module_utils/pfsense.py:PFSenseModule.php JSONDecodeError: Expecting value: line 1 column 1 (char 0)

[NeonixRIT]

Using openstack and ansible 2.10.8 to deploy and configure some pfsense 2.6.0 instances. It seems self.module.run_command('/usr/local/bin/php', data=cmd) has .. added to the beginning of stdout causing JSONDecoder to throw an error when trying to parse the returned json string from php. I fixed this by changing the php function to the following.

    def php(self, command):
        """ Run a command in php and return the output """
        cmd = '<?php\n'
        cmd += command
        cmd += '\n?>\n'
        (dummy, stdout, stderr) = self.module.run_command('/usr/local/bin/php', data=cmd)
        start_of_json = stdout.index('{')
        end_of_json = stdout.rindex('}') + 1
        # TODO: check stderr for errors
        return json.loads(stdout[start_of_json:end_of_json])

[opoplawski]

A reproducer would be nice, but I'll also note that anible 2.10 went EOL on 23 May 2022. How do you use openstack to deploy pfsense?

[NeonixRIT]

I have an UbuntuJammy2204 VM setup on Openstack with internet access, running python 3.10.12 with ansible installed. I also have the python-openstackclient python module installed via pip. To deploy the pfsense VM I use this task.

In an example environment I have two networks local_1: 192.168.1.0/24 remote_1: 10.0.1.0/24 each having their own ID as defined in openstack.

- name: "Create pfSense instance - {{ router.key }}_pfsense"
  host: localhost
  command: >
    openstack server create
    --flavor {{ router.value.flavor }}
    --image {{ router.value.image }}
    --boot-from-volume {{ router.value.image_size }}
    --nic net-id={{ local_1.net_id }},v4-fixed-ip="192.168.1.1"
    --nic net-id={{ remote_1.net_id }},v4-fixed-ip="10.0.1.1"
    --key-name {{ ansible_control_key_name }}
    {{ router.key }}_pfsense
  ignore_errors: yes

ansible_control_key_name is the name of ssh public key stored in openstack of the UbuntuJammy2204 VM I am running the ansible on to deploy the VMs from. the router var is in this structure:

      team_1_main:
        image: PFsense-2.6.0-Cloudinit
        image_size: 40
        flavor: medium
        connections:
          local_1:
            address: 192.168.1.1
            control: 192.168.1.250
          remote_1:
            address: 10.0.1.254

I then create an openstack port from the UbuntuJammy2204 VM to local_1 so I have access to one of the router's interfaces. This creates a new NIC interface on UbuntuJammy2204 VM, assigning it the control address on the local_1 network.

Then with a very bare test config like:

pfsenses:
  team_1_main_pfsense: {
    interfaces: {
      WAN:                { ip: 10.0.1.254/24 },
      LAN:                 { ip: 192.168.1.1/24 }
    }
  }

rules:
  options: { log: yes }

  ALLOW_ALL:
    allow_all:              { src: any,             dst: any,                 protocol: any,      action: pass }

hosts_aliases:
  internet:             { ip: 0.0.0.0/0 }

ports_aliases:
  admin_ports:          { port: 22 80 443 }

running the examples/lookup/setup_all_rules.yaml playbook to setup firewall rules is where the fatal error occurs. Note, i am not using connection: paramiko. Error still occurs if I use it though.

my inventory.ini being:

[pfsense]
team_1_main_pfsense ansible_ssh_host=192.168.1.1

[pfsense:vars]
ansible_ssh_user=admin
ansible_ssh_password=pfsense
ansible_ssh_port=22
ansible_ssh_common_args='-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null'
ansible_python_interpreter=/usr/local/bin/python3.8

and ansible.cfg being:

[defaults]

inventory = ./inventory.ini
collections_paths = ./collections/

The php that is run that causes the error is:

<?php
require_once("/etc/inc/interfaces.inc");
$portlist = get_interface_list();
$lagglist = get_lagg_interface_list();
$portlist = array_merge($portlist, $lagglist);
foreach ($lagglist as $laggif => $lagg) {    
    $laggmembers = explode(',', $lagg['members']);
    foreach ($laggmembers as $lagm)        
        if (isset($portlist[$lagm])) unset($portlist[$lagm]);
}
$list = array();
foreach ($portlist as $ifn => $ifinfo) {  
    $list[$ifn] = $ifn . " (\" . $ifinfo[\"mac\"] . \")";
    $iface = convert_real_interface_to_friendly_interface_name($ifn);
    if (isset($iface) && strlen($iface) > 0) $list[$ifn] .= " - $iface";
}
echo json_encode($list);
?>

stdout is

..{\"vtnet0\":\"vtnet0 (fa:16:3e:d5:fb:fd) - wan\",\"vtnet1\":\"vtnet1 (fa:16:3e:cd:52:c2) - lan\"}

stderr is (sorry for formatting)

Traceback (most recent call last):\r\n  File \"/root/.ansible/tmp/ansible-tmp-1707320150.650548-145558-145929973344656/AnsiballZ_pfsense_aggregate.py\", line 102, in <module>\r\n    _ansiballz_main()\r\n  File \"/root/.ansible/tmp/ansible-tmp-1707320150.650548-145558-145929973344656/AnsiballZ_pfsense_aggregate.py\", line 94, in _ansiballz_main\r\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\r\n  File \"/root/.ansible/tmp/ansible-tmp-1707320150.650548-145558-145929973344656/AnsiballZ_pfsense_aggregate.py\", line 40, in invoke_module\r\n    runpy.run_module(mod_name='ansible_collections.pfsensible.core.plugins.modules.pfsense_aggregate', init_globals=None, run_name='__main__', alter_sys=True)\r\n  File \"/usr/local/lib/python3.8/runpy.py\", line 207, in run_module\r\n    return _run_module_code(code, init_globals, run_name, mod_spec)\r\n  File \"/usr/local/lib/python3.8/runpy.py\", line 97, in _run_module_code\r\n    _run_code(code, mod_globals, init_globals,\r\n  File \"/usr/local/lib/python3.8/runpy.py\", line 87, in _run_code\r\n    exec(code, run_globals)\r\n  File \"/tmp/ansible_pfsensible.core.pfsense_aggregate_payload_tip17utb/ansible_pfsensible.core.pfsense_aggregate_payload.zip/ansible_collections/pfsensible/core/plugins/modules/pfsense_aggregate.py\", line 1143, in <module>\r\n  File \"/tmp/ansible_pfsensible.core.pfsense_aggregate_payload_tip17utb/ansible_pfsensible.core.pfsense_aggregate_payload.zip/ansible_collections/pfsensible/core/plugins/modules/pfsense_aggregate.py\", line 1128, in main\r\n  File \"/tmp/ansible_pfsensible.core.pfsense_aggregate_payload_tip17utb/ansible_pfsensible.core.pfsense_aggregate_payload.zip/ansible_collections/pfsensible/core/plugins/modules/pfsense_aggregate.py\", line 644, in __init__\r\n  File \"/tmp/ansible_pfsensible.core.pfsense_aggregate_payload_tip17utb/ansible_pfsensible.core.pfsense_aggregate_payload.zip/ansible_collections/pfsensible/core/plugins/module_utils/vlan.py\", line 73, in __init__\r\n  File \"/tmp/ansible_pfsensible.core.pfsense_aggregate_payload_tip17utb/ansible_pfsensible.core.pfsense_aggregate_payload.zip/ansible_collections/pfsensible/core/plugins/module_utils/pfsense.py\", line 659, in php\r\n  File \"/usr/local/lib/python3.8/json/__init__.py\", line 357, in loads\r\n    return _default_decoder.decode(s)\r\n  File \"/usr/local/lib/python3.8/json/decoder.py\", line 337, in decode\r\n    obj, end = self.raw_decode(s, idx=_w(s, 0).end())\r\n  File \"/usr/local/lib/python3.8/json/decoder.py\", line 355, in raw_decode\r\n    raise JSONDecodeError(\"Expecting value\", s, err.value) from None\r\njson.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)\r\n

[NeonixRIT]

here is php --info output on the pfsense 2.6.0 vm. Let me know if there is any other information that could help.

phpinfo()
PHP Version => 7.4.26

System => FreeBSD pfSense.home.arpa 12.3-STABLE FreeBSD 12.3-STABLE RELENG_2_6_0-n226742-1285d6d205f pfSense amd64
Build Date => Jan 12 2022 15:25:06
Configure Command =>  './configure'  '--with-layout=GNU' '--with-config-file-scan-dir=/usr/local/etc/php' '--disable-all' '--with-libxml' '--with-password-argon2=/usr/local' '--program-prefix=' '--enable-fd-setsize=3172' '--enable-mysqlnd' '--enable-fpm' '--with-fpm-user=www' '--with-fpm-group=www' '--enable-embed' '--enable-dtrace' '--prefix=/usr/local' '--localstatedir=/var' '--mandir=/usr/local/man' '--infodir=/usr/local/share/info/' '--build=amd64-portbld-freebsd12.3' 'build_alias=amd64-portbld-freebsd12.3' 'PKG_CONFIG=pkgconf' 'CFLAGS=-O2 -pipe -fstack-protector-strong -fno-strict-aliasing ' 'CPP=cpp' 'CXXFLAGS=-O2 -pipe -fstack-protector-strong -fno-strict-aliasing '
Server API => Command Line Interface
Virtual Directory Support => disabled
Configuration File (php.ini) Path => /usr/local/etc
Loaded Configuration File => /usr/local/etc/php.ini
Scan this dir for additional .ini files => /usr/local/etc/php
Additional .ini files parsed => /usr/local/etc/php/ext-10-opcache.ini,
/usr/local/etc/php/ext-18-session.ini,
/usr/local/etc/php/ext-20-bcmath.ini,
/usr/local/etc/php/ext-20-bz2.ini,
/usr/local/etc/php/ext-20-ctype.ini,
/usr/local/etc/php/ext-20-curl.ini,
/usr/local/etc/php/ext-20-dom.ini,
/usr/local/etc/php/ext-20-filter.ini,
/usr/local/etc/php/ext-20-gettext.ini,
/usr/local/etc/php/ext-20-intl.ini,
/usr/local/etc/php/ext-20-json.ini,
/usr/local/etc/php/ext-20-ldap.ini,
/usr/local/etc/php/ext-20-mbstring.ini,
/usr/local/etc/php/ext-20-mcrypt.ini,
/usr/local/etc/php/ext-20-openssl.ini,
/usr/local/etc/php/ext-20-pcntl.ini,
/usr/local/etc/php/ext-20-pdo.ini,
/usr/local/etc/php/ext-20-pfSense.ini,
/usr/local/etc/php/ext-20-posix.ini,
/usr/local/etc/php/ext-20-radius.ini,
/usr/local/etc/php/ext-20-readline.ini,
/usr/local/etc/php/ext-20-rrd.ini,
/usr/local/etc/php/ext-20-shmop.ini,
/usr/local/etc/php/ext-20-simplexml.ini,
/usr/local/etc/php/ext-20-sockets.ini,
/usr/local/etc/php/ext-20-sqlite3.ini,
/usr/local/etc/php/ext-20-sysvmsg.ini,
/usr/local/etc/php/ext-20-sysvsem.ini,
/usr/local/etc/php/ext-20-sysvshm.ini,
/usr/local/etc/php/ext-20-tokenizer.ini,
/usr/local/etc/php/ext-20-xml.ini,
/usr/local/etc/php/ext-20-xmlwriter.ini,
/usr/local/etc/php/ext-20-zlib.ini,
/usr/local/etc/php/ext-30-pdo_sqlite.ini,
/usr/local/etc/php/ext-30-xmlreader.ini

PHP API => 20190902
PHP Extension => 20190902
Zend Extension => 320190902
Zend Extension Build => API320190902,NTS
PHP Extension Build => API20190902,NTS
Debug Build => no
Thread Safety => disabled
Zend Signal Handling => enabled
Zend Memory Manager => enabled
Zend Multibyte Support => provided by mbstring
IPv6 Support => enabled
DTrace Support => available, disabled

Registered PHP Streams => php, file, glob, data, http, ftp, compress.bzip2, https, ftps, compress.zlib
Registered Stream Socket Transports => tcp, udp, unix, udg, ssl, sslv3, tls, tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3
Registered Stream Filters => string.rot13, string.toupper, string.tolower, string.strip_tags, convert.*, consumed, dechunk, bzip2.*, mcrypt.*, mdecrypt.*, zlib.*

This program makes use of the Zend Scripting Language Engine:
Zend Engine v3.4.0, Copyright (c) Zend Technologies
    with Zend OPcache v7.4.26, Copyright (c), by Zend Technologies

 _______________________________________________________________________

Configuration

bcmath

BCMath support => enabled

Directive => Local Value => Master Value
bcmath.scale => 0 => 0

bz2

BZip2 Support => Enabled
Stream Wrapper support => compress.bzip2://
Stream Filter support => bzip2.decompress, bzip2.compress
BZip2 Version => 1.0.8, 13-Jul-2019

Core

PHP Version => 7.4.26

Directive => Local Value => Master Value
allow_url_fopen => On => On
allow_url_include => Off => Off
arg_separator.input => & => &
arg_separator.output => & => &
auto_append_file => no value => no value
auto_globals_jit => On => On
auto_prepend_file => no value => no value
browscap => no value => no value
default_charset => UTF-8 => UTF-8
default_mimetype => text/html => text/html
disable_classes => no value => no value
disable_functions => no value => no value
display_errors => STDOUT => STDOUT
display_startup_errors => On => On
doc_root => no value => no value
docref_ext => no value => no value
docref_root => no value => no value
enable_dl => On => On
enable_post_data_reading => On => On
error_append_string => no value => no value
error_log => /tmp/PHP_errors.log => /tmp/PHP_errors.log
error_prepend_string => no value => no value
error_reporting => 5 => 5
expose_php => Off => Off
extension_dir => /usr/local/lib/php/20190902/ => /usr/local/lib/php/20190902/
file_uploads => On => On
hard_timeout => 2 => 2
highlight.comment => <font style="color: #FF8000">#FF8000</font> => <font style="color: #FF8000">#FF8000</font>
highlight.default => <font style="color: #0000BB">#0000BB</font> => <font style="color: #0000BB">#0000BB</font>
highlight.html => <font style="color: #000000">#000000</font> => <font style="color: #000000">#000000</font>
highlight.keyword => <font style="color: #007700">#007700</font> => <font style="color: #007700">#007700</font>
highlight.string => <font style="color: #DD0000">#DD0000</font> => <font style="color: #DD0000">#DD0000</font>
html_errors => Off => Off
ignore_repeated_errors => Off => Off
ignore_repeated_source => Off => Off
ignore_user_abort => Off => Off
implicit_flush => On => On
include_path => .:/etc/inc:/usr/local/pfSense/include:/usr/local/pfSense/include/www:/usr/local/www:/usr/local/captiveportal:/usr/local/pkg:/usr/local/www/classes:/usr/local/www/classes/Form:/usr/local/share/pear:/usr/local/share/openssl_x509_crl/ => .:/etc/inc:/usr/local/pfSense/include:/usr/local/pfSense/include/www:/usr/local/www:/usr/local/captiveportal:/usr/local/pkg:/usr/local/www/classes:/usr/local/www/classes/Form:/usr/local/share/pear:/usr/local/share/openssl_x509_crl/
input_encoding => no value => no value
internal_encoding => no value => no value
log_errors => On => On
log_errors_max_len => 1024 => 1024
mail.add_x_header => Off => Off
mail.force_extra_parameters => no value => no value
mail.log => no value => no value
max_execution_time => 0 => 0
max_file_uploads => 20 => 20
max_input_nesting_level => 64 => 64
max_input_time => -1 => -1
max_input_vars => 5000 => 5000
memory_limit => 128M => 128M
open_basedir => no value => no value
output_buffering => 0 => 0
output_encoding => no value => no value
output_handler => no value => no value
post_max_size => 200M => 200M
precision => 14 => 14
realpath_cache_size => 4096K => 4096K
realpath_cache_ttl => 120 => 120
register_argc_argv => On => On
report_memleaks => On => On
report_zend_debug => Off => Off
request_order => no value => no value
sendmail_from => no value => no value
sendmail_path => /usr/sbin/sendmail -t -i => /usr/sbin/sendmail -t -i
serialize_precision => -1 => -1
short_open_tag => On => On
SMTP => localhost => localhost
smtp_port => 25 => 25
sys_temp_dir => no value => no value
syslog.facility => LOG_USER => LOG_USER
syslog.filter => no-ctrl => no-ctrl
syslog.ident => php => php
track_errors => Off => Off
unserialize_callback_func => no value => no value
upload_max_filesize => 200M => 200M
upload_tmp_dir => /tmp => /tmp
user_dir => no value => no value
user_ini.cache_ttl => 300 => 300
user_ini.filename => .user.ini => .user.ini
variables_order => GPCS => GPCS
xmlrpc_error_number => 0 => 0
xmlrpc_errors => Off => Off
zend.assertions => 1 => 1
zend.detect_unicode => On => On
zend.enable_gc => On => On
zend.exception_ignore_args => Off => Off
zend.multibyte => Off => Off
zend.script_encoding => no value => no value
zend.signal_check => Off => Off

ctype

ctype functions => enabled

curl

cURL support => enabled
cURL Information => 7.80.0
Age => 9
Features
AsynchDNS => Yes
CharConv => No
Debug => No
GSS-Negotiate => No
IDN => No
IPv6 => Yes
krb4 => No
Largefile => Yes
libz => Yes
NTLM => Yes
NTLMWB => Yes
SPNEGO => Yes
SSL => Yes
SSPI => No
TLS-SRP => Yes
HTTP2 => Yes
GSSAPI => Yes
KERBEROS5 => Yes
UNIX_SOCKETS => Yes
PSL => No
HTTPS_PROXY => Yes
MULTI_SSL => No
BROTLI => No
Protocols => dict, file, ftp, ftps, gopher, gophers, http, https, imap, imaps, pop3, pop3s, rtsp, scp, sftp, smtp, smtps, telnet, tftp
Host => amd64-portbld-freebsd12.3
SSL Version => OpenSSL/1.1.1l
ZLib Version => 1.2.11
libSSH Version => libssh2/1.9.0

Directive => Local Value => Master Value
curl.cainfo => no value => no value

date

date/time support => enabled
timelib version => 2018.04
"Olson" Timezone Database Version => 2021.3
Timezone Database => internal
Default timezone => Etc/UTC

Directive => Local Value => Master Value
date.default_latitude => 31.7667 => 31.7667
date.default_longitude => 35.2333 => 35.2333
date.sunrise_zenith => 90.583333 => 90.583333
date.sunset_zenith => 90.583333 => 90.583333
date.timezone => Etc/UTC => Etc/UTC

dom

DOM/XML => enabled
DOM/XML API Version => 20031129
libxml Version => 2.9.12
HTML Support => enabled
XPath Support => enabled
XPointer Support => enabled
Schema Support => enabled
RelaxNG Support => enabled

filter

Input Validation and Filtering => enabled

Directive => Local Value => Master Value
filter.default => unsafe_raw => unsafe_raw
filter.default_flags => no value => no value

gettext

GetText Support => enabled

hash

hash support => enabled
Hashing Engines => md2 md4 md5 sha1 sha224 sha256 sha384 sha512/224 sha512/256 sha512 sha3-224 sha3-256 sha3-384 sha3-512 ripemd128 ripemd160 ripemd256 ripemd320 whirlpool tiger128,3 tiger160,3 tiger192,3 tiger128,4 tiger160,4 tiger192,4 snefru snefru256 gost gost-crypto adler32 crc32 crc32b crc32c fnv132 fnv1a32 fnv164 fnv1a64 joaat haval128,3 haval160,3 haval192,3 haval224,3 haval256,3 haval128,4 haval160,4 haval192,4 haval224,4 haval256,4 haval128,5 haval160,5 haval192,5 haval224,5 haval256,5 

intl

Internationalization support => enabled
ICU version => 70.1
ICU Data version => 70.1
ICU TZData version => 2021a3
ICU Unicode version => 14.0

Directive => Local Value => Master Value
intl.default_locale => no value => no value
intl.error_level => 0 => 0
intl.use_exceptions => 0 => 0

json

json support => enabled

ldap

LDAP Support => enabled
Total Links => 0/unlimited
API Version => 3001
Vendor Name => OpenLDAP
Vendor Version => 20459
SASL Support => Enabled

Directive => Local Value => Master Value
ldap.max_links => Unlimited => Unlimited

libxml

libXML support => active
libXML Compiled Version => 2.9.12
libXML Loaded Version => 20912
libXML streams => enabled

mbstring

Multibyte Support => enabled
Multibyte string engine => libmbfl
HTTP input encoding translation => disabled
libmbfl version => 1.3.2

mbstring extension makes use of "streamable kanji code filter and converter", which is distributed under the GNU Lesser General Public License version 2.1.

Multibyte (japanese) regex support => enabled
Multibyte regex (oniguruma) version => 6.9.7

Directive => Local Value => Master Value
mbstring.detect_order => no value => no value
mbstring.encoding_translation => Off => Off
mbstring.func_overload => 0 => 0
mbstring.http_input => no value => no value
mbstring.http_output => no value => no value
mbstring.http_output_conv_mimetypes => ^(text/|application/xhtml\+xml) => ^(text/|application/xhtml\+xml)
mbstring.internal_encoding => no value => no value
mbstring.language => neutral => neutral
mbstring.regex_retry_limit => 1000000 => 1000000
mbstring.regex_stack_limit => 100000 => 100000
mbstring.strict_detection => Off => Off
mbstring.substitute_character => no value => no value

mcrypt

mcrypt support => enabled
mcrypt_filter support => enabled
Version => 2.5.8
Api No => 20021217
Supported ciphers => cast-128 gost rijndael-128 twofish arcfour cast-256 loki97 rijndael-192 saferplus wake blowfish-compat des rijndael-256 serpent xtea blowfish enigma rc2 tripledes 
Supported modes => cbc cfb ctr ecb ncfb nofb ofb stream 

Directive => Local Value => Master Value
mcrypt.algorithms_dir => no value => no value
mcrypt.modes_dir => no value => no value

mysqlnd

mysqlnd => enabled
Version => mysqlnd 7.4.26
Compression => supported
core SSL => supported
extended SSL => not supported
Command buffer size => 4096
Read buffer size => 32768
Read timeout => 86400
Collecting statistics => Yes
Collecting memory statistics => No
Tracing => n/a
Loaded plugins => mysqlnd,debug_trace,auth_plugin_mysql_native_password,auth_plugin_mysql_clear_password
API Extensions =>  

openssl

OpenSSL support => enabled
OpenSSL Library Version => OpenSSL 1.1.1l-freebsd  24 Aug 2021
OpenSSL Header Version => OpenSSL 1.1.1l-freebsd  24 Aug 2021
Openssl default config => /etc/ssl/openssl.cnf

Directive => Local Value => Master Value
openssl.cafile => no value => no value
openssl.capath => no value => no value

pcntl

pcntl support => enabled

pcre

PCRE (Perl Compatible Regular Expressions) Support => enabled
PCRE Library Version => 10.35 2020-05-09
PCRE Unicode Version => 13.0.0
PCRE JIT Support => enabled
PCRE JIT Target => x86 64bit (little endian + unaligned)

Directive => Local Value => Master Value
pcre.backtrack_limit => 1000000 => 1000000
pcre.jit => 1 => 1
pcre.recursion_limit => 100000 => 100000

PDO

PDO support => enabled
PDO drivers => sqlite

pdo_sqlite

PDO Driver for SQLite 3.x => enabled
SQLite Library => 3.35.5

pfSense

Version => 1.0

posix

POSIX support => enabled

radius

radius support => enabled
version => 1.4.0b1

readline

Readline Support => enabled
Readline library => 8.1

Directive => Local Value => Master Value
cli.pager => no value => no value
cli.prompt => \b \>  => \b \> 

Reflection

Reflection => enabled

rrd

rrd tool module => enabled
rrd tool module version => 2.0.1
rrdtool library version => 1.7.2

session

Session Support => enabled
Registered save handlers => files user 
Registered serializer handlers => php_serialize php php_binary 

Directive => Local Value => Master Value
session.auto_start => Off => Off
session.cache_expire => 180 => 180
session.cache_limiter => nocache => nocache
session.cookie_domain => no value => no value
session.cookie_httponly => 0 => 0
session.cookie_lifetime => 0 => 0
session.cookie_path => / => /
session.cookie_samesite => no value => no value
session.cookie_secure => 0 => 0
session.gc_divisor => 100 => 100
session.gc_maxlifetime => 1440 => 1440
session.gc_probability => 1 => 1
session.lazy_write => On => On
session.name => PHPSESSID => PHPSESSID
session.referer_check => no value => no value
session.save_handler => files => files
session.save_path => no value => no value
session.serialize_handler => php => php
session.sid_bits_per_character => 4 => 4
session.sid_length => 32 => 32
session.upload_progress.cleanup => On => On
session.upload_progress.enabled => On => On
session.upload_progress.freq => 1% => 1%
session.upload_progress.min_freq => 1 => 1
session.upload_progress.name => PHP_SESSION_UPLOAD_PROGRESS => PHP_SESSION_UPLOAD_PROGRESS
session.upload_progress.prefix => upload_progress_ => upload_progress_
session.use_cookies => 1 => 1
session.use_only_cookies => 1 => 1
session.use_strict_mode => 0 => 0
session.use_trans_sid => 0 => 0

shmop

shmop support => enabled

SimpleXML

SimpleXML support => enabled
Schema support => enabled

sockets

Sockets Support => enabled

SPL

SPL support => enabled
Interfaces => OuterIterator, RecursiveIterator, SeekableIterator, SplObserver, SplSubject
Classes => AppendIterator, ArrayIterator, ArrayObject, BadFunctionCallException, BadMethodCallException, CachingIterator, CallbackFilterIterator, DirectoryIterator, DomainException, EmptyIterator, FilesystemIterator, FilterIterator, GlobIterator, InfiniteIterator, InvalidArgumentException, IteratorIterator, LengthException, LimitIterator, LogicException, MultipleIterator, NoRewindIterator, OutOfBoundsException, OutOfRangeException, OverflowException, ParentIterator, RangeException, RecursiveArrayIterator, RecursiveCachingIterator, RecursiveCallbackFilterIterator, RecursiveDirectoryIterator, RecursiveFilterIterator, RecursiveIteratorIterator, RecursiveRegexIterator, RecursiveTreeIterator, RegexIterator, RuntimeException, SplDoublyLinkedList, SplFileInfo, SplFileObject, SplFixedArray, SplHeap, SplMinHeap, SplMaxHeap, SplObjectStorage, SplPriorityQueue, SplQueue, SplStack, SplTempFileObject, UnderflowException, UnexpectedValueException

sqlite3

SQLite3 support => enabled
SQLite Library => 3.35.5

Directive => Local Value => Master Value
sqlite3.defensive => 1 => 1
sqlite3.extension_dir => no value => no value

standard

Dynamic Library Support => enabled
Path to sendmail => /usr/sbin/sendmail -t -i

Directive => Local Value => Master Value
assert.active => 1 => 1
assert.bail => 0 => 0
assert.callback => no value => no value
assert.exception => 0 => 0
assert.quiet_eval => 0 => 0
assert.warning => 1 => 1
auto_detect_line_endings => 0 => 0
default_socket_timeout => 60 => 60
from => no value => no value
session.trans_sid_hosts => no value => no value
session.trans_sid_tags => a=href,area=href,frame=src,form= => a=href,area=href,frame=src,form=
unserialize_max_depth => 4096 => 4096
url_rewriter.hosts => no value => no value
url_rewriter.tags => form= => form=
user_agent => no value => no value

sysvmsg

sysvmsg support => enabled

sysvsem

sysvsem support => enabled

sysvshm

sysvshm support => enabled

tokenizer

Tokenizer Support => enabled

xml

XML Support => active
XML Namespace Support => active
libxml2 Version => 2.9.12

xmlreader

XMLReader => enabled

xmlwriter

XMLWriter => enabled

Zend OPcache

Opcode Caching => Disabled
Optimization => Disabled
SHM Cache => Enabled
File Cache => Disabled
Startup Failed => Opcode Caching is disabled for CLI

Directive => Local Value => Master Value
opcache.blacklist_filename => no value => no value
opcache.consistency_checks => 0 => 0
opcache.dups_fix => Off => Off
opcache.enable => On => On
opcache.enable_cli => Off => Off
opcache.enable_file_override => Off => Off
opcache.error_log => no value => no value
opcache.file_cache => no value => no value
opcache.file_cache_consistency_checks => On => On
opcache.file_cache_only => Off => Off
opcache.file_update_protection => 2 => 2
opcache.force_restart_timeout => 180 => 180
opcache.huge_code_pages => Off => Off
opcache.interned_strings_buffer => 8 => 8
opcache.lockfile_path => /tmp => /tmp
opcache.log_verbosity_level => 1 => 1
opcache.max_accelerated_files => 10000 => 10000
opcache.max_file_size => 0 => 0
opcache.max_wasted_percentage => 5 => 5
opcache.memory_consumption => 50 => 50
opcache.opt_debug_level => 0 => 0
opcache.optimization_level => 0x7FFEBFFF => 0x7FFEBFFF
opcache.preferred_memory_model => no value => no value
opcache.preload => no value => no value
opcache.preload_user => no value => no value
opcache.protect_memory => Off => Off
opcache.restrict_api => no value => no value
opcache.revalidate_freq => 2 => 2
opcache.revalidate_path => Off => Off
opcache.save_comments => On => On
opcache.use_cwd => On => On
opcache.validate_permission => Off => Off
opcache.validate_root => Off => Off
opcache.validate_timestamps => On => On

zlib

ZLib Support => enabled
Stream Wrapper => compress.zlib://
Stream Filter => zlib.inflate, zlib.deflate
Compiled Version => 1.2.11
Linked Version => 1.2.11

Directive => Local Value => Master Value
zlib.output_compression => Off => Off
zlib.output_compression_level => 1 => 1
zlib.output_handler => no value => no value

Additional Modules

Module Name

Environment

Variable => Value
SSH_CLIENT => 192.168.1.250 42748 22
LOGNAME => admin
MAIL => /var/mail/admin
PATH => /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/root/bin
PWD => /root
TERM => xterm-256color
SSH_TTY => /dev/pts/0
HOME => /root
USER => admin
SSH_CONNECTION => 192.168.1.250 42748 192.168.1.1 22
SHELL => /etc/rc.initial
BLOCKSIZE => K
HOSTTYPE => FreeBSD
VENDOR => amd
OSTYPE => FreeBSD
MACHTYPE => x86_64
SHLVL => 1
GROUP => wheel
HOST => pfSense.home.arpa
REMOTEHOST => 192.168.1.250
CLICOLOR => true
LSCOLORS => exfxcxdxbxegedabagacad

PHP Variables

Variable => Value
$_SERVER['SSH_CLIENT'] => 192.168.1.250 42748 22
$_SERVER['LOGNAME'] => admin
$_SERVER['MAIL'] => /var/mail/admin
$_SERVER['PATH'] => /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/root/bin
$_SERVER['PWD'] => /root
$_SERVER['TERM'] => xterm-256color
$_SERVER['SSH_TTY'] => /dev/pts/0
$_SERVER['HOME'] => /root
$_SERVER['USER'] => admin
$_SERVER['SSH_CONNECTION'] => 192.168.1.250 42748 192.168.1.1 22
$_SERVER['SHELL'] => /etc/rc.initial
$_SERVER['BLOCKSIZE'] => K
$_SERVER['HOSTTYPE'] => FreeBSD
$_SERVER['VENDOR'] => amd
$_SERVER['OSTYPE'] => FreeBSD
$_SERVER['MACHTYPE'] => x86_64
$_SERVER['SHLVL'] => 1
$_SERVER['GROUP'] => wheel
$_SERVER['HOST'] => pfSense.home.arpa
$_SERVER['REMOTEHOST'] => 192.168.1.250
$_SERVER['CLICOLOR'] => true
$_SERVER['LSCOLORS'] => exfxcxdxbxegedabagacad
$_SERVER['PHP_SELF'] => 
$_SERVER['SCRIPT_NAME'] => 
$_SERVER['SCRIPT_FILENAME'] => 
$_SERVER['PATH_TRANSLATED'] => 
$_SERVER['DOCUMENT_ROOT'] => 
$_SERVER['REQUEST_TIME_FLOAT'] => 1707320905.2722
$_SERVER['REQUEST_TIME'] => 1707320905
$_SERVER['argv'] => Array
(
)

$_SERVER['argc'] => 0

PHP License
This program is free software; you can redistribute it and/or modify
it under the terms of the PHP License as published by the PHP Group
and included in the distribution in the file:  LICENSE

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

If you did not receive a copy of the PHP license, or have any
questions about PHP licensing, please contact license@php.net.

[opoplawski]

I think there has to be something strange about your setup - which is unusual and making use of old versions of ansible and pfsense. I can't reproduce it with pfSense 2.6.0. I'd be open to some validation of the output returned, but not all valid JSON starts and ends with braces, so your proposed solution doesn't look correct to me.

[NeonixRIT]

That's fair. My initial solution breaks other modules that use the php function where the returned json doesn't start and end with {} like pfsense_interface. Perhaps a custom JSONDecoder or error handling that increments the start of stdout until line 1 column 1 (char 0) is valid, or stripping invalid characters from the start and end would be better solutions.