My primary goal in asking this question is how to kill established connections when turning on a firewall rule – though know how to run CLI in general would be great too. Turning FW rules on and off is easy. Setting up an automation to watch that and firing off a related action (like sending a command to pfSense) is easy. But the actual sending of the command to pfSense is what eludes me.
My current attempt uses the “kill_states” service. (I’ve also notice that the stub Yaml config for the pfSense integration has also has an “exec_command” service which seems to be used for sending an CLI command over ssh to the pfSense host. But I’ve tried using the Dev tools and haven’t been able to figure out how to configure the service to actually send a command.). My current attempt to use kill_states as an action in my automation is:
action:
- service: pfsense.kill_states
data:
entity_id: binary_sensor.pfsense_localdomain_pending_notices_present
source: 0.0.0.0/0
destination: 192.168.0.193/24
- service: pfsense.kill_states
data:
entity_id: binary_sensor.pfsense_localdomain_pending_notices_present
source: 192.168.0.193/24
destination: 0.0.0.0/0
(.193 is my son’s gaming laptop 
)
But I do not see “pfsense_lan_pending_notices_present” nor anything like it in all of my pfSense entities in HA (enable or disabled.). In fact, I hav no idea what it means, I just saw this binary_sensor in another post.
How can I move forward with this?
Thanks.