NN.pfSense.psm1
|
#Region './Private/Get-PfAccessToken.ps1' 0 function Get-PfAccessToken { [CmdletBinding()] param ( [string]$AccessTokenPath = "$env:USERPROFILE\.creds\pfSense\pfSenseAccessToken.xml" ) process { if (!(Test-Path $AccessTokenPath)) { New-PfAccessToken } $Cred = (Import-Clixml $AccessTokenPath).GetNetworkCredential() #Encode credentials to Base64 $Text = "$($Cred.Username):$($Cred.Password)" $Bytes = [Text.Encoding]::UTF8.GetBytes($Text) [Convert]::ToBase64String($Bytes) } } #EndRegion './Private/Get-PfAccessToken.ps1' 20 #Region './Private/Get-PfEndpoint.ps1' 0 function Get-PfEndpoint { [CmdletBinding()] param ( $EndpointPath = "$env:USERPROFILE\.creds\pfSense\pfSenseEndpoint.xml" ) process { if (!(Test-Path $EndpointPath)) { New-PfEndpoint } $Endpoint = Import-Clixml $EndpointPath [System.Runtime.InteropServices.marshal]::PtrToStringAuto([System.Runtime.InteropServices.marshal]::SecureStringToBSTR($Endpoint)) } } #EndRegion './Private/Get-PfEndpoint.ps1' 16 #Region './Public/Get-PfFirewallRules.ps1' 0 function Get-PfFirewallRules { [CmdletBinding()] param ( ) process { $Splat = @{ "Uri" = "$(Get-PfEndpoint)/api/v1/firewall/rule" "Method" = "GET" "Headers" = @{ "Accept" = "application/json" "Content-Type" = "application/json" "Authorization" = "Basic $(Get-PfAccessToken)" } } Invoke-RestMethod @Splat } } #EndRegion './Public/Get-PfFirewallRules.ps1' 20 #Region './Public/Get-PfHostname.ps1' 0 function Get-PfHostname { [CmdletBinding()] param ( ) process { $Splat = @{ "Uri" = "$(Get-PfEndpoint)/api/v1/system/hostname" "Method" = "GET" "Headers" = @{ "Accept" = "application/json" "Content-Type" = "application/json" "Authorization" = "Basic $(Get-PfAccessToken)" } } Invoke-RestMethod @Splat } } #EndRegion './Public/Get-PfHostname.ps1' 20 #Region './Public/Get-PfInterfaces.ps1' 0 function Get-PfInterfaces { [CmdletBinding()] param ( ) process { $Splat = @{ "Uri" = "$(Get-PfEndpoint)/api/v1/interface" "Method" = "GET" "Headers" = @{ "Accept" = "application/json" "Content-Type" = "application/json" "Authorization" = "Basic $(Get-PfAccessToken)" } } Invoke-RestMethod @Splat } } #EndRegion './Public/Get-PfInterfaces.ps1' 20 #Region './Public/Get-PfUsers.ps1' 0 function Get-PfUsers { [CmdletBinding()] param ( ) process { $Splat = @{ "Uri" = "$(Get-PfEndpoint)/api/v1/user" "Method" = "GET" "Headers" = @{ "Accept" = "application/json" "Content-Type" = "application/json" "Authorization" = "Basic $(Get-PfAccessToken)" } } Invoke-RestMethod @Splat } } #EndRegion './Public/Get-PfUsers.ps1' 20 #Region './Public/Invoke-PfFirewallApply.ps1' 0 function Invoke-PfFirewallApply { [CmdletBinding()] param ( [ValidateSet("true","false")][string]$async ) process { $ParameterExclusion = @() $Body = $null $PSBoundParameters.Keys.ForEach({ [string]$Key = $_ $Value = $PSBoundParameters.$key if ($ParameterExclusion -contains $Key) { return } $Body = $Body + @{ $Key = $Value } }) $Splat = @{ "Uri" = "$(Get-PfEndpoint)/api/v1/firewall/apply" "Method" = "POST" "Headers" = @{ "Accept" = "application/json" "Content-Type" = "application/json" "Authorization" = "Basic $(Get-PfAccessToken)" } "Body" = $Body | ConvertTo-Json -Depth 99 } Invoke-RestMethod @Splat } } #EndRegion './Public/Invoke-PfFirewallApply.ps1' 36 #Region './Public/Invoke-PfInterfaceApply.ps1' 0 function Invoke-PfInterfaceApply { [CmdletBinding()] param ( [ValidateSet("true","false")][string]$async ) process { $ParameterExclusion = @() $Body = $null $PSBoundParameters.Keys.ForEach({ [string]$Key = $_ $Value = $PSBoundParameters.$key if ($ParameterExclusion -contains $Key) { return } $Body = $Body + @{ $Key = $Value } }) $Splat = @{ "Uri" = "$(Get-PfEndpoint)/api/v1/interface/apply" "Method" = "POST" "Headers" = @{ "Accept" = "application/json" "Content-Type" = "application/json" "Authorization" = "Basic $(Get-PfAccessToken)" } "Body" = $Body | ConvertTo-Json -Depth 99 } Invoke-RestMethod @Splat } } #EndRegion './Public/Invoke-PfInterfaceApply.ps1' 36 #Region './Public/New-PfAccessToken.ps1' 0 function New-PfAccessToken { param ( [string]$AccessTokenPath = "$env:USERPROFILE\.creds\pfSense\pfSenseAccessToken.xml" ) process { while (!$Username) { $Username = Read-Host "Enter pfSense username" } while (!$Passwd) { $Passwd = Read-Host "Enter pfSense password" -AsSecureString } $AccessTokenDir = $AccessTokenPath.Substring(0, $AccessTokenPath.LastIndexOf('\')) if (!(Test-Path $AccessTokenDir)) { #Create parent folders of the access token file $null = New-Item -ItemType Directory $AccessTokenDir } #Create access token file New-Object PSCredential($Username,$Passwd) | Export-Clixml $AccessTokenPath } } #EndRegion './Public/New-PfAccessToken.ps1' 25 #Region './Public/New-PfEndpoint.ps1' 0 function New-PfEndpoint { [CmdletBinding()] param ( $EndpointPath = "$env:USERPROFILE\.creds\pfSense\pfSenseEndpoint.xml" ) process { #Create parent folders for the endpoint file $EndpointDir = $EndpointPath.Substring(0, $EndpointPath.lastIndexOf('\')) if (!(Test-Path $EndpointDir)) { $null = New-Item -ItemType Directory $EndpointDir } $IP = Read-Host "Enter the IP of your pfSense install (including http:// or https://)" -AsSecureString $IP | Export-Clixml $EndpointPath } } #EndRegion './Public/New-PfEndpoint.ps1' 18 #Region './Public/New-PfFirewallAlias.ps1' 0 function New-PfFirewallAlias { [CmdletBinding()] param ( [Parameter(Mandatory)][string]$name, [Parameter(Mandatory)][ValidateSet("host","network","port")][string]$type, [Parameter(Mandatory)][array]$address, [string]$descr, [array]$detail, [ValidateSet("true","false")][string]$apply ) process { $ParameterExclusion = @() $Body = $null $PSBoundParameters.Keys.ForEach({ [string]$Key = $_ $Value = $PSBoundParameters.$key if ($ParameterExclusion -contains $Key) { return } $Body = $Body + @{ $Key = $Value } }) $Splat = @{ "Uri" = "$(Get-PfEndpoint)/api/v1/firewall/alias" "Method" = "POST" "Headers" = @{ "Accept" = "application/json" "Content-Type" = "application/json" "Authorization" = "Basic $(Get-PfAccessToken)" } "Body" = $Body | ConvertTo-Json -Depth 99 } Invoke-RestMethod @Splat } } #EndRegion './Public/New-PfFirewallAlias.ps1' 41 #Region './Public/New-PfFirewallRule.ps1' 0 function New-PfFirewallRule { [CmdletBinding()] param ( [string]$ackqueue, [ValidateSet("true","false")][string]$apply, [string]$defaultqueue, [string]$descr, [string]$direction, [ValidateSet("true","false")][string]$disabled, [string]$dnpipe, [string]$dst, [string]$dstport, [ValidateSet("true","false")][string]$floating, [string]$gateway, [array]$icmptype, [array]$interface, [string]$ipprotocol, [ValidateSet("true","false")][string]$log, [string]$pdnpipe, [string]$protocol, [ValidateSet("true","false")][string]$quick, [string]$sched, [string]$src, [string]$srcport, [string]$statetype, [ValidateSet("true","false")][string]$tcpflags_any, [array]$tcpflags1, [array]$tcpflags2, [ValidateSet("true","false")][string]$top, [string]$type ) process { $ParameterExclusion = @() $Body = $null $PSBoundParameters.Keys.ForEach({ [string]$Key = $_ $Value = $PSBoundParameters.$key if ($ParameterExclusion -contains $Key) { return } $Body = $Body + @{ $Key = $Value } }) $Splat = @{ "Uri" = "$(Get-PfEndpoint)/api/v1/firewall/rule" "Method" = "POST" "Headers" = @{ "Accept" = "application/json" "Content-Type" = "application/json" "Authorization" = "Basic $(Get-PfAccessToken)" } "Body" = $Body | ConvertTo-Json -Depth 99 } Invoke-RestMethod @Splat } } #EndRegion './Public/New-PfFirewallRule.ps1' 62 #Region './Public/Remove-PfFirewallRule.ps1' 0 function Remove-PfFirewallRule { [CmdletBinding()] param ( [Parameter(Mandatory)][int]$tracker, [ValidateSet("true","false")][string]$apply ) process { $ParameterExclusion = @() $Body = $null $PSBoundParameters.Keys.ForEach({ [string]$Key = $_ $Value = $PSBoundParameters.$key if ($ParameterExclusion -contains $Key) { return } $Body = $Body + @{ $Key = $Value } }) $Splat = @{ "Uri" = "$(Get-PfEndpoint)/api/v1/firewall/rule" "Method" = "DELETE" "Headers" = @{ "Accept" = "application/json" "Content-Type" = "application/json" "Authorization" = "Basic $(Get-PfAccessToken)" } "Body" = $Body | ConvertTo-Json -Depth 99 } Invoke-RestMethod @Splat } } #EndRegion './Public/Remove-PfFirewallRule.ps1' 37 #Region './Public/Update-PfHostname.ps1' 0 function Update-PfHostname { [CmdletBinding()] param ( [string]$domain, [Parameter(Mandatory)][string]$hostname ) process { $ParameterExclusion = @() $Body = $null $PSBoundParameters.Keys.ForEach({ [string]$Key = $_ $Value = $PSBoundParameters.$key if ($ParameterExclusion -contains $Key) { return } $Body = $Body + @{ $Key = $Value } }) $Splat = @{ "Uri" = "$(Get-PfEndpoint)/api/v1/system/hostname" "Method" = "PUT" "Headers" = @{ "Accept" = "application/json" "Content-Type" = "application/json" "Authorization" = "Basic $(Get-PfAccessToken)" } "Body" = $Body | ConvertTo-Json -Depth 99 } Invoke-RestMethod @Splat } } #EndRegion './Public/Update-PfHostname.ps1' 37 #Region './Public/Update-PfInterface.ps1' 0 function Update-PfInterface { [CmdletBinding()] param ( [ValidateSet("true","false")][string]$adv_dhcp_config_advanced, [ValidateSet("true","false")][string]$adv_dhcp_config_file_override, [string]$adv_dhcp_config_file_override_file, [string]$adv_dhcp_option_modifiers, [int]$adv_dhcp_pt_backoff_cutoff, [int]$adv_dhcp_pt_initial_interval, [int]$adv_dhcp_pt_reboot, [int]$adv_dhcp_pt_retry, [int]$adv_dhcp_pt_select_timeout, [int]$adv_dhcp_pt_timeout, [string]$adv_dhcp_request_options, [string]$adv_dhcp_required_options, [string]$adv_dhcp_send_options, [string]$alias_address, [string]$alias_subnet, [ValidateSet("true","false")][string]$apply, [ValidateSet("true","false")][string]$blockbogons, [ValidateSet("true","false")][string]$blockpriv, [string]$descr, [int]$dhcpcvpt, [string]$dhcphostname, [array]$dhcprejectfrom, [ValidateSet("true","false")][string]$dhcpvlanenable, [ValidateSet("true","false")][string]$enable, [string]$gateway, [string]$gateway_6rd, [string]$gatewayv6, [Parameter(Mandatory)][string]$id, [string]$if, [string]$ipaddr, [string]$ipaddrv6, [ValidateSet("true","false")][string]$ipv6usev4iface, [string]$media, [string]$mss, [int]$mtu, [string]$prefix_6rd, [string]$prefix_6rd_v4plen, [string]$spoofmac, [int]$subnet, [string]$subnetv6, [string]$track6_interface, [int]$track6_prefix_id_hex, [string]$type, [string]$type6 ) process { #Parameters to convert with dashes $DashParameters = @( "alias_address","alias_subnet","gateway_6rd","prefix_6rd", "prefix_6rd_v4plen","track6_interface","track6_prefix_id_hex" ) $ParameterExclusion = @() $Body = $null $PSBoundParameters.Keys.ForEach({ [string]$Key = $_ $Value = $PSBoundParameters.$key if ($ParameterExclusion -contains $Key) { return } if ($DashParameters -contains $Key) { $Key = $Key -replace "_","-" } $Body = $Body + @{ $Key = $Value } }) $Splat = @{ "Uri" = "$(Get-PfEndpoint)/api/v1/interface" "Method" = "PUT" "Headers" = @{ "Accept" = "application/json" "Content-Type" = "application/json" "Authorization" = "Basic $(Get-PfAccessToken)" } "Body" = $Body | ConvertTo-Json -Depth 99 } Invoke-RestMethod @Splat } } #EndRegion './Public/Update-PfInterface.ps1' 89 #Region './Public/Update-PfUser.ps1' 0 function Update-PfUser { [CmdletBinding()] param ( [string]$authorizedkeys, [array]$cert, [string]$decr, [string][ValidateSet("true","false")]$disabled, [string]$expires, [string]$ipsecpsk, [string]$password, [array]$priv, [Parameter(Mandatory)][string]$username ) process { $ParameterExclusion = @() $Body = $null $PSBoundParameters.Keys.ForEach({ [string]$Key = $_ $Value = $PSBoundParameters.$key if ($ParameterExclusion -contains $Key) { return } $Body = $Body + @{ $Key = $Value } }) $Splat = @{ "Uri" = "$(Get-PfEndpoint)/api/v1/user" "Method" = "PUT" "Headers" = @{ "Accept" = "application/json" "Content-Type" = "application/json" "Authorization" = "Basic $(Get-PfAccessToken)" } "Body" = $Body | ConvertTo-Json -Depth 99 } Invoke-RestMethod @Splat } } #EndRegion './Public/Update-PfUser.ps1' 44 |