has a completely redesigned user interface since several versions. All settings can be easily reached and adjusted with this interface. The freely configurable dashboard is also a fine thing. However, there is sometimes the case that you would like to make settings via an API or the command line. pfSense does not currently have an API, this will only be available in one of the upcoming versions. Until then you can use the pfSense developer shell, also called . pfSense pfSsh.php Accessing pfSsh.php The fastest way to get to the developer shell is to connect to pfSense via SSH or directly connect a screen to the firewall. If SSH is not yet activated, you can do this in the web interface under . System → Advanced It is better to forbid logging in with a password and only allow logging in with a certificate. If the SSH access is activated, you can now log in with the admin user (adjust IP): $ ssh admin@192.168.1.254 Under point 12 you will find the developer shell, which is basically a PHP shell. Example commands for pfSsh.php Here are some sample commands to show you how to use the shell. Each input is normal PHP code and must be completed with . exec; Show DHCP settings pfSense shell: print_r($config["dhcpd"]);pfSense shell: exec;Array([lan] => Array([range] => Array([from] => 10.0.1.7[to] => 10.0.255.245) ) ) Set domain pfSense shell: $config[‘system’][‘domain’] = ‘mydomain.com’;pfSense shell: write_config();pfSense shell: exec; Execute regular shell commands Within the PHP shell you can also execute normal shell commands by placing a “!” in front of it: pfSense shell: ! cat /etc/versionpfSense shell: exec;2.4.3-RELEASE “Record” and “Playback” Commands With pfSsh.php you can also “record” several commands and “playback” them later. These so-called sessions are useful for recurring tasks. An example: pfSense shell: record echoTestRecording of echoTest started.pfSense shell: echo “This\n”;pfSense shell: echo “is\n”;pfSense shell: echo “a\n”;pfSense shell: ! echo “test\n”pfSense shell: exec;pfSense shell: stoprecordingRecording stopped. The entries are saved under and can be edited there if necessary. /etc/phpshellsessions/ The “recording” can now be played back as follows: pfSense shell: playback echoTestPlayback of file echoTest started.Theisatest pfSense shell: or directly from the root shell: $ pfSsh.php playback echoTest Conclusion pfSsh.php is a useful tool for automating pfSense with scripts or making customizations. Especially if you manage multiple instances or need a certain setup over and over again, pfSsh.php is a great help. For example, you can pack all settings (i.e. PHP code) into one file, save them under and execute them, or forward the output directly to pfSsh.php: /etc/phpshellsessions/ $ ssh admin@192.168.1.254 '/usr/local/sbin/pfSsh.php' < MyConfig.txt Originally published at openschoolsolutions.org .
