Technology – Blue Elysium https://blueelysium.net Thu, 11 Dec 2025 00:23:21 +0000 en-US hourly 1 https://wordpress.org/?v=7.0 https://blueelysium.net/wp-content/uploads/2023/03/small_fields._ethereal_03.png Technology – Blue Elysium https://blueelysium.net 32 32 UDMPro Managing Lists https://blueelysium.net/2025/12/11/udmpro-managing-lists/ https://blueelysium.net/2025/12/11/udmpro-managing-lists/#respond Thu, 11 Dec 2025 00:23:21 +0000 https://blueelysium.net/?p=943 Ever needed to manually edit lists outside of the ubiquiti interface.

I had several long lists of IPs that I want to deny. I update this list based on IPs I gather from my router logs each month. Rather cutting and pasting them each time I wanted to upload a file. The lists are json files that are managed by mongodb. Here is how you can interact with them (insert / update / delete)

Connection

Access your ubiquiti router via ssh.

SSH Access

ssh root@<udm-ip>

MongoDB Connection

mongo --port 27117

MongoDB runs on port 27117 (not default 27017).

Select Database

use ace

The UniFi database is named ace.

Querying Data

View Firewall Groups

// All firewall groups
db.firewallgroup.find().pretty()

// IP address groups only
db.firewallgroup.find({"group_type": "address-group"}).pretty()

// Port groups only
db.firewallgroup.find({"group_type": "port-group"}).pretty()

// IPv6 groups only
db.firewallgroup.find({"group_type": "ipv6-address-group"}).pretty()

// Summary view (names and members only)
db.firewallgroup.find({}, {name: 1, group_type: 1, group_members: 1, _id: 0}).pretty()

View Other Collections

// User/Client groups
db.usergroup.find().pretty()

// Network configurations
db.networkconf.find().pretty()

// List all collections
show collections

// List all databases
show dbs

One-liner Queries (from SSH)

mongo --port 27117 ace --eval "db.firewallgroup.find().pretty()"

Updating Data

Basic Update Operations

Replace Array

db.firewallgroup.updateOne(
  { "name": "YourGroupName" },
  { $set: { "group_members": ["192.168.1.10", "192.168.1.20", "192.168.1.30"] } }
)

Update Multiple Fields

db.firewallgroup.updateOne(
  { "name": "YourGroupName" },
  { $set: { 
      "group_members": ["192.168.1.10", "192.168.1.20"],
      "group_members_ipv6": []
    } 
  }
)

Add Single Item to Array

db.firewallgroup.updateOne(
  { "name": "YourGroupName" },
  { $addToSet: { "group_members": "192.168.1.50" } }
)

Add Multiple Items to Array

db.firewallgroup.updateOne(
  { "name": "YourGroupName" },
  { $addToSet: { "group_members": { $each: ["192.168.1.50", "192.168.1.51"] } } }
)

Remove Item from Array

db.firewallgroup.updateOne(
  { "name": "YourGroupName" },
  { $pull: { "group_members": "192.168.1.10" } }
)

MongoDB Update Operators

Operator Function
$set Set field value(s)
$unset Remove field
$addToSet Add to array (no duplicates)
$push Add to array (allows duplicates)
$pull Remove from array
$inc Increment number

Workflow

Recommended Update Sequence

// 1. Backup current document
var backup = db.firewallgroup.findOne({"name": "YourGroupName"})
printjson(backup)

// 2. Verify query matches exactly one document
db.firewallgroup.find({"name": "YourGroupName"})

// 3. Execute update
db.firewallgroup.updateOne(
  { "name": "YourGroupName" },
  { $set: { "group_members": ["192.168.1.10", "192.168.1.20"] } }
)

// 4. Verify update result
// Look for: { "acknowledged": true, "matchedCount": 1, "modifiedCount": 1 }

// 5. Confirm changes
db.firewallgroup.findOne({"name": "YourGroupName"})

Backup Database

mongodump --port 27117 --db ace --out /root/backup-$(date +%Y%m%d)

Restart UniFi Service

systemctl restart unifi

Restart required for controller to reload database changes.

Notes

  • Enable SSH in Settings → System → Advanced
  • Direct database modifications may be overwritten by controller
  • Backup before modifications
  • Verify query scope before executing updates
  • Check update result for matchedCount and modifiedCount
]]> https://blueelysium.net/2025/12/11/udmpro-managing-lists/feed/ 0