Hello,
what is the preferred way to customize the firewall configuration of the firewall snap during a third party snap installation?
I have not found a REST API for the installed firewall app on in the API references.
Do I need to manually customize the nftables.conf file in the app data?
Thanks
Hi WofgangDannert,
we are looking for a description, should be in the description, but seems there is a bug.
Editing the file is allowed, but as it is not the way we suggest there is no description.
In the meantime you can look into reverse engineering by pressing F12 in your browser while creating your rules in the WebUI.
Some first command look like this:
GET Tables
Â
GET https://{{Host}}/firewall/api/v2/families/ip/tablesÂ
GET Chains
Â
GET https://{{Host}}/firewall/api/v2/families/ip/tablesÂ
GET Rule
Â
https://{{Host}}/firewall/api/v2/families/ip/tables/{{firewalltableid}}/chains/{{firewallchainid}}/rulesÂ
POST Create Chain
Â
https://{{Host}}/firewall/api/v2/families/ip/tables/{{firewalltableid}}/chains
Body
{
"hook": "prerouting",
"name": "MyNetmap",
"tableId": "awvLHaxkYan9LqsYiYcuvk",
"id": "id",
"family": "ip",
"priority": 200,
"type": "nat",
"policy": "accept"
}Â
 POST Create Rule
Â
https://{{Host}}/firewall/api/v2/families/ip/tables/{{firewalltableid}}/chains/{{firewallchainid}}/rules
Body
{
"chainId": "{{firewallchainid}}",
"name": "MapIPaddress{{ipoctet}}",
"tableId": "{{firewalltableid}}",
"action": "",
"comment": "MapIPaddressRangebyDNAT",
"handle": 0,
"id": "",
"family": "ip",
"expressions": [
{
"left": {
"field": "daddr",
"protocol": "ip",
"type": "payload"
},
"operation": "==",
"right": "192.168.5.{{ipoctet}}",
"type": "match"
},
{
"addr": "192.168.2.{{ipoctet}}",
"type": "dnat"
}
]
}Â