pridkett
commented
2 weeks ago Confirmed that I'm seeing the same thing. I'm going to start digging into this and see if I can figure out what is going on.
Closed charlestephen closed 1 week ago
pridkett
commented
2 weeks ago Confirmed that I'm seeing the same thing. I'm going to start digging into this and see if I can figure out what is going on.
charlestephen
commented
2 weeks ago Seems this is the issue: https://community.ui.com/questions/Controller-API-on-UCG-Ultra-returns-403-forbidden-on-PUT-POST-methods/57a77a5f-350a-40b2-bd68-39d596969586?page=1
I can confirm that using Postman with the x-csrf-token set it works correctly. Not exactly sure how to fix that in the code but definitely willing to learn if it helps at all. Gonna do some reading on Go this weekend.
pridkett
commented
2 weeks ago Thanks for the pointer. That helped me to figure out the problem. I was grabbing the X-CSRF-Token on each request to the Unifi console, but there were times when the token was null. This would result in inadvertently wiping out the value of the X-CSRF-Token.
I've got a fix working locally, let me wrap it up and do some tests, but it's looking good.
charlestephen
commented
2 weeks ago Oh, good. Your fix is probably more elegant than mine. I was going to submit a pull request as I simply reauthenticated before each UnifiUpdateFirewallGroup call (this is my first time coding anything in go), which worked and I was able to import about 7000 IPs that I’m now blocking.
I can’t get it to update groups on a UniFi Cloud Gateway Ultra for some reason. It logs in and is definitely doing the DNS lookups but seems to fail at the “Updating firewall group ‘Group Name’ with n hosts” step. The group exists but nothing is changed.