OPNSense MCP Server

toggle_firewall_rule

Enable or disable a specific firewall rule on the OPNSense MCP Server by providing the rule's UUID. Simplifies firewall management for network security.

Instructions

Toggle firewall rule enabled/disabled

Input Schema

TableJSON Schema

Name	Required	Description	Default
`uuid`	Yes	Firewall rule UUID

Implementation Reference

src/plugins/core/core-firewall/index.ts:415-444 (handler)

Handler function for the firewall_toggle_rule tool. Calls OPNsense API to toggle the rule status, applies changes, emits event, updates cache, and returns success status.

private async toggleRule(params: { uuid: string }): Promise<any> {
  try {
    const response = await this.api.post(`/api/firewall/filter/toggleRule/${params.uuid}`);

    if (response.data?.result === 'saved') {
      // Apply changes
      await this.applyChanges({});

      // Emit event
      this.emit('firewall.rule.toggled', {
        uuid: params.uuid,
        enabled: response.data.enabled,
      });

      // Invalidate cache
      this.ruleCache.delete(params.uuid);

      return {
        success: true,
        enabled: response.data.enabled === '1',
        message: 'Firewall rule toggled successfully',
      };
    }

    throw new Error('Failed to toggle firewall rule');
  } catch (error) {
    this.logger.error(`Error toggling firewall rule ${params.uuid}:`, error);
    throw error;
  }
}

src/plugins/core/core-firewall/index.ts:168-181 (registration)

Registers the 'firewall_toggle_rule' MCP tool in the plugin's getTools() method, specifying name, description, input schema (requires uuid), and binds to toggleRule handler.

  name: 'firewall_toggle_rule',
  description: 'Toggle a firewall rule enabled/disabled',
  inputSchema: {
    type: 'object',
    properties: {
      uuid: {
        type: 'string',
        description: 'Rule UUID',
      },
    },
    required: ['uuid'],
  },
  handler: this.toggleRule.bind(this),
},

src/plugins/core/core-firewall/index.ts:170-179 (schema)

Input schema for firewall_toggle_rule tool requiring a single 'uuid' string property.

inputSchema: {
  type: 'object',
  properties: {
    uuid: {
      type: 'string',
      description: 'Rule UUID',
    },
  },
  required: ['uuid'],
},

src/resources/firewall/rule.ts:404-412 (helper)

Supporting toggle method in FirewallRuleResource class that retrieves rule, flips enabled state, and updates it. Used in scripts but not directly in MCP plugin handler.

async toggle(uuid: string): Promise<boolean> {
  const rule = await this.get(uuid);
  if (!rule) {
    throw new Error(`Firewall rule ${uuid} not found`);
  }

  const newState = rule.enabled === '1' ? '0' : '1';
  return this.update(uuid, { enabled: newState });
}

Tool Definition Quality

C2.9/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries full burden but offers minimal behavioral insight. It implies a mutation (toggle) but doesn't disclose critical details: whether this requires admin permissions, if changes are immediate or require a restart, potential side effects on network traffic, or error handling. For a security-related mutation tool, this lack of transparency is a significant gap.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, efficient sentence with zero waste. It's front-loaded with the core action and resource, making it immediately understandable. Every word earns its place by conveying essential information without redundancy.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a mutation tool with no annotations and no output schema, the description is incomplete. It lacks context on permissions, side effects, return values, or error conditions. Given the complexity of firewall operations and the absence of structured safety hints, more behavioral disclosure is needed to adequately guide an AI agent.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, with the single parameter 'uuid' clearly documented in the schema as 'Firewall rule UUID'. The description adds no additional parameter semantics beyond what the schema provides, such as format examples or where to obtain the UUID. Baseline 3 is appropriate given the schema does the heavy lifting.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the action ('toggle') and resource ('firewall rule'), specifying it changes between enabled/disabled states. It distinguishes from siblings like 'create_firewall_rule', 'delete_firewall_rule', and 'update_firewall_rule' by focusing on state change rather than creation, deletion, or modification of rule properties.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

No guidance is provided on when to use this tool versus alternatives. It doesn't mention prerequisites (e.g., needing an existing rule UUID), when not to use it, or how it differs from similar tools like 'update_firewall_rule' which might also affect rule states. The description only states what it does, not when to apply it.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Related Tools

update_firewall_ruleC
@vespo92/OPNSenseMCP
toggle_blocklist_entryB
@vespo92/OPNSenseMCP
delete_firewall_ruleC
@vespo92/OPNSenseMCP
list_firewall_rulesC
@vespo92/OPNSenseMCP
get_firewall_ruleC
@vespo92/OPNSenseMCP
create_firewall_ruleC
@vespo92/OPNSenseMCP

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/vespo92/OPNSenseMCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server