← 返回
未分类 中文

pfSense Hardening

Generates hardened pfSense firewall configurations based on specified security options.
基于指定安全选项生成强化 pfSense 防火墙配置
krishnakumarmahadevan-cmd
未分类 clawhub v1.0.0 1 版本 100000 Key: 无需
★ 0
Stars
📥 311
下载
💾 0
安装
1
版本
#latest

概述

Overview

The pfSense Hardening Tool is a security-focused API that automates the generation of hardened configurations for pfSense firewalls. Built by CISSP and CISM certified professionals, this tool enables network administrators and security engineers to quickly apply industry best practices and security hardening standards to their pfSense deployments without manual configuration.

The tool accepts a set of hardening options and generates optimized pfSense configurations tailored to your security requirements. It supports session tracking, user identification, and timestamped requests to ensure audit compliance and change management. Whether you're deploying a new pfSense instance or enhancing an existing firewall, this tool streamlines the hardening process and reduces configuration errors.

Ideal users include network security teams, DevSecOps engineers, managed security service providers (MSSPs), and organizations seeking to standardize their firewall security posture across multiple pfSense installations.

Usage

Sample Request:

{
  "hardeningOptions": {
    "firewall_rules": ["block_all_inbound", "restrict_ssh_access"],
    "ssl_tls": ["disable_sslv3", "enable_tls_1_2_minimum"],
    "logging": ["enable_firewall_logging", "enable_dhcp_logging"]
  },
  "sessionId": "sess_a7f9d3c2b1e4f6h8",
  "userId": 42,
  "timestamp": "2025-01-15T14:30:00Z"
}

Sample Response:

{
  "status": "success",
  "configurationId": "config_9x2k5m8l1p4q7r3t",
  "hardeningApplied": {
    "firewall_rules": ["block_all_inbound", "restrict_ssh_access"],
    "ssl_tls": ["disable_sslv3", "enable_tls_1_2_minimum"],
    "logging": ["enable_firewall_logging", "enable_dhcp_logging"]
  },
  "generatedConfig": {
    "version": "2.7.0",
    "firewall": {
      "rules": [
        {
          "id": 1,
          "action": "block",
          "direction": "in",
          "description": "Block all inbound traffic by default"
        }
      ]
    },
    "system": {
      "ssl_tls_version": "1.2",
      "logging_enabled": true
    }
  },
  "timestamp": "2025-01-15T14:30:15Z",
  "sessionId": "sess_a7f9d3c2b1e4f6h8"
}

Endpoints

POST /api/hardening/generate

Description: Generates a hardened pfSense configuration based on provided hardening options.

Method: POST

Path: /api/hardening/generate

Request Body:

ParameterTypeRequiredDescription
----------------------------------------
hardeningOptionsObject (string array values)RequiredA map of hardening categories to arrays of hardening rules to apply. Examples: firewall_rules, ssl_tls, logging, access_control, etc.
sessionIdStringRequiredUnique identifier for the current session, used for audit tracking and request correlation.
userIdIntegerOptionalUser ID of the administrator requesting the hardened configuration.
timestampStringRequiredISO 8601 formatted timestamp indicating when the request was generated (e.g., 2025-01-15T14:30:00Z).

Response (200 - Success):

The endpoint returns a JSON object containing:

  • status: String indicating success or failure
  • configurationId: Unique identifier for the generated configuration
  • hardeningApplied: Echo of the hardening options that were applied
  • generatedConfig: The complete hardened pfSense configuration object
  • timestamp: Server-side timestamp of the response
  • sessionId: Echo of the provided session ID for correlation

Response (422 - Validation Error):

Returns an HTTPValidationError object with a detail array containing validation errors:

FieldTypeDescription
--------------------------
detailArrayArray of validation error objects
detail[].locArrayLocation of the validation error (field path)
detail[].msgStringHuman-readable error message
detail[].typeStringError type identifier

Pricing

PlanCalls/DayCalls/MonthPrice
-------------------------------------
Free550Free
Developer20500$39/mo
Professional2005,000$99/mo
Enterprise100,0001,000,000$299/mo

About

ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.

References

  • Kong Route: https://api.mkkpro.com/hardening/pfsense
  • API Docs: https://api.mkkpro.com:8131/docs

版本历史

共 1 个版本

  • v1.0.0 当前
    2026-05-07 12:54 安全 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

office-efficiency

PDF To PPTX

krishnakumarmahadevan-cmd
将PDF文档智能转换为可编辑的PowerPoint演示文稿,自动提取内容并优化格式。
★ 0 📥 1,405
it-ops-security

Free Ride - Unlimited free AI

shaivpidadi
管理OpenClaw的OpenRouter免费AI模型,自动按质量排名模型,配置速率限制备用方案,并更新opencla...
★ 472 📥 78,647
it-ops-security

MoltGuard - Security & Antivirus & Guardrails

thomaslwang
MoltGuard — OpenClaw 安全守卫,由 OpenGuardrails 提供。安装后可防止您和您的用户受到提示注入、数据泄露及恶意行为的侵害。
★ 116 📥 31,027