PfSense is an open source firewall/router computer software distribution based on FreeBSD.
This document provides information about the PfSense connector, which facilitates automated interactions, with a PfSense server using FortiSOAR™ playbooks. Add the PfSense connector as a step in FortiSOAR™ playbooks and perform automated operations, such as adding and deleting firewall rules from PfSense and retrieving rule information from PfSense.
Connector Version: 1.0.0
Compatibility with FortiSOAR™ Versions: 4.9.0.0-708 and later
Compatibility with PfSense Versions: 2.2 and later
For the procedure to install a connector, click here.
For the procedure to configure a connector, click here.
In FortiSOAR™, on the Connectors page, click the PfSense connector to configure the following parameters:
Parameter | Description |
---|---|
Server URL | URL of the PfSense endpoint server to which you will connect and perform the automated operations |
Username | root username to access the PfSense endpoint. (PfSense default: root). Note: root credentials are necessary for SSH operations in order to configure firewall rules. Admin credentials are not sufficient. |
Password | root password to access the PfSense endpoint. (PfSense default: pfsense) |
Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. By default, this option is set as True . |
The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:
Function | Description | Annotation and Category |
---|---|---|
Add Rule | Adds a firewall rule to PfSense in order to listen to incoming and outgoing connections through your PfSense server. | add_rule Containment |
Delete Rule | Deletes a firewall rule from PfSense to remove any listeners to outer connections. | delete_rule Remediation |
Get All Rules | Retrieves details for all rules and properties from within the PfSense platform. | get_rules Investigation |
Parameter | Description |
---|---|
Rule ID | ID of the rule you want to add. Note: This ID will be needed if you choose to delete the rule in the future. |
Action | Type of action the rule that you want to add will perform. You can choose from the following options: Pass, Block, or Reject. |
Interface | Interface on which the rule that you want to add is based. For example, wan . |
Address Family | IP Protocol that is configured for the rule that you want to add. You can choose from the following options: IPv4, IPv6, or IPv4+IPv6. |
Protocol | Communication protocols that the rule you are adding will listen on. You can choose from the following options: Any, TCP, UDP, TCP/UDP, ICMP, ESP, AH, GRE, IPV6, IGPM, PIM, OSPF, SCTP, CARP, or PFSYNC. |
Source IP | Source IP of the connection. Leave it blank to listen to all sources. |
Destination IP | Destination IP of the connection. Leave it blank to listen to all destinations. |
Description | (Optional) Description for the rule you want to add. |
The JSON output contains the properties of the rule that was added to PfSense. The JSON output returns an error message if the rule cannot be added to PfSense.
Following image displays a sample output:
Parameter | Description |
---|---|
Rule ID | ID of the rule that you want to delete from PfSense. This must be the same Rule ID that was assigned when the rule was created. |
The JSON output returns a Success
message if the rule is successfully deleted from PfSenseo or an Error
message containing the reason for failure.
Following image displays a sample output:
None.
The JSON output retrieves details for all rules and properties from within the PfSense platform.
Following image displays a sample output:
The Sample - PfSense - 1.0.0
playbook collection comes bundled with the PfSense connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the PfSense connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
PfSense is an open source firewall/router computer software distribution based on FreeBSD.
This document provides information about the PfSense connector, which facilitates automated interactions, with a PfSense server using FortiSOAR™ playbooks. Add the PfSense connector as a step in FortiSOAR™ playbooks and perform automated operations, such as adding and deleting firewall rules from PfSense and retrieving rule information from PfSense.
Connector Version: 1.0.0
Compatibility with FortiSOAR™ Versions: 4.9.0.0-708 and later
Compatibility with PfSense Versions: 2.2 and later
For the procedure to install a connector, click here.
For the procedure to configure a connector, click here.
In FortiSOAR™, on the Connectors page, click the PfSense connector to configure the following parameters:
Parameter | Description |
---|---|
Server URL | URL of the PfSense endpoint server to which you will connect and perform the automated operations |
Username | root username to access the PfSense endpoint. (PfSense default: root). Note: root credentials are necessary for SSH operations in order to configure firewall rules. Admin credentials are not sufficient. |
Password | root password to access the PfSense endpoint. (PfSense default: pfsense) |
Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. By default, this option is set as True . |
The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:
Function | Description | Annotation and Category |
---|---|---|
Add Rule | Adds a firewall rule to PfSense in order to listen to incoming and outgoing connections through your PfSense server. | add_rule Containment |
Delete Rule | Deletes a firewall rule from PfSense to remove any listeners to outer connections. | delete_rule Remediation |
Get All Rules | Retrieves details for all rules and properties from within the PfSense platform. | get_rules Investigation |
Parameter | Description |
---|---|
Rule ID | ID of the rule you want to add. Note: This ID will be needed if you choose to delete the rule in the future. |
Action | Type of action the rule that you want to add will perform. You can choose from the following options: Pass, Block, or Reject. |
Interface | Interface on which the rule that you want to add is based. For example, wan . |
Address Family | IP Protocol that is configured for the rule that you want to add. You can choose from the following options: IPv4, IPv6, or IPv4+IPv6. |
Protocol | Communication protocols that the rule you are adding will listen on. You can choose from the following options: Any, TCP, UDP, TCP/UDP, ICMP, ESP, AH, GRE, IPV6, IGPM, PIM, OSPF, SCTP, CARP, or PFSYNC. |
Source IP | Source IP of the connection. Leave it blank to listen to all sources. |
Destination IP | Destination IP of the connection. Leave it blank to listen to all destinations. |
Description | (Optional) Description for the rule you want to add. |
The JSON output contains the properties of the rule that was added to PfSense. The JSON output returns an error message if the rule cannot be added to PfSense.
Following image displays a sample output:
Parameter | Description |
---|---|
Rule ID | ID of the rule that you want to delete from PfSense. This must be the same Rule ID that was assigned when the rule was created. |
The JSON output returns a Success
message if the rule is successfully deleted from PfSenseo or an Error
message containing the reason for failure.
Following image displays a sample output:
None.
The JSON output retrieves details for all rules and properties from within the PfSense platform.
Following image displays a sample output:
The Sample - PfSense - 1.0.0
playbook collection comes bundled with the PfSense connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the PfSense connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.