Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

REST API: Add Firewall alias entry DELETE & POST using name & address instead of ID #517

Closed
jpdsc opened this issue Jul 20, 2024 · 2 comments · Fixed by #544
Closed

REST API: Add Firewall alias entry DELETE & POST using name & address instead of ID #517

jpdsc opened this issue Jul 20, 2024 · 2 comments · Fixed by #544
Labels
backlog Issues backlogged for inclusion in future releases feature request New feature or request

Comments

@jpdsc
Copy link

jpdsc commented Jul 20, 2024
edited
Loading

Is your feature request related to existing pfSense functionality that is missing from the API? Please describe.
In v1, I was able to use below in Fail2ban action to delete an IP from an alias.
https://IP/api/v1/firewall/alias/entry?name=**alias**&address=**ip**&apply=true

I have created a separate alias for Fail2ban to ensure the alias list is not huge. All blocked IP's are in 1 Fail2ban alias.
image

I have been working on v2 integration in a new action and I noticed in the documentation that DELETE, is only possible with an ID.
This also means, I cannot delete an IP in an existing alias.

After further research this also applies to /api/v2/firewall/alias both POST and PATCH, it is not possible to add an entry.

Describe the solution you'd like
Would it be possible to bring back /api/v1/firewall/alias/entry using name and address to delete or add an individual line in the alias?

Describe alternatives you've considered
Considered GET but this also using ID and I can only delete the full alias, instead of entries in the alias.
@jpdsc jpdsc added backlog Issues backlogged for inclusion in future releases feature request New feature or request labels Jul 20, 2024
@jpdsc jpdsc changed the title REST API: Add Firewall alias entry DELETE using name & address instead of ID REST API: Add Firewall alias entry DELETE & PATCH using name & address instead of ID Jul 20, 2024
@jpdsc jpdsc changed the title REST API: Add Firewall alias entry DELETE & PATCH using name & address instead of ID REST API: Add Firewall alias entry DELETE & POST using name & address instead of ID Jul 20, 2024
@jaredhendrickson13
Copy link
Owner

This is related to #511. Essentially the behavior of the previous /api/v1/firewall/alias/entry is no longer feasible in v2 because v2 is fully object-oriented and the address items are not objects in the config. However, a control parameter to change the behavior of PATCH requests to remove the address items given in the request instead of replacing the entire array is feasible, and can easily be added alongside the new append control parameter being added in v2.1.0.

As far the IDs, v2 will only be using the IDs used by pfSense itself going forward. Using other fields as the ID requires too much redundant processing and is too inconsistent across endpoints. For endpoints that require IDs, you can make a GET request with a query to find the object you want to interact with, and then make your PATCH or DELETE request using the id field of the object identified in the GET request. This is standard practice for RESTful APIs.

@jpdsc
Copy link
Author

jpdsc commented Jul 22, 2024

Thanks a lot for the feedback and explanation/solution on this.
I only have 1 alias for Fail2ban, so using ID is not an issue then. As long as I don't recreate the alias, it will keep the same ID.

Once v2.1.0 is available, I'll continue with the changes to the Fail2ban action.

jaredhendrickson13 added a commit that referenced this issue Jul 23, 2024
@jaredhendrickson13
feat: add 'remove' control parameter #517
2e0615e 
This control parameter allows you to control the behavior of array fields. When set to `true`, any array values submitted in your request will be removed from the existing array values instead of replacing the entire array.
@jaredhendrickson13 jaredhendrickson13 moved this from In progress to Done in pfSense REST API v2.1.0 Jul 24, 2024
@jaredhendrickson13 jaredhendrickson13 mentioned this issue Aug 27, 2024
Merged
@jaredhendrickson13 jaredhendrickson13 linked a pull request Aug 28, 2024 that will close this issue
v2.1.0 Features & Fixes #544
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
backlog Issues backlogged for inclusion in future releases feature request New feature or request
Projects
No open projects
pfSense REST API v2.1.0
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

v2.1.0 Features & Fixes jaredhendrickson13/pfsense-api
2 participants
@jpdsc @jaredhendrickson13