search

ndejong / pfsense_fauxapi

REST based API interface for pfSense 2.3.x and 2.4.x to facilitate devops
Apache License 2.0
354 stars 61 forks source link

API KEY & API STRING Creation #45

Closed fahadalishah0102 closed 5 years ago

fahadalishah0102 commented 5 years ago

Hi, I am facing some confusion regarding this play how to create API string i am trying to sync this firewall with 3rd party tool.

Here is my Credentials. ini file config.

;; PFFAexample01 is hardcoded to be inoperative [PFFAfahad09800552] secret = 8897562242abcdefghijklmnopqrtsuvwxyz09812345 permit = alias, config, gateway, rule, send, system, function_* comment = PFFAfahad09800552 - hardcoded to be inoperative

How i can check this one working? What is the roll of Python in it? What next configuration i need to do after this? How this API string create in below format?

fauxapi-auth: PFFA4797d073:20161119Z144328:833a45d8:9c4f96ab042f5140386178618be1ae40adc68dd9fd6b158fb82c99f3aaa2bb55

Is this example Auth ??

fahadalishah0102 commented 5 years ago

How do i create my own FauxAPI-Auth like below:

fauxapi-auth: PFFA4797d073:20161119Z144328:833a45d8:9c4f96ab042f5140386178618be1ae40adc68dd9fd6b158fb82c99f3aaa2bb55

ndejong commented 5 years ago

Documentation on authentication is available here - let us know how it goes https://github.com/ndejong/pfsense_fauxapi/blob/master/README.md#api-authentication

fahadalishah0102 commented 5 years ago

Dude i am little bit confuse here

Please guide me step by step what i do next here i am describing you what i have done it.

1- I have install fauxAPI on my server 2- Then i go to /etc/fauxapi directory. 3- i have created new credentials.ini file on this directory and paste the sample format on new file but i have entered my own secret and my own apikey like below

PFFAfahad09800552] secret = 8897562242abcdefghijklmnopqrtsuvwxyz09812345 permit = alias, config, gateway, rule, send, system, function_* comment = PFFAfahad09800552 - hardcoded to be inoperative

Then i saved it and close this file

Now i am confused what i do next step i see the many sytanxes below like

On which directory i can paste these syntax's any file location

curl \ -X GET \ --silent \ --insecure \ --header "fauxapi-auth: " \ "https:///fauxapi/v1/?action=

Secondly how do i put the values of fauxapi- auth

Secret: Timestamp: Nonce Hash

On which directory i can define above values and also please confirm these values will be define my own or i exactly pasted the values as define on example like this

PFFA4797d073:20161119Z144328:833a45d8:9c4f96ab042f5140386178618be1ae40adc68dd9fd6b158fb82c99f3aaa2bb5

I am new with this system due to this i am little bit confused here if you guide me step by step i will be very thankful to you.

fahadalishah0102 commented 5 years ago

Hi, How are you..

When i am running clog i am receiving error below:

[2.4.4-RELEASE][admin@pfSense.localdomain]/: clog /var/log/system.log | grep fauxapi May 20 04:46:30 pfSense php-fpm[339]: {"ERROR":"20190520Z044630 :: request missing FAUXAPI_AUTH header value","source":"fauxapi"} May 20 04:46:30 pfSense php-fpm[339]: {"ERROR":"20190520Z044630 :: authentication failed","source":"fauxapi"} May 20 13:31:25 pfSense php-fpm[13420]: {"ERROR":"20190520Z133125 :: request missing FAUXAPI_AUTH header value","source":"fauxapi"} May 20 13:31:25 pfSense php-fpm[13420]: {"ERROR":"20190520Z133125 :: authentication failed","source":"fauxapi"} May 20 13:32:48 pfSense php-fpm[13420]: {"ERROR":"20190520Z133248 :: request missing FAUXAPI_AUTH header value","source":"fauxapi"} May 20 13:32:48 pfSense php-fpm[13420]: {"ERROR":"20190520Z133248 :: authentication failed","source":"fauxapi"} May 20 13:38:43 pfSense php-fpm[94517]: {"ERROR":"20190520Z133843 :: request missing FAUXAPI_AUTH header value","source":"fauxapi"} May 20 13:38:43 pfSense php-fpm[94517]: {"ERROR":"20190520Z133843 :: authentication failed","source":"fauxapi"} May 20 15:48:48 pfSense php-fpm[94517]: {"ERROR":"20190520Z154848 :: request missing FAUXAPI_AUTH header value","source":"fauxapi"} May 20 15:48:48 pfSense php-fpm[94517]: {"ERROR":"20190520Z154848 :: authentication failed","source":"fauxapi"} May 20 17:32:38 pfSense php-fpm[94517]: {"ERROR":"20190520Z173238 :: request missing FAUXAPI_AUTH header value","source":"fauxapi"} May 20 17:32:38 pfSense php-fpm[94517]: {"ERROR":"20190520Z173238 :: authentication failed","source":"fauxapi"} May 20 18:04:03 pfSense php-fpm[94517]: {"ERROR":"20190520Z180403 :: request missing FAUXAPI_AUTH header value","source":"fauxapi"} May 20 18:04:03 pfSense php-fpm[94517]: {"ERROR":"20190520Z180403 :: authentication failed","source":"fauxapi"} May 20 18:04:04 pfSense php-fpm[13420]: {"ERROR":"20190520Z180404 :: request missing FAUXAPI_AUTH header value","source":"fauxapi"} May 20 18:04:04 pfSense php-fpm[13420]: {"ERROR":"20190520Z180404 :: authentication failed","source":"fauxapi"} May 20 18:04:05 pfSense php-fpm[94517]: {"ERROR":"20190520Z180405 :: request missing FAUXAPI_AUTH header value","source":"fauxapi"} May 20 18:04:05 pfSense php-fpm[94517]: {"ERROR":"20190520Z180405 :: authentication failed","source":"fauxapi"} May 20 18:04:06 pfSense php-fpm[13420]: {"ERROR":"20190520Z180406 :: request missing FAUXAPI_AUTH header value","source":"fauxapi"} May 20 18:04:06 pfSense php-fpm[13420]: {"ERROR":"20190520Z180406 :: authentication failed","source":"fauxapi"} May 20 18:45:21 pfSense php-fpm[13420]: {"ERROR":"20190520Z184521 :: request missing FAUXAPI_AUTH header value","source":"fauxapi"} May 20 18:45:21 pfSense php-fpm[13420]: {"ERROR":"20190520Z184521 :: authentication failed","source":"fauxapi"} May 20 19:44:58 pfSense php-fpm[13420]: {"ERROR":"20190520Z194458 :: request missing FAUXAPI_AUTH header value","source":"fauxapi"} May 20 19:44:58 pfSense php-fpm[13420]: {"ERROR":"20190520Z194458 :: authentication failed","source":"fauxapi"} May 20 19:54:56 pfSense php-fpm[13420]: {"ERROR":"20190520Z195456 :: request missing FAUXAPI_AUTH header value","source":"fauxapi"} May 20 19:54:56 pfSense php-fpm[13420]: {"ERROR":"20190520Z195456 :: authentication failed","source":"fauxapi"} May 20 20:07:08 pfSense php-fpm[94517]: {"ERROR":"20190520Z200708 :: request missing FAUXAPI_AUTH header value","source":"fauxapi"} May 20 20:07:08 pfSense php-fpm[94517]: {"ERROR":"20190520Z200708 :: authentication failed","source":"fauxapi"} May 20 20:07:13 pfSense php-fpm[94517]: {"ERROR":"20190520Z200713 :: request missing FAUXAPI_AUTH header value","source":"fauxapi"} May 20 20:07:13 pfSense php-fpm[94517]: {"ERROR":"20190520Z200713 :: authentication failed","source":"fauxapi"} May 20 20:08:07 pfSense php-fpm[94517]: {"ERROR":"20190520Z200807 :: apikey not defined in credential file","DATA":{"apikey":"PFFAsybrid098005","filename":"\/etc\/fauxapi\/credentials.ini"},"source":"fauxapi"} May 20 20:08:07 pfSense php-fpm[94517]: {"ERROR":"20190520Z200807 :: authentication failed","source":"fauxapi"} May 20 20:08:15 pfSense php-fpm[94517]: {"ERROR":"20190520Z200815 :: apikey not defined in credential file","DATA":{"apikey":"PFFAsybrid098005","filename":"\/etc\/fauxapi\/credentials.ini"},"source":"fauxapi"} May 20 20:08:15 pfSense php-fpm[94517]: {"ERROR":"20190520Z200815 :: authentication failed","source":"fauxapi"} May 20 20:08:38 pfSense php-fpm[94517]: {"ERROR":"20190520Z200838 :: apikey not defined in credential file","DATA":{"apikey":"PFFAsybrid098005","filename":"\/etc\/fauxapi\/credentials.ini"},"source":"fauxapi"} May 20 20:08:38 pfSense php-fpm[94517]: {"ERROR":"20190520Z200838 :: authentication failed","source":"fauxapi"}

What i am missing on it? Please help!!!!

ndejong commented 5 years ago

Hi @fahadalishah5

Following up on this - looking at the config snippet you have provided it appears you have several problems, I'll step through them for you line by line below - it is in standard .ini format.

You stated that you are working with this configuration:

PFFAfahad09800552]
secret = 8897562242abcdefghijklmnopqrtsuvwxyz09812345
permit = alias_, config_, gateway_, rule_, send_, system_, function_*
comment = PFFAfahad09800552 - hardcoded to be inoperative

The first line needs to start with a [ that seems to be missing - the .ini configuration-parser will not correctly handle your config otherwise:

PFFAfahad09800552]

The second line looks okay:

secret = 8897562242abcdefghijklmnopqrtsuvwxyz09812345

The third line you appear to have adjusted the permit rules by removing the * wildcards at the end of the permit names, I would recommend you simply replace this whole line with permit = * to start with while you are figuring everything out.

permit = alias_, config_, gateway_, rule_, send_, system_, function_*

The comment line is inert so this should be fine too:

comment = PFFAfahad09800552 - hardcoded to be inoperative

If you have having trouble this this, I'd suggest you consider using the pfsense-fauxapi Python pip module that you can easily install and will provide you with (a) a remote cli interface to your pfsense hosts and a Python api interface, you can install it as so:

pip3 install pfsense-fauxapi

Read more about pfsense-fauxapi here: https://github.com/ndejong/pfsense_fauxapi_client_python

fahadalishah0102 commented 5 years ago

Thanks Man it's working :)

Get Outlook for Androidhttps://aka.ms/ghei36

From: Nicholas de Jong notifications@github.com Sent: Wednesday, May 29, 2019 9:37:44 AM To: ndejong/pfsense_fauxapi Cc: fahadalishah5; Mention Subject: Re: [ndejong/pfsense_fauxapi] API KEY & API STRING Creation (#45)

Closed #45https://github.com/ndejong/pfsense_fauxapi/issues/45.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/ndejong/pfsense_fauxapi/issues/45?email_source=notifications&email_token=AMCK2NKHTYF3MIUMZQKL6WDPXYCBRA5CNFSM4HNXAX2KYY3PNVWWK3TUL52HS4DFWZEXG43VMVCXMZLOORHG65DJMZUWGYLUNFXW5KTDN5WW2ZLOORPWSZGORV64TQY#event-2373831107, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AMCK2NJP3UL7C6ZCV54KK7DPXYCBRANCNFSM4HNXAX2A.