Firewall/alias, extend /api/firewall/alias_util/ alias to support instant address additions and deletions, saved to config when applicable.

-- /api/firewall/alias_util/add/[alias] -- /api/firewall/alias_util/delete/[alias] both accepting address as parameter, sample usage added to the pfTables diagnostic page
2026-03-14 00:24:40 +00:00 · 2018-10-02 21:46:16 +02:00 · 2018-10-02 21:46:16 +02:00 · e8908f4a32
commit e8908f4a32
parent 651bccc47f
3 changed files with 82 additions and 11 deletions
--- a/src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/AliasUtilController.php
+++ b/src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/AliasUtilController.php
@ -162,6 +162,8 @@ class AliasUtilController extends ApiControllerBase
                    $cnfAlias->content = implode("\n", $items);
                    $this->getModel()->serializeToConfig();
                    Config::getInstance()->save();
+                    // flush to disk,
+                    (new Backend())->configdRun('template reload OPNsense/Filter');
                }
            }

@ -173,4 +175,43 @@ class AliasUtilController extends ApiControllerBase
            return array("status" => "failed");
        }
    }
+
+    /**
+     * add item to alias table
+     * @param string $alias name
+     * @return array status
+     */
+    public function addAction($alias)
+    {
+        if ($this->request->isPost() && $this->request->hasPost("address")) {
+            $address = $this->request->getPost("address");
+            if (preg_match("/[^0-9a-f\:\.\/_]/", $address)) {
+                return array("status" => "not_an_address");
+            }
+            $cnfAlias = $this->getAlias($alias);
+            if ($cnfAlias !== null && in_array($cnfAlias->type, array('host', 'network'))) {
+                // update local administration, add address when not found for static types
+                $items = explode("\n", $cnfAlias->content);
+                if (strpos($address, "/") === false) {
+                    // add mask
+                    $address .= "/" . (strpos($address, ":") ? '128' : '32');
+                }
+                if (!array_search($address, $items)) {
+                    $items[] = $address;
+                    $cnfAlias->content = implode("\n", $items);
+                    $this->getModel()->serializeToConfig();
+                    Config::getInstance()->save();
+                    // flush to disk,
+                    (new Backend())->configdRun('template reload OPNsense/Filter');
+                }
+            }
+
+            $this->sessionClose();
+            $backend = new Backend();
+            $backend->configdpRun("filter add table", array($alias, $address));
+            return array("status" => "done");
+        } else {
+            return array("status" => "failed");
+        }
+    }
 }
--- a/src/opnsense/mvc/app/views/OPNsense/Firewall/alias_util.volt
+++ b/src/opnsense/mvc/app/views/OPNsense/Firewall/alias_util.volt
@ -69,6 +69,14 @@
          });
        });

+        $("#btn_quick_add").click(function(){
+            ajaxCall("/api/firewall/alias_util/add/"+$('#tablename').val(),{'address':$("#quick_add").val()},function(){
+                $("#quick_add").val("");
+                $('#tablename').change();
+            });
+
+        });
+
        // update bogons
        $("#update_bogons").click(function(event){
            event.preventDefault()
@ -90,17 +98,33 @@
    <div class="container-fluid">
        <div class="row">
            <section class="col-xs-12">
-                    <select id="tablename" class="selectpicker" data-width="auto" data-live-search="true">
-                    </select>
-                    <button class="btn btn-default" id="refresh">
-                        <i class="fa fa-refresh" aria-hidden="true"></i>
-                    </button>
-                    <button class="btn btn-default" id="flushtable">
-                        {{ lang._('Flush') }}
-                    </button>
-                    <button class="btn btn-default pull-right" id="update_bogons"><i id="update_bogons_progress" class=""></i>
-                      {{ lang._('Update bogons') }}
-                    </button>
+                <div class="row">
+                  <div class="col-xs-4">
+                      <select id="tablename" class="selectpicker" data-width="auto" data-live-search="true">
+                      </select>
+                      <button class="btn btn-default" id="refresh">
+                          <i class="fa fa-refresh" aria-hidden="true"></i>
+                      </button>
+                      <button class="btn btn-default" id="flushtable">
+                          {{ lang._('Flush') }}
+                      </button>
+                  </div>
+                  <div class="col-xs-4">
+                    <div class="input-group">
+                      <span class="input-group-btn">
+                        <button class="btn btn-default" type="button" id="btn_quick_add">
+                            <i class="fa fa-plus" aria-hidden="true"></i>
+                        </button>
+                      </span>
+                      <input type="text" class="form-control" id="quick_add" placeholder="{{ lang._('Quick add address') }}">
+                    </div>
+                  </div>
+                  <div class="col-xs-4">
+                      <button class="btn btn-default pull-right" id="update_bogons"><i id="update_bogons_progress" class=""></i>
+                        {{ lang._('Update bogons') }}
+                      </button>
+                  </div>
+                </div>
            </section>
            <section class="col-xs-12">
                <div class="content-box">
--- a/src/opnsense/service/conf/actions.d/actions_filter.conf
+++ b/src/opnsense/service/conf/actions.d/actions_filter.conf
@ -65,6 +65,12 @@ parameters: %s %s
 type:script
 message:delete entry from pf table ( %s / %s )

+[add.table]
+command:/sbin/pfctl
+parameters: -t %s -T add %s
+type:script
+message:add entry to pf table ( %s / %s )
+
 [update.bogons]
 command:/usr/local/etc/rc.update_bogons
 parameters: