The pfSense Store

Author Topic: CLI - unattended alias change / script.  (Read 1567 times)

0 Members and 1 Guest are viewing this topic.

Offline #G#

  • Newbie
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
CLI - unattended alias change / script.
« on: October 07, 2012, 07:08:54 pm »
Hello,
pfSense is great but I cannot find an important feature.

I need to be able to change an alias IP content. I found a CLI way to create pass or block rules.
How can I edit aliases?

In my case I have a procedure for migrating a service from a server to another. It works fine but I'd like to leave the IP untouched on the OS, simply changing the alias content.

Is there or will there be a better way than editing the config.xml file?

I guess that with reg expressions it could be feasable but I'd rather have a command to use instead of a search and replace that could lead to errors.

Thanks!
G

Offline stephenw10

  • Administrator
  • Hero Member
  • *****
  • Posts: 11959
  • Karma: +469/-15
    • View Profile
Re: CLI - unattended alias change / script.
« Reply #1 on: October 08, 2012, 02:04:21 am »
For some reason you don't want to use the webgui? You need to do this unattended?

Steve

Offline #G#

  • Newbie
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Re: CLI - unattended alias change / script.
« Reply #2 on: October 10, 2012, 09:46:43 am »
Hello,
I need this to run from a script connecting to pfSense box through ssh via sshkeys, so yes :) I need it unattended!

My config is currently:
<aliases>

   <alias>
      <name>mx1</name>
      <address>192.168.241.21</address>
      <descr><![CDATA[mx1]]></descr>
      <type>host</type>
      <detail><![CDATA[mx4 private alias]]></detail>
   </alias>
   <alias>
      <name>mx2</name>
      <address>192.168.241.22</address>
      <descr><![CDATA[mx2]]></descr>
      <type>host</type>
      <detail><![CDATA[mx2]]></detail>
   </alias>
</aliases>


I thought to try a search and replace / regular expression solution:
<address>192.168.241.21</address> becomes <address>192.168.241.28</address>

Would a modification be promptly applied?

Or keep several copies of config.xml files to be substituted to the operative one. Will exchanging files trigger the system to read and act accordingly to the new settings?


Cumbersome I guess, but could do for my scenario.

Definitely I hope that pfSense will have a full CLI interface. It's greatness, the web gui, can't be a weakness too :)
At the moment the only important cli feature I can think of is the one of aliases, since I read that pass and block are already active
 http://doc.pfsense.org/index.php/Adding_Rules_With_easyrule
 http://www.linuxnet.ch/pfsense-important-cli-commands/

Also,
what if i have CARP? (not the case but it is in program), would config.xml editing via regular expressions or if overwritten by other file trigger a sync to the other boxes?

Thanks!
« Last Edit: October 10, 2012, 12:07:08 pm by #G# »