config_reload not working

[jullienl]

I use config_patch to change the content of an alias and it works great but the new configuration is not active in pFsense so I would like to use a config_reload request to activate my new configuration but config_reload does not work, the request is successful but the new pfsense config is not loaded.

pfsense 2.4.4.p3

I am using the following URI https://$pfsense/fauxapi/v1/?action=config_reload&__debug=true

The API request is successful as seen in the response:

StatusDescription : OK
Content           : {"callid":"5ce267915ba49","action":"config_reload","message":"ok","logs":[{"DEBUG":"20190520Z103841 :: fauxapi\\v1\\fauxApi::__call","DATA":{"user_action":"config_reload","callid":"5ce267915ba49","cli...
RawContent        : HTTP/1.1 200 OK
                    Transfer-Encoding: chunked
                    Connection: keep-alive
                    fauxapi-callid: 5ce267915ba49
                    Strict-Transport-Security: max-age=31536000
                    X-Content-Type-Options: nosniff
                    Content-Type: applicat...
Forms             : {}
Headers           : {Server, Transfer-Encoding, Content-Type, Date...}
Images            : {}
InputFields       : {}
Links             : {}
ParsedHtml        : mshtml.HTMLDocumentClass
RawContentLength  : 1302
PSComputerName    :xxxxxxxxxx

but nothing is logged in pfsense System Logs (despite the presence of debug=true, while config_patch is present) and my new config is not loaded.

Thanks for your help,

[fahadalishah0102]

Hello jullienl,

I am using the same version but i am lil bit confuse how to use this ? I have done what ever describe on web but unable to execute it properly authetication failed can you please help me out.

[jullienl]

1/ Make sure you follow what is described in https://github.com/ndejong/pfsense_fauxapi#api-authentication 2/ Make sure your API key follows the rules in credentials.ini 3/ Enable debugging by using &__debug=true to your API call so that you get logs in pFsense / Status / System Logs. Those logs is the first place to go as they provide very useful information for troubleshooting.

[jullienl]

I don't know about your Pytest issue but for the HTTP request header, it is used for the API authentication so you need to build a valid HTTP header with the requested fauxapi-auth parameter, the value of fauxapi-auth must use the following format: <apikey>:<timestamp>:<nonce>:<hash>.

Then this header must be used with your CURL request like:

curl \
    -X GET \
    --silent \
    --insecure \
    --header "fauxapi-auth: PFFA4797d073:20161119Z144328:833a45d8:9c4f96ab042f5140386178618be1ae40adc68dd9fd6b158fb82c99f3aaa2bb55" \
    "https://<host-address>/fauxapi/v1/?action=system_stats"

[ndejong]

@jullienl thanks for assisting @fahadalishah5 - I've trimmed his comments to keep this ticket focused on your issue.

The latest release https://github.com/ndejong/pfsense_fauxapi/releases/tag/v1.3_4 does pass all tests against an earlier pfSense 2.4.4 - I notice you are running p3 which is probably the first place to start looking for me.

I wonder if you are easily able to test against an "earlier" 2.4.4 to confirm? Not essential but would just be helpful to know where to start tracking this down.

[fahadalishah0102]

Thanks both of you guys appreciated :)

[jullienl]

Thanks @ndejong

I need to check if I can easily downgrade my pfsense without impacting too many things

[ndejong]

@jullienl were you able to resolve your issue here?

[jullienl]

No as I couldn’t downgrade my pfSense software

[jullienl]

Has this API issue been resolved in 2.4.5 or 2.5.0 ? I cannot find any fix reference in the Release Notes

[fahadalishah0102]

I didn't check on it updated version and the project was also closed so i didn't check it further.

[ndejong]

@jullienl looking at your report again, FauxAPI was updated recently to v1.4 which may not (yet) address this issue.

Re-reading the description of the issue you have I'm wondering if what you are describing is that after the confg_reload your services have not picked up the new configuration(s) - is this the case or are you experiencing something else? The reason I ask is that there is a good chance an appropriate send_event will resolve this which might make sense to add into the config_reload by default

I know it's been a while but if you are still able to check it out and report back that would be awesome

[jullienl]

Yes this the case, my services did not pick up the new configuration while the API config_reload call was successful. Sadly I ended using a system reboot to active the new config:

# Reload the pfsense config to validate the patch config change   --- NOT WORKING !!!!
# $response = Invoke-WebRequest -Uri "https://$pfsense/fauxapi/v1/?action=config_reload&__debug=true" -Headers $headers -Method GET 

# Restarting pfsense instead to activate the new config
$response = Invoke-WebRequest -Uri "https://$pfsense/fauxapi/v1/?action=system_reboot&__debug=true" -Headers $headers -Method GET 

[Cliftonz]

I am having the same issue too. Is there an eta on this fix?

[akopylov-rdv]

@ndejong @jullienl Hello! I have the same problem, using python pkg: pfsense-fauxapi:

pfs_config = api.config_get()
# Add new acl rule to forwarding backend in haproxy config
new_acl_item = {...}
pfs_config["installedpackages"]["haproxy"]["ha_backends"]["item"][0]["ha_acls"]["item"].insert(0, new_acl_item)
api.config_set(pfs_config)

Tried to envoke

api.config_reload()
api.send_event("service restart haproxy")

It doesn't help. New configuration starts to work only if I go to Pfsense UI Services / HAProxy / Frontends and click "Save" configuration and apply it. Is any way to replay this actions with programming? Will you fix this problem?