I don't think it's very clear what you're attempting to do, at least not to
> me, maybe if you can clarify what you're doing and why someone will have some
> feedback.
> _______________________________________________
> List mailing list
> List@lists.pfsense.org
> http://lists.pfsense.org/mailman/listinfo/list
> _______________________________________________
> List mailing list
> List@lists.pfsense.org
> http://lists.pfsense.org/mailman/listinfo/list
> _______________________________________________
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold
>
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
