OPNSense MCP Server

Instructions

Implementation Reference

• src/plugins/core/core-firewall/index.ts:134-151 (registration)

  Registration of the 'firewall_update_rule' MCP tool, including name, description, input schema requiring uuid and rule object, and handler binding
  name: 'firewall_update_rule', description: 'Update an existing firewall rule', inputSchema: { type: 'object', properties: { uuid: { type: 'string', description: 'Rule UUID', }, rule: { type: 'object', description: 'Rule properties to update', }, }, required: ['uuid', 'rule'], }, handler: this.updateRule.bind(this), },
• src/plugins/core/core-firewall/index.ts:347-378 (handler)

  Handler function that updates a firewall rule via OPNsense API endpoint `/api/firewall/filter/setRule/{uuid}`, applies changes, emits 'firewall.rule.updated' event, invalidates rule cache, and returns success response or throws error.
  private async updateRule(params: { uuid: string; rule: any }): Promise<any> { try { const response = await this.api.post( `/api/firewall/filter/setRule/${params.uuid}`, { rule: params.rule } ); if (response.data?.result === 'saved') { // Apply changes await this.applyChanges({}); // Emit event this.emit('firewall.rule.updated', { uuid: params.uuid, changes: params.rule, }); // Invalidate cache this.ruleCache.delete(params.uuid); return { success: true, message: 'Firewall rule updated successfully', }; } throw new Error('Failed to update firewall rule'); } catch (error) { this.logger.error(`Error updating firewall rule ${params.uuid}:`, error); throw error; } }