pfSense API v1.8.0

Note

This release brings basic support for pfSense Plus 24.11 and other bug fixes. While testing suggests this build is stable on pfSense Plus 24.11, it is still recommended you take a ZFS snapshot before upgrading to pfSense Plus 24.11 and installing the package. Unlike pfSense CE, compatibility between this package and pfSense Plus greatly depends on the community. If you experience any compatibility issues with this package on pfSense Plus 24.11, please open an issue.

New

• Adds support for pfSense Plus 24.11 (#610, #611)

Fixes

• Addresses an issue where the /api/v1/system/certificate endpoint's active field was being ignored.
• Fixes minor build issues on FreeBSD 15.

Full Changelog: v1.7.6...v1.8.0

pfSense REST API v2.3.0

Note

This release brings basic support for pfSense Plus 24.11, some new features and other bug fixes. While testing suggests this build is stable on pfSense Plus 24.11, it is still recommended you take a ZFS snapshot before upgrading to pfSense Plus 24.11 and installing the package. Unlike pfSense CE, compatibility between this package and pfSense Plus greatly depends on the community. If you experience any compatibility issues with this package on pfSense Plus 24.11, please open an issue.

New

• Adds support for pfSense Plus 24.11 (#610, #611)
• Adds new endpoints and model for managing LAGG interfaces (#615)
• Adds new endpoints and model for managing GRE tunnel interfaces (#156)
• Adds support for the CARP unicast mode on pfSense Plus (#424)

Fixes

• Fixes an issue that prevented the packaged from determining a user's assigned privileges on pfSense Plus 24.11 (#610, #611)
• Fixes minor build issues on FreeBSD 15
• Fixes numerous issues with invalid configuration accessors on pfSense 24.11 (#610, #611)
• Fixes an issue that caused all NetworkInterface objects to be reloaded during each DHCPServer object construction
• Fixes an issue that could result in the PHP memory limit being exceeded when Model objects were serialized (#616, #617)
• Removes the required attribute from the CertificateAuthrority's prv field (#605)
• Fixes an issue that prevented Certificates from being relinked to their CertificateAuthority during import (#605)
• Fixes an issue in the GatewayGroup model that could result in a error being raised if a gateway was assigned that is not actively in config (#603)
• Fixes an issue that prevented nested aliases from being used as address values in PUT /api/v2/firewall/aliases (#619)

New Contributors

• @war59312 made their first contribution in #613

Full Changelog: v2.2.2...v2.3.0

pfSense API v1.8.0-dev-aa40a2c

Important

This is a very early build that only contains very minimal changes to allow the package to be installed and operate at a fundamental level on pfSense Plus 24.11. There are still bugs and other issues present that need to be addressed before it can be considered stable on pfSense Plus 24.11. Testing from the community is needed!

New

• Implements basic compatibility with pfSense Plus 24.11. (#610, #611)

Full Changelog: v1.7.6...v1.8.0-dev-aa40a2c

pfSense REST API v2.3.0-dev-96ab4c0

Important

This is a very early build that only contains very minimal changes to allow the package to be installed and operate at a fundamental level on pfSense Plus 24.11. There are still bugs and other issues present that need to be addressed before it can be considered stable on pfSense Plus 24.11. Testing from the community is needed!

New

• Implements basic compatibility with pfSense Plus 24.11. (#610, #611)

Full Changelog: v2.2.2...v2.3.0-dev-96ab4c0

pfSense REST API v2.2.2

Fixes

• Reduces the minimum requirement for WireGuardPeerAllowedIP mask field from 1 to 0. #595
• Prevents a warning that would occur when pfSense-repoc is called with the package installed. #588

Changes

• Tests have been removed from full release builds of the package. #588

Full Changelog: v2.2.1...v2.2.2

pfSense REST API v2.2.1

New

• Adds the override_sensitive_fields REST API setting to allow admins to override field's sensitive property. #582
• Add auto as a choice for the IPsecPhase1 myid_type and peerid_type fields. #584

Fixes

• Increases the maximum number of queued API sync processes to 1024. fd4471a
• Sort DHCPServerStaticMappings by ipaddr #583
• Fixes an issue that prevented the package from being built on FreeBSD versions that no longer have upstream port tree support. 39d017b

Full Changelog: v2.2.0...v2.2.1

pfSense REST API v2.2.0

New Features

• Introduced a new GraphQL API at /api/v2/graphql.
• Added /api/v2/services/bind* endpoints for managing the BIND DNS server package (#276).
• Added /api/v2/system/certificate/pkcs12/export endpoint to export certificates as PKCS#12 archives (#470).
• Added /api/v2/system/certificate/renew endpoint to renew internal certificates.
• Added /api/v2/system/crl/revoked_certificate endpoint to manage revoked certificates via CRL (#166).
• Added /api/v2/system/certificate_authority/generate endpoint to create new internal Certificate Authorities (CA) (#519).
• Added /api/v2/system/certificate/generate endpoint to create new internal certificates.
• Added /api/v2/system/certificate/signing_request endpoint to create new Certificate Signing Requests (CSR) (#250).
• Added /api/v2/system/certificate/signing_request/sign endpoint to sign existing CSRs (#250).
• Added support for deleting DHCP leases via /api/v2/status/dhcp_server/leases (#130).
• Added /api/v2/status/logs/settings endpoint for reading and updating log settings.
• Added /api/v2/status/ipsec/sa endpoints to retrieve IPsec tunnel statuses (#571).
• Added /api/v2/status/ipsec/child_sa endpoint to retrieve specific IPsec child SA status (#571).
• Added new sort_by and sort_order parameters to control object sorting in config or before writing to the pfSense configuration (#565).
• Introduced a new expose_sensitive_fields setting to allow exposure of sensitive fields in API responses.

Changes

• Updated the OpenVPNServer tls field to automatically generate a TLS key if one is not provided (#570).
• OpenVPNServer tls* fields are now only available when use_tls is set to true (#570).
• Replaced the pfsense-restapi generatedocs command with pfsense-restapi buildschemas.
• Marked the OpenVPN tls field as 'sensitive,' so it will no longer appear in API responses by default.

Bug Fixes

• Fixed an issue where large REST API configurations could interfere with the API sync feature.
• Fixed a bug where the REST API's config lock timeout failed to generate the expected error.
• Fixed an issue where the WireGuardPeer presharedkey field could not be empty. #581

Full Changelog: v2.1.3...v2.2.0

pfSense REST API v2.2.0-beta-e61f74d

Please refer to the announcement and the PR for details on this pre-release.

Full Changelog: v2.2.0-dev-f38d613...v2.2.0-beta-e61f74d

pfSense REST API v2.1.3

Fixes

• Prevents GitHub API communication issues from throwing certain exceptions when refreshing the RESTAPIVersionReleasesCache #543

Changes

• Security sanitization to silence some linters by @Dervish13 in #566

New Contributors

• @Dervish13 made their first contribution in #566

Full Changelog: v2.1.2...v2.1.3

pfSense REST API v2.2.0-dev-f38d613

Please refer to the announcement for more information on this development build.