NAME

WebService::OPNsense::Firewall::Npt - Firewall NPT (network prefix translation) rule controller

VERSION

version 0.003

SYNOPSIS

use WebService::OPNsense::Constants qw( $AF_INET6 $OPN_ENABLED );

my $npt = $opn->firewall_npt;

# List NPT rules
my $rules = $npt->search_rule;

# Create an NPT rule
$npt->add_rule({
    rule => {
        description       => 'Translate IPv6 prefix',
        protocol          => 'any',
        external_net      => '2001:db8:1::/48',
        internal_net      => 'fd00:1::/48',
        address_family    => $AF_INET6,
        enabled           => $OPN_ENABLED,
    },
});

DESCRIPTION

Manages network prefix translation rules on the OPNsense firewall. All methods are provided by WebService::OPNsense::Firewall::Role::NAT.

CONSTANTS

Address family and protocol constants are available from WebService::OPNsense::Constants:

$AF_INET6
$AF_INET
$PROTO_TCP
$PROTO_UDP
$PROTO_ANY

Use them when setting the address_family or protocol fields.

SEE ALSO

WebService::OPNsense::Firewall::Role::NAT

PROVIDED METHODS

The following methods are inherited from consumed roles.

search_rule

my $results = $ctrl->search_rule( %params );

Searches for NPT rules.

get_rule

my $rule = $ctrl->get_rule( $uuid );

Returns a single rule by UUID. Throws if $uuid is not a valid UUID.

add_rule

my $result = $ctrl->add_rule( $rule_data );

Creates rule.

set_rule

my $result = $ctrl->set_rule( $uuid, $rule_data );

Updates rule. Throws if $uuid is not a valid UUID.

del_rule

my $result = $ctrl->del_rule( $uuid );

Deletes a rule by UUID. Throws if $uuid is not a valid UUID.

toggle_rule

my $result = $ctrl->toggle_rule( $uuid, $enabled );

Enables or disables a rule. Throws if $uuid is not a valid UUID.

toggle_rule_log

my $result = $ctrl->toggle_rule_log( $uuid, $log );

Toggles the log flag for a rule. Throws if $uuid is not a valid UUID.

apply

my $result = $ctrl->apply;
my $result = $ctrl->apply( $rollback_revision );

Applies pending changes.

savepoint

my $result = $ctrl->savepoint;

Creates a configuration savepoint for rollback.

cancel_rollback

my $result = $ctrl->cancel_rollback( $revision );

Cancels a pending rollback.

move_rule_before

my $result = $ctrl->move_rule_before( $selected_uuid, $target_uuid );

Moves a rule before another rule. Throws if either UUID is invalid.

revert

my $result = $ctrl->revert( $revision );

Reverts to a previous configuration revision.

get

my $config = $ctrl->get;

Returns the full configuration.

set_settings

my $result = $ctrl->set_settings( $settings );

Updates the configuration.

list_categories

my $categories = $ctrl->list_categories;

Returns a list of available rule categories.

list_network_select_options

my $options = $ctrl->list_network_select_options;

Returns selectable network options for rule creation.

list_port_select_options

my $options = $ctrl->list_port_select_options;

Returns selectable port options for rule creation.

client

my $http_client = $ctrl->client;

Returns the underlying HTTP client object used for API requests.

AUTHOR

Dean Hamstead <dean@fragfest.com.au>

COPYRIGHT AND LICENSE

This software is Copyright (c) 2026 by Dean Hamstead.

This is free software, licensed under:

The MIT (X11) License