azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sync: auto-sync from HOWARD-HOME at 2026-06-16 14:11:33

Browse Source 
Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-06-16 14:11:33
This commit is contained in:
Howard Enos
2026-06-16 14:11:42 -07:00
parent e3bb7d3f95
commit 7e2f49020a
1 changed files with 24 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
clients/cascades-tucson/session-logs/2026-06/2026-06-15-howard-cascades-wifi-rf-audit.md
View File

@@ -612,3 +612,27 @@ is unchanged from earlier in this log.
+ `easyrule`-equivalent. + `easyrule`-equivalent.
3. Live validation pending a reachable pfSense (stable site VPN; mind the home-LAN .0.x shadow that 3. Live validation pending a reachable pfSense (stable site VPN; mind the home-LAN .0.x shadow that
currently masks Cascades pfSense from Howard-Home). Coordinate the build with Mike (his §E). currently masks Cascades pfSense from Howard-Home). Coordinate the build with Mike (his §E).
## Update: 14:30 PT (2026-06-16) — pfSense compat layer built, then put ON HOLD (pfSense too old)
Built the pfSense gateway compatibility layer per Howard's decision (REST API package backend, dispatch
INSIDE the existing gateway verbs — Mike's §E lean):
- NEW `scripts/pfsense-backend.sh` — pfSense REST API driver (`pfSense-pkg-RESTAPI` v2, `X-API-Key`),
same verbs as gw-control (audit, pf-list/disable/enable/delete/set-ports, fw-list/disable/enable,
block-ips) + a `setup` helper. Writes `--apply`-gated, per-object rollback to `.claude/tmp/`, calls
`firewall/apply`.
- `gw-audit.sh` + `gw-control.sh` auto-dispatch to it when `num_gw=0` AND a `clients/<slug>/pfsense-api`
cred is vaulted (or `--pfsense <slug>`). Minimal diff to Mike's files (he edits them concurrently).
- SKILL.md `[PROPOSED]`->`[SCAFFOLDED]`; ROADMAP §E open decisions marked resolved. Committed `1118594`,
lock released, Mike notified (msg `f0c442cf`).
- Tested: syntax + setup/BLOCKED/no-cred paths + live `gw-audit cascades` (num_gw=0 -> pfSense hint,
gating correct). NOT live-tested: the actual REST calls.
**BLOCKER / ON HOLD (Howard):** the RESTAPI package is third-party and the **Cascades pfSense is too old
to install it** — it needs a **firmware upgrade first**. Live work is ON HOLD until the pfSense is upgraded.
Tried to vault the API key but none exists yet (package not installed); pfSense host = `192.168.0.1`
(web cred already at `clients/cascades-tucson/pfsense-firewall`). Also note `192.168.0.1` is shadowed from
Howard-Home by the home UniFi `.0.0/24` overlap, so first live validation must run from/through Cascades.
Filed coord todo (project unifi-wifi): upgrade Cascades pfSense -> install RESTAPI -> mint key -> vault
`clients/cascades-tucson/pfsense-api` -> first live `gw-audit cascades`. Resume trigger + steps in ROADMAP §E.