Submit
gensecaihq

pfSense MCP Server

Community gensecaihq
Updated

pfSense MCP Server enables security administrators to manage their pfSense firewalls using natural language through AI assistants like Claude Desktop. Simply ask "Show me blocked IPs" or "Run a PCI compliance check" instead of navigating complex interfaces. Features 5-level RBAC, supports REST/XML-RPC/SSH connections, and includes built-in complian

pfSense MCP Server

A production-grade Model Context Protocol (MCP) server that enables natural language interaction with pfSense firewalls through Claude Desktop and other GenAI applications.

VersionLicenseMCP

๐Ÿš€ Features

  • Natural Language Interface: Control pfSense using plain English
  • 5 Access Levels: From read-only monitoring to emergency response
  • Multiple Connection Methods: REST API, XML-RPC, and SSH
  • 6 Functional Categories: Complete security operations coverage
  • GenAI Integration: Works with Claude Desktop, Continue, and other MCP clients
  • Production Ready: Audit logging, rate limiting, caching

๐Ÿ“‹ Quick Start

1. Install and Configure

# Clone the repository
git clone https://github.com/gensecaihq/pfsense-mcp-server.git
cd pfsense-mcp-server

# Copy environment template
cp .env.example .env

# Edit configuration
nano .env  # Add your pfSense details

2. Run with Docker

# Build and start
docker-compose up -d

# Check health
curl http://localhost:8000/health

3. Configure Claude Desktop

Add to your Claude Desktop configuration (~/Library/Application Support/Claude/claude_desktop_config.json on macOS):

{
  "mcpServers": {
    "pfsense": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "--env-file", "/path/to/.env", "pfsense-mcp:latest"],
      "env": {
        "MCP_MODE": "stdio"
      }
    }
  }
}

Or run locally:

{
  "mcpServers": {
    "pfsense": {
      "command": "python",
      "args": ["/path/to/pfsense-mcp-server/main.py"],
      "env": {
        "PFSENSE_URL": "https://your-pfsense.local",
        "PFSENSE_API_KEY": "your-api-key"
      }
    }
  }
}

๐Ÿ” Access Levels

Level Description Example Users
READ_ONLY Monitor and view Security Analysts
SECURITY_WRITE Modify security rules Security Engineers
ADMIN_WRITE Full system access Administrators
COMPLIANCE_READ Audit and compliance Compliance Officers
EMERGENCY_WRITE Emergency response Incident Responders

๐Ÿ’ฌ Example Prompts

"Show me the system status"
"What IPs are currently blocked?"
"Block IP 192.168.1.100"
"Run a PCI compliance check"
"Analyze threats from the last hour"
"EMERGENCY: Block all traffic from Russia"

๐Ÿ“š Documentation

  • Claude Desktop Setup
  • GenAI Integration Guide
  • API Documentation
  • Deployment Guide
  • Permissions Guide

๐Ÿงช Testing

# Test connection
python scripts/test_connection.py

# Run tests
pytest tests/

# Generate token
python scripts/generate_token.py alice READ_ONLY

๐Ÿ“ License

MIT License - see LICENSE

MCP Server ยท Populars

MCP Server ยท New

    browser-use

    Enable AI to control your browser ๐Ÿค–

    ๐ŸŒ Make websites accessible for AI agents. Automate tasks online with ease.

    Community browser-use
    superglue-ai

    superglue

    superglue integrates & orchestrates APIs from natural language. Agents use it to build deterministic workflows across apps, APIs and databases. Humans use it to generate insights, build automations and manage data.

    Community superglue-ai
    superglue-ai

    docs

    superglue integrates & orchestrates APIs from natural language. Agents use it to build deterministic workflows across apps, APIs and databases. Humans use it to generate insights, build automations and manage data.

    Community superglue-ai
    KemingHe

    Python Dependency Manager Companion MCP Server

    Self-updating MCP server to cross-reference latest official pip, poetry, uv, and conda docs

    Community KemingHe
    apache

    ECharts MCP

    Apache ECharts MCP Server

    Community apache