--- - name: Log in to OPNsense and obtain PHPSESSID and CSRF token hosts: localhost gather_facts: no vars: api_username: "your_username" api_password: "your_password" tasks: - name: Perform GET request to initiate session and retrieve PHPSESSID uri: url: "https://192.168.1.1/" method: GET user: "{{ WEBUI_USERNAME }}" password: "{{ WEBUI_PASSWORD }}" headers: Accept: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7' validate_certs: no return_content: yes register: login_page - name: Extract PHPSESSID from response cookies set_fact: phpsessid: "{{ login_page.cookies.PHPSESSID }}" - name: Extract CSRF token name and value from the page content set_fact: csrf_tokens: "{{ login_page.content | regex_findall(']*type=\"hidden\"[^>]*name=\"([^\"]+)\"[^>]*value=\"([^\"]+)\"') }}" - name: Set CSRF token name and value set_fact: csrf_token_name: "{{ csrf_tokens[0][0] if csrf_tokens | length > 0 else 'Not found' }}" csrf_token_value: "{{ csrf_tokens[0][1] if csrf_tokens | length > 0 else 'Not found' }}" - name: Display the PHPSESSID and CSRF token details debug: msg: "PHPSESSID is {{ phpsessid }}, CSRF token name is {{ csrf_token_name }}, CSRF token value is {{ csrf_token_value }}" - name: Construct body set_fact: request_body: | {{ csrf_token_name}}={{ csrf_token_value }}&range_from=192.168.1.10&range_to=192.168.1.245&wins1=&wins2=&dns1=&dns2=&gateway=&domain=&domainsearchlist=&defaultleasetime=&maxleasetime=&minsecs=&interface_mtu=&failover_peerip=&failover_split=&ddnsdomain=&ddnsdomainprimary=&ddnsdomainkeyname=&ddnsdomainkey=&ddnsdomainalgorithm=hmac-md5&mac_allow=&mac_deny=&ntp1=&ntp2=&tftp=&bootfilename=&ldap=&nextserver=192.168.1.1&filename=&filename32=&filename64=bootx64.efi&filename32arm=&filename64arm=&filenameipxe=&rootpath=&omapiport=&omapialgorithm=&omapikey=&numberoptions_number%5B%5D=&numberoptions_type%5B%5D=text&numberoptions_value%5B%5D=&if=lan&submit=Save' - name: Post data to services_dhcp.php uri: url: "https://192.168.1.1/services_dhcp.php?if=lan" method: POST headers: Accept: "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" Accept-Language: "en,fr;q=0.9,en-GB;q=0.8,en-US;q=0.7" Cache-Control: "no-cache" Content-Type: "application/x-www-form-urlencoded" Cookie: "PHPSESSID={{ phpsessid }}" Origin: "https://192.168.1.1" Pragma: "no-cache" Priority: "u=0, i" Referer: "https://192.168.1.1/services_dhcp.php?if=lan" Sec-Ch-Ua: '"Google Chrome";v="125", "Chromium";v="125", "Not.A/Brand";v="24"' Sec-Ch-Ua-Mobile: "?0" Sec-Ch-Ua-Platform: '"Linux"' Sec-Fetch-Dest: "document" Sec-Fetch-Mode: "navigate" Sec-Fetch-Site: "same-origin" Sec-Fetch-User: "?1" Upgrade-Insecure-Requests: "1" User-Agent: "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" body: | {{ csrf_token_name }}={{ csrf_token_value }}&range_from=192.168.1.10&range_to=192.168.1.245&wins1=&wins2=&dns1=&dns2=&gateway=&domain=&domainsearchlist=&defaultleasetime=&maxleasetime=&minsecs=&interface_mtu=&failover_peerip=&failover_split=&ddnsdomain=&ddnsdomainprimary=&ddnsdomainkeyname=&ddnsdomainkey=&ddnsdomainalgorithm=hmac-md5&mac_allow=&mac_deny=&ntp1=&ntp2=&tftp=&bootfilename=&ldap=&nextserver=192.168.1.1&filename=&filename32=&filename64=bootx64.efi&filename32arm=&filename64arm=&filenameipxe=&rootpath=&omapiport=&omapialgorithm=&omapikey=&numberoptions_number%5B%5D=&numberoptions_type%5B%5D=text&numberoptions_value%5B%5D=&if=lan&submit=Save body_format: raw validate_certs: no register: response # - name: Send POST request to update DHCP settings # uri: # url: "https://192.168.1.1/services_dhcp.php?if=lan" # method: POST # headers: # Accept: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7' # Content-Type: 'application/x-www-form-urlencoded' # Cookie: "PHPSESSID={{ phpsessid }}" # Origin: "https://192.168.1.1" # Referer: "https://192.168.1.1/services_dhcp.php?if=lan" # X-CSRFToken: "{{ csrf_token_value }}" # body_format: form-urlencoded # body: "{{ request_body }}" # validate_certs: no # return_content: yes # register: response - name: Display the response from the DHCP update request debug: #msg: "{{ response.content }}" msg: "{{ response }}" # request_body: | # {{ csrf_token_name }}={{ csrf_token_value }}&range_from=192.168.1.10&range_to=192.168.1.245&wins1=&wins2=&dns1=&dns2=&gateway=&domain=&domainsearchlist=&defaultleasetime=&maxleasetime=&minsecs=&interface_mtu=&failover_peerip=&failover_split=&ddnsdomain=&ddnsdomainprimary=&ddnsdomainkeyname=&ddnsdomainkey=&ddnsdomainalgorithm=hmac-md5&mac_allow=&mac_deny=&ntp1=&ntp2=&tftp=&bootfilename=&ldap=&nextserver=192.168.1.1&filename=&filename32=&filename64=bootx64.efi&filename32arm=&filename64arm=&filenameipxe=&rootpath=&omapiport=&omapialgorithm=&omapikey=&numberoptions_number%5B%5D=&numberoptions_type%5B%5D=text&numberoptions_value%5B%5D=&if=lan&submit=Save