mcp-opnsense

opnsense_diag_log_gateways

Retrieve OPNsense gateway monitoring log entries to debug WAN and gateway health issues. Specify the number of log entries to return.

Instructions

Retrieve recent OPNsense gateway monitoring (dpinger) log entries — useful for WAN/gateway health debugging.

Input Schema

TableJSON Schema

Name	Required	Description	Default
`limit`	No	Number of log entries (1-5000, default 500)

Implementation Reference

src/tools/diagnostics.ts:415-419 (handler)

Handler for opnsense_diag_log_gateways: parses args with LogQuerySchema, calls fetchLogWithFallback with category 'gateways', and returns the result as JSON.

case "opnsense_diag_log_gateways": {
  const parsed = LogQuerySchema.parse(args);
  const result = await fetchLogWithFallback(client, "gateways", parsed.limit);
  return { content: [{ type: "text", text: JSON.stringify(result, null, 2) }] };
}

src/tools/diagnostics.ts:33-35 (schema)
LogQuerySchema used for input validation: optional 'limit' (coerced number, 1-5000, default 500).
```
const LogQuerySchema = z.object({
  limit: z.coerce.number().int().min(1).max(5000).optional().default(500),
});
```

src/tools/diagnostics.ts:154-163 (registration)

Tool definition registration in diagnosticsToolDefinitions array, with name, description, and inputSchema for ListTools response.

{
  name: "opnsense_diag_log_gateways",
  description: "Retrieve recent OPNsense gateway monitoring (dpinger) log entries — useful for WAN/gateway health debugging.",
  inputSchema: {
    type: "object" as const,
    properties: {
      limit: { type: "number", description: "Number of log entries (1-5000, default 500)" },
    },
  },
},

src/tools/diagnostics.ts:207-251 (helper)

fetchLogWithFallback helper: tries multiple API endpoint variants (GET /diagnostics/log/gateways, POST /diagnostics/log/gateways/search, GET /diagnostics/log/core/gateways) with fallback logic to retrieve gateway log entries.

async function fetchLogWithFallback(
  client: OPNsenseClient,
  category: string,
  limit: number,
): Promise<unknown> {
  type Variant = { method: "get" | "post"; path: string; body?: unknown };
  const variants: Variant[] = [
    { method: "get", path: `/diagnostics/log/${category}?limit=${limit}` },
    {
      method: "post",
      path: `/diagnostics/log/${category}/search`,
      body: { current: 1, rowCount: limit, sort: {}, searchPhrase: "" },
    },
    { method: "get", path: `/diagnostics/log/core/${category}?limit=${limit}` },
  ];

  let lastResult: unknown = null;
  let lastError: unknown = null;

  for (const variant of variants) {
    try {
      const result =
        variant.method === "get"
          ? await client.get<unknown>(variant.path)
          : await client.post<unknown>(variant.path, variant.body);

      // A non-empty payload wins. Treat the result as non-empty if:
      //   - array with length > 0
      //   - object with rows[].length > 0
      //   - object with any other non-empty data field
      if (isNonEmptyLogPayload(result)) {
        return result;
      }
      lastResult = result;
    } catch (error) {
      lastError = error;
      // Endpoint not present (404) → keep trying. Other errors propagate
      // only if every variant fails.
    }
  }

  if (lastResult !== null) return lastResult;
  if (lastError) throw lastError;
  return [];
}

src/index.ts:61-61 (registration)
Registers handleDiagnosticsTool as the handler for all diagnostics tools (including opnsense_diag_log_gateways) in the toolHandlers map.
```
for (const def of diagnosticsToolDefinitions) toolHandlers.set(def.name, handleDiagnosticsTool);
```

Tool Definition Quality

A3.6/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations provided, so description carries full burden. Only mentions 'recent' entries but lacks details on safety (read-only), side effects, or rate limits. Minimal behavioral disclosure.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Focused single sentence with no extraneous words. Front-loaded with the key action and resource.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Adequate for a simple log retrieval tool with one parameter. Could hint at output format but not critical given the tool's straightforward nature.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100% for the single parameter 'limit', with a clear description in the schema. Description does not add additional meaning beyond what the schema already provides.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

Description clearly states the action ('Retrieve'), resource ('gateway monitoring log entries'), and purpose ('WAN/gateway health debugging'). It distinguishes from sibling log tools like opnsense_diag_log_resolver by specifying the gateway/dpinger source.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Implied usage for gateway health debugging but no explicit guidance on when to use this versus other diagnostic tools or when not to use it.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/itunified-io/mcp-opnsense'

If you have feedback or need assistance with the MCP directory API, please join our Discord server