pfSense API v1.5.4

Fixes

• Fixes issue on GET /api/v1/system/certificate that unexpectedly returned the parent cert key in the data section of API responses. #357
• Fixes issue on GET /api/v1/system/ca that unexpectedly returned the parent ca key in the data section of API responses. #357
• Adds missing documentation for server_addr field on POST and PUT /api/v1/services/openvpn/client. #360

Changes

• Loosen type matching for top field on NAT rules. #352
• Bumps php-jwt dependency to v6.7.0. #356

Full Changelog: v1.5.3...v1.5.4

pfSense API v1.6.0_deved94c44

Development builds for pfSense 2.7.0-DEVELOPMENT, pfSense Plus 23.01-RELEASE and pfSense Plus 23.05-RELEASE

• Adds development build for pfSense Plus 23.05-RELEASE

pfSense API v1.5.3

Fixes

• Fixes syntax of outbound NAT mapping port ranges during creation and updates (#327, #330)

Full Changelog: v1.5.2...v1.5.3

pfSense API v1.5.2

Fixes

• Bumps php-jwt version to 6.3.2 (#305)
• Fixes issue that prevented CPU usage from being determined accurately
• Fixes issue that sometimes prevented API queries from matching correctly (#317)

Full Changelog: v1.5.1...v1.5.2

pfSense-API v1.6.0_devc01a130

Development builds for pfSense 2.7.0-DEVELOPMENT and pfSense Plus 23.01-RELEASE.

• Adds overrides/support for pfSense Plus 23.01-RELEASE
• Adds cpu_count metric to GET /api/v1/status/system

pfSense-API v1.6.0_dev04a9ad6

Development builds for pfSense 2.7.0-DEVELOPMENT and pfSense Plus 23.01-BETA.

• Fixes file overrides for pfSense Plus 23.01-BETA
• Fixes routing error that caused tests to fail prematurely.

pfSense-API v1.6.0_dev6a331a3

Development build for pfSense 2.7.0-DEVELOPMENT.

Staged Changes

• Migrates direct configuration access to new path-based configuration access introduced in pfSense 2.7.0-DEVELOPMENT.
• Updates codebase for PHP 8.1.
• Deprecates support for pfSense 2.6.0-RELEASE and earlier.
• Increases E2E testing visibility.

pfSense API v1.5.1

Fixes

• Addresses bug that prevented HA sync peers from capturing API configuration backups when persist is enabled. (#288)
• Addresses bug that prevented API configuration backups from being captured during PUT requests to /api/v1/system/api. (#288)
• Addresses bug that prevented hasync_hosts, hasync_username, and hasync_password from being set during PUT requests to /api/v1/system/api. (#290)

Changes

• API Login Protection no longer logs successful authentication attempts by default, only failed authentication attempts. (#287)

New

• Adds the log_successful_auth field to /api/v1/system/api and System > API to optionally enable logging successful API authentication attempts. (#287)

Full Changelog: v1.5.0...v1.5.1

pfSense API v1.5.0

New

• Adds /api/v1/interface/group endpoint to create, read, update and delete interfaces groups. (#242, by @dihedral)
• Allows interface groups to be specified in /api/v1/firewall/rule creations and updates. (#241, by @dihedral)
• Adds /api/v1/services/openvpn/server endpoint. (#228, by @pincher95)
• Adds /api/v1/services/openvpn/client endpoint. (#262, by @pincher95)
• Adds /api/v1/status/ipsec endpoint to fetch IPsec tunnel status and metrics. (#245)
• Adds /api/v1/services/ipsec/phase1 to manage IPsec phase 1 entries. (#245)
• Adds /api/v1/services/ipsec/phase1/encryption to add supported encryption settings to existing IPsec phase 1 entries. (#245)
• Adds /api/v1/services/ipsec/phase2 to manage IPsec phase 2 entries. (#245)
• Adds /api/v1/services/ipsec/apply to apply pending IPsec changes. (#245)
• Adds /api/v1/status/log/settings endpoint to configure logging.
• Adds the tcpflags_any, tcpflags1, tcpflags2, statetype, and quick fields to /api/v1/firewall/rule. (#270)
• Adds the ability for multiple interfaces on floating rules via /api/v1/firewall/rule. (#260)
• Adds /api/v1/firewall/alias/advanced endpoint to configure advanced alias settings. (#204)
• Adds the /api/v1/services/service_watchdog endpoint to read and update Service Watchdog configurations. (#273)
• Adds the installed, installed_version and update_available fields to /api/v1/system/package to show whether a package is currently installed, the version installed currently, and whether updates are available.
• Adds the /api/v1/system/version/upgrade endpoint to check for available pfSense upgrades.
• Allows clients to generate API tokens via /api/v1/access_token when auth_mode is set to token. (#281)
• Integrates pfSense Login Protection into API authentication to help prevent brute-force attacks. Note: Login Protection is now enabled by default for all new installations of pfSense API. If you are upgrading or restoring from a previous installation of pfSense API, you will need to explicitly enable this setting.

Fixes

• Fixes bug in /api/v1/access_token that allowed a JWT to be obtained before the JWT server key had been created.

Changes

• Migrates to composer for dependency management and utilizes dependabot for both composer (PHP) and pip dependencies.
• Refactors /api/v1/system/package endpoint to use built-in pfSense functions instead of manually parsing pkg output.

New Contributors

• @dihedral made their first contribution in #242

Full Changelog: v1.4.3...v1.5.0

pfSense API v1.4.3

New

• Adds support for pfSense 22.05-RELEASE (AMD64).
• Adds async property to /api/v1/interface/apply to apply pending interface changes in the background. (#254)
• Adds support for GET requests to /api/v1/interface/apply to read the interface apply status. (#254)
• Adds async property to /api/v1/services/unbound/apply to apply pending DNS Resolver (Unbound) changes in the background. (#255)
• Adds support for GET requests to /api/v1/services/unbound/apply to read the DNS Resolver (Unbound) apply status. (#255)
• Adds /api/v1/services/wol/send endpoint to send a Wake-on-LAN packet. By @wuarmin. (#237)

Fixes

• Addresses issue that incorrectly allowed a port range to be specified in the local-port property of /api/v1/firewall/nat/port_forward. (#253)
• Addresses typo in documentation that incorrectly listed the /api/v1/services/openvpn/csc endpoint as /api/v1/openvpn/csc (#251)
• Addresses typo in documentation for /api/v1/system/api that wrongfully displayed the allowed_interfaces property as available_interfaces. By @robindbe. (#247, #246)

Removes

• File overrides for pfSense 2.4 as support has been deprecated since pfSense API v1.3.0.

Full Changelog: v1.4.2...v1.4.3