# OPNsense Device Control Configuration for Home Assistant # This provides device discovery, user assignment, and internet blocking capabilities # Input Selects for User Assignment input_select: # Bella's Devices (Age 14) device_user_bella_phone: name: "Bella's Phone Owner" options: - "Bella" - "Xander" - "William" - "Parent" - "Guest" - "Unassigned" initial: "Bella" icon: mdi:cellphone device_user_bella_tablet: name: "Bella's Tablet Owner" options: - "Bella" - "Xander" - "William" - "Parent" - "Guest" - "Unassigned" initial: "Bella" icon: mdi:tablet # Xander's Devices (Age 15) device_user_xander_phone: name: "Xander's Phone Owner" options: - "Bella" - "Xander" - "William" - "Parent" - "Guest" - "Unassigned" initial: "Xander" icon: mdi:cellphone device_user_xander_desktop: name: "Xander's Desktop Owner" options: - "Bella" - "Xander" - "William" - "Parent" - "Guest" - "Unassigned" initial: "Xander" icon: mdi:desktop-tower # William's Devices (Age 17) device_user_william_phone: name: "William's Phone Owner" options: - "Bella" - "Xander" - "William" - "Parent" - "Guest" - "Unassigned" initial: "William" icon: mdi:cellphone device_user_william_laptop: name: "William's Laptop Owner" options: - "Bella" - "Xander" - "William" - "Parent" - "Guest" - "Unassigned" initial: "William" icon: mdi:laptop # Input Booleans for Internet Blocking input_boolean: # Master Controls parental_controls_enabled: name: "Parental Controls Enabled" icon: mdi:shield-account # Bella's Device Blocks block_bella_phone: name: "Block Bella's Phone" icon: mdi:cellphone-off block_bella_tablet: name: "Block Bella's Tablet" icon: mdi:tablet-off # Xander's Device Blocks block_xander_phone: name: "Block Xander's Phone" icon: mdi:cellphone-off block_xander_desktop: name: "Block Xander's Desktop" icon: mdi:desktop-tower-off # William's Device Blocks block_william_phone: name: "Block William's Phone" icon: mdi:cellphone-off block_william_laptop: name: "Block William's Laptop" icon: mdi:laptop-off # User-wide blocks (blocks ALL devices for a user) block_all_bella_devices: name: "Block All Bella's Devices" icon: mdi:account-off block_all_xander_devices: name: "Block All Xander's Devices" icon: mdi:account-off block_all_william_devices: name: "Block All William's Devices" icon: mdi:account-off # Input Text for Device MAC Addresses input_text: # Bella's Device MACs mac_bella_phone: name: "Bella's Phone MAC" initial: "" icon: mdi:cellphone mac_bella_phone_wifi: name: "Bella's Phone WiFi MAC" initial: "" icon: mdi:wifi mac_bella_tablet: name: "Bella's Tablet MAC" initial: "" icon: mdi:tablet mac_bella_tablet_wifi: name: "Bella's Tablet WiFi MAC" initial: "" icon: mdi:wifi # Xander's Device MACs mac_xander_phone: name: "Xander's Phone MAC" initial: "" icon: mdi:cellphone mac_xander_phone_wifi: name: "Xander's Phone WiFi MAC" initial: "" icon: mdi:wifi mac_xander_desktop: name: "Xander's Desktop MAC (Wired)" initial: "" icon: mdi:desktop-tower mac_xander_desktop_wifi: name: "Xander's Desktop MAC (WiFi)" initial: "" icon: mdi:wifi # William's Device MACs mac_william_phone: name: "William's Phone MAC" initial: "" icon: mdi:cellphone mac_william_phone_wifi: name: "William's Phone WiFi MAC" initial: "" icon: mdi:wifi mac_william_laptop: name: "William's Laptop MAC (Wired)" initial: "" icon: mdi:laptop mac_william_laptop_wifi: name: "William's Laptop MAC (WiFi)" initial: "" icon: mdi:wifi # Sensors for Device Status sensor: - platform: template sensors: bella_devices_blocked_count: friendly_name: "Bella Blocked Devices" value_template: > {% set count = 0 %} {% if is_state('input_boolean.block_bella_phone', 'on') %} {% set count = count + 1 %} {% endif %} {% if is_state('input_boolean.block_bella_tablet', 'on') %} {% set count = count + 1 %} {% endif %} {{ count }} icon_template: mdi:counter xander_devices_blocked_count: friendly_name: "Xander Blocked Devices" value_template: > {% set count = 0 %} {% if is_state('input_boolean.block_xander_phone', 'on') %} {% set count = count + 1 %} {% endif %} {% if is_state('input_boolean.block_xander_desktop', 'on') %} {% set count = count + 1 %} {% endif %} {{ count }} icon_template: mdi:counter william_devices_blocked_count: friendly_name: "William Blocked Devices" value_template: > {% set count = 0 %} {% if is_state('input_boolean.block_william_phone', 'on') %} {% set count = count + 1 %} {% endif %} {% if is_state('input_boolean.block_william_laptop', 'on') %} {% set count = count + 1 %} {% endif %} {{ count }} icon_template: mdi:counter # REST Commands for OPNsense API rest_command: # Create/Update Firewall Alias for Blocked MACs opnsense_update_blocked_alias: url: "https://10.0.0.254/api/firewall/alias/setItem/{{ alias_uuid }}" method: POST headers: Content-Type: application/json payload: > { "alias": { "enabled": "1", "name": "{{ alias_name }}", "type": "mac", "content": "{{ mac_addresses }}", "description": "{{ description }}" } } username: !secret opnsense_api_key password: !secret opnsense_api_secret verify_ssl: false # Apply Firewall Changes opnsense_apply_firewall: url: "https://10.0.0.254/api/firewall/filter/apply" method: POST username: !secret opnsense_api_key password: !secret opnsense_api_secret verify_ssl: false # Create Block Rule for Alias opnsense_create_block_rule: url: "https://10.0.0.254/api/firewall/filter/addRule" method: POST headers: Content-Type: application/json payload: > { "rule": { "enabled": "1", "action": "block", "interface": "lan", "direction": "out", "ipprotocol": "inet", "protocol": "any", "source_net": "{{ alias_name }}", "destination_net": "any", "description": "{{ description }}", "log": "1" } } username: !secret opnsense_api_key password: !secret opnsense_api_secret verify_ssl: false # Automations automation: # Block All Bella Devices Toggle - id: block_all_bella_devices_on alias: "Block All Bella Devices - ON" trigger: - platform: state entity_id: input_boolean.block_all_bella_devices to: 'on' action: - service: input_boolean.turn_on target: entity_id: - input_boolean.block_bella_phone - input_boolean.block_bella_tablet - id: block_all_bella_devices_off alias: "Block All Bella Devices - OFF" trigger: - platform: state entity_id: input_boolean.block_all_bella_devices to: 'off' action: - service: input_boolean.turn_off target: entity_id: - input_boolean.block_bella_phone - input_boolean.block_bella_tablet # Block All Xander Devices Toggle - id: block_all_xander_devices_on alias: "Block All Xander Devices - ON" trigger: - platform: state entity_id: input_boolean.block_all_xander_devices to: 'on' action: - service: input_boolean.turn_on target: entity_id: - input_boolean.block_xander_phone - input_boolean.block_xander_desktop - id: block_all_xander_devices_off alias: "Block All Xander Devices - OFF" trigger: - platform: state entity_id: input_boolean.block_all_xander_devices to: 'off' action: - service: input_boolean.turn_off target: entity_id: - input_boolean.block_xander_phone - input_boolean.block_xander_desktop # Block All William Devices Toggle - id: block_all_william_devices_on alias: "Block All William Devices - ON" trigger: - platform: state entity_id: input_boolean.block_all_william_devices to: 'on' action: - service: input_boolean.turn_on target: entity_id: - input_boolean.block_william_phone - input_boolean.block_william_laptop - id: block_all_william_devices_off alias: "Block All William Devices - OFF" trigger: - platform: state entity_id: input_boolean.block_all_william_devices to: 'off' action: - service: input_boolean.turn_off target: entity_id: - input_boolean.block_william_phone - input_boolean.block_william_laptop # Update OPNsense when blocks change - id: update_opnsense_bella_blocks alias: "Update OPNsense - Bella Blocks" trigger: - platform: state entity_id: - input_boolean.block_bella_phone - input_boolean.block_bella_tablet action: - service: rest_command.opnsense_update_blocked_alias data: alias_uuid: "bella_blocked" alias_name: "Blocked_Bella" description: "Bella's Blocked Devices" mac_addresses: > {% set macs = [] %} {% if is_state('input_boolean.block_bella_phone', 'on') %} {% if states('input_text.mac_bella_phone') != '' %} {% set macs = macs + [states('input_text.mac_bella_phone')] %} {% endif %} {% if states('input_text.mac_bella_phone_wifi') != '' %} {% set macs = macs + [states('input_text.mac_bella_phone_wifi')] %} {% endif %} {% endif %} {% if is_state('input_boolean.block_bella_tablet', 'on') %} {% if states('input_text.mac_bella_tablet') != '' %} {% set macs = macs + [states('input_text.mac_bella_tablet')] %} {% endif %} {% if states('input_text.mac_bella_tablet_wifi') != '' %} {% set macs = macs + [states('input_text.mac_bella_tablet_wifi')] %} {% endif %} {% endif %} {{ macs | join('\n') }} - delay: seconds: 2 - service: rest_command.opnsense_apply_firewall - id: update_opnsense_xander_blocks alias: "Update OPNsense - Xander Blocks" trigger: - platform: state entity_id: - input_boolean.block_xander_phone - input_boolean.block_xander_desktop action: - service: rest_command.opnsense_update_blocked_alias data: alias_uuid: "xander_blocked" alias_name: "Blocked_Xander" description: "Xander's Blocked Devices" mac_addresses: > {% set macs = [] %} {% if is_state('input_boolean.block_xander_phone', 'on') %} {% if states('input_text.mac_xander_phone') != '' %} {% set macs = macs + [states('input_text.mac_xander_phone')] %} {% endif %} {% if states('input_text.mac_xander_phone_wifi') != '' %} {% set macs = macs + [states('input_text.mac_xander_phone_wifi')] %} {% endif %} {% endif %} {% if is_state('input_boolean.block_xander_desktop', 'on') %} {% if states('input_text.mac_xander_desktop') != '' %} {% set macs = macs + [states('input_text.mac_xander_desktop')] %} {% endif %} {% if states('input_text.mac_xander_desktop_wifi') != '' %} {% set macs = macs + [states('input_text.mac_xander_desktop_wifi')] %} {% endif %} {% endif %} {{ macs | join('\n') }} - delay: seconds: 2 - service: rest_command.opnsense_apply_firewall - id: update_opnsense_william_blocks alias: "Update OPNsense - William Blocks" trigger: - platform: state entity_id: - input_boolean.block_william_phone - input_boolean.block_william_laptop action: - service: rest_command.opnsense_update_blocked_alias data: alias_uuid: "william_blocked" alias_name: "Blocked_William" description: "William's Blocked Devices" mac_addresses: > {% set macs = [] %} {% if is_state('input_boolean.block_william_phone', 'on') %} {% if states('input_text.mac_william_phone') != '' %} {% set macs = macs + [states('input_text.mac_william_phone')] %} {% endif %} {% if states('input_text.mac_william_phone_wifi') != '' %} {% set macs = macs + [states('input_text.mac_william_phone_wifi')] %} {% endif %} {% endif %} {% if is_state('input_boolean.block_william_laptop', 'on') %} {% if states('input_text.mac_william_laptop') != '' %} {% set macs = macs + [states('input_text.mac_william_laptop')] %} {% endif %} {% if states('input_text.mac_william_laptop_wifi') != '' %} {% set macs = macs + [states('input_text.mac_william_laptop_wifi')] %} {% endif %} {% endif %} {{ macs | join('\n') }} - delay: seconds: 2 - service: rest_command.opnsense_apply_firewall