Download OpenAPI specification:
pfSense® Plus software is a widely deployed, robust, and easy to use firewall solution. This repository contains the set of packages to extend the powerful management capabilities of pfSense Plus through the availability a RESTful interface provided by the pfSense Multi-instance Management Controller.
This API schema is provided for language agnostic client implementations. The schema generated document can be viewed here: netgate.github.io/pfsense-api
Authentication Operations: Use the functions in this namespace to login to the Controller and obtain the session token required for issuing API requests.
Login to pfSense. If the JWT access token is not provided, then a new one is allocated. A JWT refresh token is also applied to cookie. The client can refresh the access token, while the refresh token is still valid, by calling RefreshAccessToken (POST /login/refresh).
| username required | string base64 encoded |
| password required | string base64 encoded |
| secondfactor | string |
{- "username": "string",
- "password": "string",
- "secondfactor": "string"
}{- "token": "string",
- "user": "string",
- "version": "string",
- "alerts": [
- "string"
]
}| username | string |
{- "username": "string"
}{- "token": "string",
- "user": "string",
- "version": "string",
- "alerts": [
- "string"
]
}This function triggers an SSO authentication with the SAML service. A few redirections will take place before the completion which will return a LoginResponse payload.
| name required | string |
{- "token": "string",
- "user": "string",
- "version": "string",
- "alerts": [
- "string"
]
}Fetch the list of external login service providers that have been configured on this controller, such as: SAML, OAuth. The returned data is a list of labels to for the service and its associated URL to proceed with the login.
If no service has been configured, then an empty list is returned.
{- "providers": [
- {
- "label": "string",
- "url": "string"
}
]
}| authtype | string |
| username | string |
| password | string |
{- "authtype": "string",
- "username": "string",
- "password": "string"
}{- "authenticated": true
}{- "build": "string",
- "api_version": "string",
- "host": "string",
- "host_os": {
- "property1": "string",
- "property2": "string"
}, - "pubkey": "string",
- "tls_pubkey": "string",
- "tls_key_id": "string",
- "public_addresses": [
- "string"
], - "mim_vpn_addr": "string",
- "stats": {
- "uptime": 0,
- "started": 0,
- "mem_total": 0,
- "mem_used": 0,
- "storage": [
- {
- "volume": "string",
- "device": "string",
- "capacity": 0,
- "used": 0
}
], - "cpu_load": [
- 0
], - "admin_logins": 0,
- "systems_total": 0,
- "systems_online": 0,
- "systems_failed": 0,
- "mesh": {
- "devices_total": 0,
- "devices_online": 0,
- "vpn_conns": [
- {
- "vpn_type": "string",
- "vpn_name": "string",
- "subnets": [
- "string"
], - "conns": "string"
}
]
}, - "admin_sessions": [
- {
- "identity": "string",
- "at": 0,
- "at_str": "string"
}
], - "timestamp": 0
}
}| device_name | string |
| type | string debug, info (default), warning, error, critical |
| from_ts | integer millisecond timestamp of starting log time |
| to_ts | integer millisecond timestamp of ending log time |
| class | string source class of the log, for example - auth, config, cron, controller |
{- "entries": [
- {
- "type": "string",
- "timestamp": 0,
- "timestr": "string",
- "device_name": "string",
- "device_address": "string",
- "class": "string",
- "message": "string"
}
]
}| action | string Enum: "restart" "reload" "stop" Action to carry out [restart, reload, stop] |
{- "action": "restart"
}{- "result": "string"
}{- "uptime": 0,
- "started": 0,
- "mem_total": 0,
- "mem_used": 0,
- "storage": [
- {
- "volume": "string",
- "device": "string",
- "capacity": 0,
- "used": 0
}
], - "cpu_load": [
- 0
], - "admin_logins": 0,
- "systems_total": 0,
- "systems_online": 0,
- "systems_failed": 0,
- "mesh": {
- "devices_total": 0,
- "devices_online": 0,
- "vpn_conns": [
- {
- "vpn_type": "string",
- "vpn_name": "string",
- "subnets": [
- "string"
], - "conns": "string"
}
]
}, - "admin_sessions": [
- {
- "identity": "string",
- "at": 0,
- "at_str": "string"
}
], - "timestamp": 0
}Detect system events or alerts that need to be attended to. Calling this function will block the client, and it should therefore be done on a dedicated connection from other API requests. Each event returned in the events list has an event_id, which can be used as a tracker for retrieving the next set of events.
parameters:
| last_id | integer last seen ID |
{- "events": [
- {
- "event_type": "string",
- "event_id": 0,
- "firewall": {
- "intf_name": "string",
- "action": "string",
- "rule_type": "string",
- "filter": {
- "id": "string",
- "fwids": "string",
- "disabled": true,
- "readonly": true,
- "floating": true,
- "ethernet": true,
- "gateway": "string",
- "tracker": "string",
- "type": "string",
- "interface": "string",
- "ipprotocol": "string",
- "tag": "string",
- "tagged": "string",
- "max": "string",
- "max_src_nodes": "string",
- "max_src_conn": "string",
- "max_src_states": "string",
- "statetimeout": "string",
- "statepolicy": "string",
- "statetype": "string",
- "state": {
- "id": "string",
- "tracker": "string",
- "label": "string",
- "evaluations": 0,
- "packets": 0,
- "bytes": 0,
- "states": 0,
- "pid": 0,
- "state_creations": 0
}, - "os": "string",
- "protocol": "string",
- "direction": "string",
- "quick": true,
- "log": true,
- "dscp": "string",
- "allowopts": true,
- "disablereplyto": true,
- "nottagged": true,
- "pflow": "string",
- "max_src_conn_rate": "string",
- "max_src_conn_rates": "string",
- "tcpflags1": "string",
- "tcpflags2": "string",
- "tcpflags1_struct": {
- "fin": true,
- "syn": true,
- "rst": true,
- "psh": true,
- "ack": true,
- "urg": true,
- "ece": true,
- "cwr": true
}, - "tcpflags2_struct": {
- "fin": true,
- "syn": true,
- "rst": true,
- "psh": true,
- "ack": true,
- "urg": true,
- "ece": true,
- "cwr": true
}, - "tcpflags_any": true,
- "icmptype": "string",
- "nopfsync": true,
- "nosync": true,
- "vlanprio": "string",
- "vlanprioset": "string",
- "dnpipe": "string",
- "pdnpipe": "string",
- "ackqueue": "string",
- "defaultqueue": "string",
- "bridgeto": "string",
- "source": {
- "label": "string",
- "address": "string",
- "network": "string",
- "port": "string",
- "not": true,
- "any": true,
- "alias_id": "string"
}, - "sched": "string",
- "destination": {
- "label": "string",
- "address": "string",
- "network": "string",
- "port": "string",
- "not": true,
- "any": true,
- "alias_id": "string"
}, - "descr": "string",
- "srcmac": "string",
- "dstmac": "string",
- "nat": {
- "enabled": true,
- "source": "string",
- "type": "string"
}, - "updated": {
- "time": "string",
- "username": "string"
}, - "created": {
- "time": "string",
- "username": "string"
}, - "associated_rule_id": "string"
}, - "nat": {
- "id": "string",
- "associated_rule_id": "string",
- "created": {
- "time": "string",
- "username": "string"
}, - "descr": "string",
- "disabled": true,
- "destination": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "filter_rule_association": "string",
- "interface": "string",
- "target": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "natreflection": "string",
- "nordr": true,
- "protocol": "string",
- "ipprotocol": "string",
- "source": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "updated": {
- "time": "string",
- "username": "string"
}, - "nosync": true
}, - "nat1to1": {
- "id": "string",
- "descr": "string",
- "disabled": true,
- "destination": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "external": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "interface": "string",
- "ipprotocol": "string",
- "nobinat": true,
- "source": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}
}, - "natout": {
- "created": {
- "time": "string",
- "username": "string"
}, - "descr": "string",
- "disabled": true,
- "destination": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "id": "string",
- "interface": "string",
- "ipprotocol": "string",
- "nonat": true,
- "nosync": true,
- "eimnat": true,
- "protocol": "string",
- "poolopts": "string",
- "source": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "source-hash-key": "string",
- "staticnatport": true,
- "target": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "updated": {
- "time": "string",
- "username": "string"
}
}, - "npt": {
- "descr": "string",
- "disabled": true,
- "destination": {
- "address": "string",
- "not": true,
- "type": "string"
}, - "id": "string",
- "interface": "string",
- "source": {
- "address": "string",
- "not": true,
- "type": "string"
}
}, - "separator": {
- "id": "string",
- "row": "string",
- "text": "string",
- "color": "string",
- "if": "string"
}
}, - "interface": {
- "name": "string",
- "friendly_name": "string",
- "state": "string",
- "speed": 0
}, - "system": {
- "message": "string",
- "level": "string"
}, - "config": {
- "dirty_subsystems": [
- {
- "name": "string",
- "descr": "string",
- "file": "string"
}
], - "reboot_required": true,
- "change_message": "string"
}, - "resource_alert": {
- "device_key": "string",
- "hostname": "string",
- "alert": {
- "conditions": [
- {
- "resource": "string",
- "path": "string",
- "threshold": 0,
- "value": 0,
- "duration_s": 0
}
]
}
}
}
]
}{- "admin": {
- "webguiproto": "string",
- "webguiport": "string",
- "max_procs": 0,
- "disablehttpredirect": true,
- "disablehsts": true,
- "ocsp_staple": true,
- "disableconsolemenu": true,
- "noantilockout": true,
- "nodnsrebindcheck": true,
- "nohttpreferercheck": true,
- "pagenamefirst": true,
- "loginautocomplete": true,
- "althostnames": "string",
- "enableserial": true,
- "serialspeed": "string",
- "primaryconsole": "string",
- "sshport": "string",
- "enablesshd": true,
- "sshdkeyonly": "string",
- "sshdagentforwarding": true,
- "quietlogin": true,
- "roaming": true,
- "sshguard_threshold": "string",
- "sshguard_blocktime": "string",
- "sshguard_detection_time": "string",
- "sshguard_whitelist": "string",
- "ssl_certref": "string",
- "certsavailable": true,
- "certlist": [
- {
- "id": "string",
- "descr": "string"
}
], - "enableserial_force": true
}
}object (SystemAdvAdmin) |
{- "admin": {
- "webguiproto": "string",
- "webguiport": "string",
- "max_procs": 0,
- "disablehttpredirect": true,
- "disablehsts": true,
- "ocsp_staple": true,
- "disableconsolemenu": true,
- "noantilockout": true,
- "nodnsrebindcheck": true,
- "nohttpreferercheck": true,
- "pagenamefirst": true,
- "loginautocomplete": true,
- "althostnames": "string",
- "enableserial": true,
- "serialspeed": "string",
- "primaryconsole": "string",
- "sshport": "string",
- "enablesshd": true,
- "sshdkeyonly": "string",
- "sshdagentforwarding": true,
- "quietlogin": true,
- "roaming": true,
- "sshguard_threshold": "string",
- "sshguard_blocktime": "string",
- "sshguard_detection_time": "string",
- "sshguard_whitelist": "string",
- "ssl_certref": "string",
- "certsavailable": true,
- "certlist": [
- {
- "id": "string",
- "descr": "string"
}
], - "enableserial_force": true
}
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "firewall": {
- "adaptiveend": "string",
- "adaptivestart": "string",
- "aliasesresolveinterval": "string",
- "bogonsinterval": "string",
- "bypassstaticroutes": true,
- "checkaliasesurlcert": true,
- "disablefilter": true,
- "disablenegate": true,
- "disablereplyto": true,
- "disablescrub": true,
- "disablevpnrules": true,
- "enablebinatreflection": true,
- "enablenatreflectionhelper": true,
- "enableethfilter": true,
- "icmperrortimeout": "string",
- "icmpfirsttimeout": "string",
- "maximumfrags": "string",
- "maximumstates": "string",
- "maximumtableentries": "string",
- "maxmss": "string",
- "maxmss_enable": true,
- "vpn_fragment_reassemble": true,
- "natreflection": "string",
- "no_apipa_block": true,
- "optimization": "string",
- "otherfirsttimeout": "string",
- "othermultipletimeout": "string",
- "othersingletimeout": "string",
- "reflectiontimeout": "string",
- "scrubnodf": true,
- "scrubrnid": true,
- "sctpfirsttimeout": "string",
- "sctpopeningtimeout": "string",
- "sctpestablishedtimeout": "string",
- "sctpclosingtimeout": "string",
- "sctpclosedtimeout": "string",
- "statepolicy": "string",
- "disable_auto_floating_states": true,
- "tcpclosedtimeout": "string",
- "tcpclosingtimeout": "string",
- "tcpestablishedtimeout": "string",
- "tcpfinwaittimeout": "string",
- "tcpfirsttimeout": "string",
- "tcpopeningtimeout": "string",
- "tcptsdifftimeout": "string",
- "tftpinterface": [
- "string"
], - "udpfirsttimeout": "string",
- "udpmultipletimeout": "string",
- "udpsingletimeout": "string",
- "allow_nat64_prefix_override": true
}, - "interfaces": [
- {
- "text": "string",
- "value": "string"
}
]
}| adaptiveend | string |
| adaptivestart | string |
| aliasesresolveinterval | string |
| bogonsinterval | string |
| bypassstaticroutes | boolean |
| checkaliasesurlcert | boolean |
| disablefilter | boolean |
| disablenegate | boolean |
| disablereplyto | boolean |
| disablescrub | boolean |
| disablevpnrules | boolean |
| enablebinatreflection | boolean |
| enablenatreflectionhelper | boolean |
| enableethfilter | boolean |
| icmperrortimeout | string |
| icmpfirsttimeout | string |
| maximumfrags | string |
| maximumstates | string |
| maximumtableentries | string |
| maxmss | string |
| maxmss_enable | boolean |
| vpn_fragment_reassemble | boolean |
| natreflection | string |
| no_apipa_block | boolean |
| optimization | string |
| otherfirsttimeout | string |
| othermultipletimeout | string |
| othersingletimeout | string |
| reflectiontimeout | string |
| scrubnodf | boolean |
| scrubrnid | boolean |
| sctpfirsttimeout | string |
| sctpopeningtimeout | string |
| sctpestablishedtimeout | string |
| sctpclosingtimeout | string |
| sctpclosedtimeout | string |
| statepolicy | string |
| disable_auto_floating_states | boolean allow IPsec rules to automatically use floating states where needed |
| tcpclosedtimeout | string |
| tcpclosingtimeout | string |
| tcpestablishedtimeout | string |
| tcpfinwaittimeout | string |
| tcpfirsttimeout | string |
| tcpopeningtimeout | string |
| tcptsdifftimeout | string |
| tftpinterface | Array of strings |
| udpfirsttimeout | string |
| udpmultipletimeout | string |
| udpsingletimeout | string |
| allow_nat64_prefix_override | boolean Allow overriding the NAT64 prefix used in rules and services |
{- "adaptiveend": "string",
- "adaptivestart": "string",
- "aliasesresolveinterval": "string",
- "bogonsinterval": "string",
- "bypassstaticroutes": true,
- "checkaliasesurlcert": true,
- "disablefilter": true,
- "disablenegate": true,
- "disablereplyto": true,
- "disablescrub": true,
- "disablevpnrules": true,
- "enablebinatreflection": true,
- "enablenatreflectionhelper": true,
- "enableethfilter": true,
- "icmperrortimeout": "string",
- "icmpfirsttimeout": "string",
- "maximumfrags": "string",
- "maximumstates": "string",
- "maximumtableentries": "string",
- "maxmss": "string",
- "maxmss_enable": true,
- "vpn_fragment_reassemble": true,
- "natreflection": "string",
- "no_apipa_block": true,
- "optimization": "string",
- "otherfirsttimeout": "string",
- "othermultipletimeout": "string",
- "othersingletimeout": "string",
- "reflectiontimeout": "string",
- "scrubnodf": true,
- "scrubrnid": true,
- "sctpfirsttimeout": "string",
- "sctpopeningtimeout": "string",
- "sctpestablishedtimeout": "string",
- "sctpclosingtimeout": "string",
- "sctpclosedtimeout": "string",
- "statepolicy": "string",
- "disable_auto_floating_states": true,
- "tcpclosedtimeout": "string",
- "tcpclosingtimeout": "string",
- "tcpestablishedtimeout": "string",
- "tcpfinwaittimeout": "string",
- "tcpfirsttimeout": "string",
- "tcpopeningtimeout": "string",
- "tcptsdifftimeout": "string",
- "tftpinterface": [
- "string"
], - "udpfirsttimeout": "string",
- "udpmultipletimeout": "string",
- "udpsingletimeout": "string",
- "allow_nat64_prefix_override": true
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "misc": {
- "available_kernel_memory": 0,
- "block_external_services": true,
- "crypto_hardware": "string",
- "do_not_send_uniqueid": true,
- "dpinger_dont_add_static_routes": true,
- "gw_down_kill_states": "string",
- "harddiskstandby": "string",
- "hwpstate": true,
- "hwpstate_control_level": "string",
- "hwpstate_epp": 0,
- "ipsec_mb": true,
- "keep_failover_states": true,
- "lb_use_sticky": true,
- "mds": "string",
- "mds_disable": "string",
- "php_memory_limit": 0,
- "powerd_ac_mode": "string",
- "powerd_battery_mode": "string",
- "powerd_enable": true,
- "powerd_normal_mode": "string",
- "proxypass": "string",
- "proxypass_confirm": "string",
- "proxyport": 0,
- "proxyurl": "string",
- "proxyuser": "string",
- "pti": "string",
- "pti_disabled": true,
- "remove_failover_states_default": "string",
- "schedule_states": true,
- "skip_rules_gw_down": true,
- "srctrack": "string",
- "thermal_hardware": "string",
- "use_mfs_tmp_size": 0,
- "use_mfs_tmpvar": true,
- "use_mfs_var_size": 0,
- "watchdogd_enable": true,
- "watchdogd_timeout": "string",
- "rrdbackup": 0,
- "dhcpbackup": 0,
- "logsbackup": 0,
- "captiveportalbackup": 0
}
}object (AdvMisc) |
{- "misc": {
- "available_kernel_memory": 0,
- "block_external_services": true,
- "crypto_hardware": "string",
- "do_not_send_uniqueid": true,
- "dpinger_dont_add_static_routes": true,
- "gw_down_kill_states": "string",
- "harddiskstandby": "string",
- "hwpstate": true,
- "hwpstate_control_level": "string",
- "hwpstate_epp": 0,
- "ipsec_mb": true,
- "keep_failover_states": true,
- "lb_use_sticky": true,
- "mds": "string",
- "mds_disable": "string",
- "php_memory_limit": 0,
- "powerd_ac_mode": "string",
- "powerd_battery_mode": "string",
- "powerd_enable": true,
- "powerd_normal_mode": "string",
- "proxypass": "string",
- "proxypass_confirm": "string",
- "proxyport": 0,
- "proxyurl": "string",
- "proxyuser": "string",
- "pti": "string",
- "pti_disabled": true,
- "remove_failover_states_default": "string",
- "schedule_states": true,
- "skip_rules_gw_down": true,
- "srctrack": "string",
- "thermal_hardware": "string",
- "use_mfs_tmp_size": 0,
- "use_mfs_tmpvar": true,
- "use_mfs_var_size": 0,
- "watchdogd_enable": true,
- "watchdogd_timeout": "string",
- "rrdbackup": 0,
- "dhcpbackup": 0,
- "logsbackup": 0,
- "captiveportalbackup": 0
}
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "networking": {
- "disablechecksumoffloading": true,
- "disablesegmentationoffloading": true,
- "disablelargereceiveoffloading": true,
- "dhcp6debug": true,
- "dhcp6norelease": true,
- "hnaltqenable": true,
- "ignoreiscwarning": true,
- "ip_change_kill_states": true,
- "ipv6allow": true,
- "ipv6dontcreatelocaldns": true,
- "ipv6nat_enable": true,
- "prefer_ipv4": true,
- "sharednet": true,
- "radvddebug": true,
- "duid": "string",
- "global_v6duid": "string",
- "ipv6duiden_en": "string",
- "ipv6duiden_id": "string",
- "ipv6duidll": "string",
- "ipv6duidllt_ll": "string",
- "ipv6duidllt_time": "string",
- "ipv6duidtype": "string",
- "ipv6duiduuid": "string",
- "ipv6nat_ipaddr": "string",
- "dhcpbackend": "string",
- "use_if_pppoe": true
}
}| disablechecksumoffloading | boolean |
| disablesegmentationoffloading | boolean |
| disablelargereceiveoffloading | boolean |
| dhcp6debug | boolean |
| dhcp6norelease | boolean |
| hnaltqenable | boolean |
| ignoreiscwarning | boolean |
| ip_change_kill_states | boolean |
| ipv6allow | boolean |
| ipv6dontcreatelocaldns | boolean |
| ipv6nat_enable | boolean |
| prefer_ipv4 | boolean |
| sharednet | boolean |
| radvddebug | boolean |
| duid | string |
| global_v6duid | string |
| ipv6duiden_en | string |
| ipv6duiden_id | string |
| ipv6duidll | string |
| ipv6duidllt_ll | string |
| ipv6duidllt_time | string |
| ipv6duidtype | string |
| ipv6duiduuid | string |
| ipv6nat_ipaddr | string |
| dhcpbackend | string |
| use_if_pppoe | boolean |
{- "disablechecksumoffloading": true,
- "disablesegmentationoffloading": true,
- "disablelargereceiveoffloading": true,
- "dhcp6debug": true,
- "dhcp6norelease": true,
- "hnaltqenable": true,
- "ignoreiscwarning": true,
- "ip_change_kill_states": true,
- "ipv6allow": true,
- "ipv6dontcreatelocaldns": true,
- "ipv6nat_enable": true,
- "prefer_ipv4": true,
- "sharednet": true,
- "radvddebug": true,
- "duid": "string",
- "global_v6duid": "string",
- "ipv6duiden_en": "string",
- "ipv6duiden_id": "string",
- "ipv6duidll": "string",
- "ipv6duidllt_ll": "string",
- "ipv6duidllt_time": "string",
- "ipv6duidtype": "string",
- "ipv6duiduuid": "string",
- "ipv6nat_ipaddr": "string",
- "dhcpbackend": "string",
- "use_if_pppoe": true
}{- "reboot_msg": "string"
}{- "notifications": {
- "cert_enable_notify": true,
- "disablebeep": true,
- "disable_smtp": true,
- "enable_pushover": true,
- "enable_telegram": true,
- "smtpssl": true,
- "sslvalidate": true,
- "api": "string",
- "certexpiredays": 0,
- "chatid": "string",
- "pushoverapikey": "string",
- "pushoverexpire": 0,
- "pushoverpriority": "string",
- "pushoverretry": 0,
- "pushoversound": "string",
- "pushoveruserkey": "string",
- "smtpauthmech": "string",
- "smtpfromaddress": "string",
- "smtpipaddress": "string",
- "smtpnotifyemailaddress": "string",
- "smtppassword": "string",
- "smtppassword_confirm": "string",
- "smtpport": "string",
- "smtptimeout": 0,
- "smtpusername": "string",
- "save": true,
- "test_slack": true,
- "test_smtp": true,
- "test_telegram": true,
- "test_pushover": true,
- "revoked_cert_ignore_notify": true,
- "enable_slack": true,
- "slack_api": "string",
- "slack_channel": "string"
}
}object (AdvNotificationSetting) |
{- "notifications": {
- "cert_enable_notify": true,
- "disablebeep": true,
- "disable_smtp": true,
- "enable_pushover": true,
- "enable_telegram": true,
- "smtpssl": true,
- "sslvalidate": true,
- "api": "string",
- "certexpiredays": 0,
- "chatid": "string",
- "pushoverapikey": "string",
- "pushoverexpire": 0,
- "pushoverpriority": "string",
- "pushoverretry": 0,
- "pushoversound": "string",
- "pushoveruserkey": "string",
- "smtpauthmech": "string",
- "smtpfromaddress": "string",
- "smtpipaddress": "string",
- "smtpnotifyemailaddress": "string",
- "smtppassword": "string",
- "smtppassword_confirm": "string",
- "smtpport": "string",
- "smtptimeout": 0,
- "smtpusername": "string",
- "save": true,
- "test_slack": true,
- "test_smtp": true,
- "test_telegram": true,
- "test_pushover": true,
- "revoked_cert_ignore_notify": true,
- "enable_slack": true,
- "slack_api": "string",
- "slack_channel": "string"
}
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "tunable": {
- "tunable": "string",
- "value": "string",
- "descr": "string",
- "modified": true
}, - "id": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| cert_path | string |
| key_path | string |
{- "cert_path": "string",
- "key_path": "string"
}{- "result": "string"
}{- "envs": {
- "property1": {
- "creation_nice": "string",
- "used_nice": 0,
- "version": "string",
- "name": "string",
- "mounted": "string",
- "activate_title": "string",
- "dataset": "string",
- "prior": "string",
- "creation": "string",
- "usedrefreserv": "string",
- "used": "string",
- "upgrading": true,
- "active": true,
- "nextboot": true,
- "activate_icon": "string",
- "lastbooted_nice": "string",
- "usedsnap": "string",
- "descr": "string",
- "failed": true,
- "referenced": "string",
- "mountpoint": "string",
- "bootonce": true,
- "origin": "string",
- "useds": "string",
- "protect": true
}, - "property2": {
- "creation_nice": "string",
- "used_nice": 0,
- "version": "string",
- "name": "string",
- "mounted": "string",
- "activate_title": "string",
- "dataset": "string",
- "prior": "string",
- "creation": "string",
- "usedrefreserv": "string",
- "used": "string",
- "upgrading": true,
- "active": true,
- "nextboot": true,
- "activate_icon": "string",
- "lastbooted_nice": "string",
- "usedsnap": "string",
- "descr": "string",
- "failed": true,
- "referenced": "string",
- "mountpoint": "string",
- "bootonce": true,
- "origin": "string",
- "useds": "string",
- "protect": true
}
}
}| name required | string |
| descr | string |
| from required | string |
| protect | boolean |
{- "name": "string",
- "descr": "string",
- "from": "string",
- "protect": true
}{- "result": "string"
}| name | string |
| temp | boolean |
{- "name": "string",
- "temp": true
}{- "envs": {
- "property1": {
- "creation_nice": "string",
- "used_nice": 0,
- "version": "string",
- "name": "string",
- "mounted": "string",
- "activate_title": "string",
- "dataset": "string",
- "prior": "string",
- "creation": "string",
- "usedrefreserv": "string",
- "used": "string",
- "upgrading": true,
- "active": true,
- "nextboot": true,
- "activate_icon": "string",
- "lastbooted_nice": "string",
- "usedsnap": "string",
- "descr": "string",
- "failed": true,
- "referenced": "string",
- "mountpoint": "string",
- "bootonce": true,
- "origin": "string",
- "useds": "string",
- "protect": true
}, - "property2": {
- "creation_nice": "string",
- "used_nice": 0,
- "version": "string",
- "name": "string",
- "mounted": "string",
- "activate_title": "string",
- "dataset": "string",
- "prior": "string",
- "creation": "string",
- "usedrefreserv": "string",
- "used": "string",
- "upgrading": true,
- "active": true,
- "nextboot": true,
- "activate_icon": "string",
- "lastbooted_nice": "string",
- "usedsnap": "string",
- "descr": "string",
- "failed": true,
- "referenced": "string",
- "mountpoint": "string",
- "bootonce": true,
- "origin": "string",
- "useds": "string",
- "protect": true
}
}
}| name required | string |
| old_name required | string |
| name | string |
| descr | string |
| protect | boolean |
{- "old_name": "string",
- "name": "string",
- "descr": "string",
- "protect": true
}{- "result": "string"
}{- "cas": [
- {
- "name": "string",
- "refid": "string",
- "internal": true,
- "issuer": "string",
- "certificates": 0,
- "inuse": [
- "string"
], - "trust": true,
- "randomize_serial": true,
- "next_serial": 0,
- "info": {
- "issuer": "string",
- "serial": "string",
- "sig_digest": "string",
- "dn": "string",
- "san": "string",
- "key_usage": "string",
- "key_type": "string",
- "key_size": 0,
- "ext_key_usage": "string",
- "hash": "string",
- "subject": "string",
- "subject_key_id": "string",
- "auth_key_id": "string",
- "valid_from": "string",
- "expires": "string",
- "raw_data": "string",
- "cert_fingerprint": "string",
- "self_signed": true,
- "private_key": "string"
}
}
]
}Add a new Certificate Authority. The input must provide one of the method structures which contain the parameters to generate the certificate from. If an existing certificate is to be used, the method_existing must contain the certificate and the private key associated with it.
The input NewCaCertReq object must have a name provided, and one of the method_xxxxx
providing the certificate creation options.
| name required | string |
| trust | boolean |
| randomize_serial | boolean |
object (CaCertMethodNew) Options for creating/updating an internal CA certificate. The values for internal and intermediate certificates are the same, with the exception that the intermediate certificate is signed by a CA referenced by caref. For key type, size and options, query /system/certopts for the supported values.
| |
object (CaCertMethodExisting) Existing PEM certificate and key, either in PEM format or base64-encoded | |
object (CaCertMethodNew) Options for creating/updating an internal CA certificate. The values for internal and intermediate certificates are the same, with the exception that the intermediate certificate is signed by a CA referenced by caref. For key type, size and options, query /system/certopts for the supported values.
|
{- "name": "string",
- "trust": true,
- "randomize_serial": true,
- "method_internal": {
- "key_type": "string",
- "key_size": 0,
- "key_opt": "string",
- "digest_alg": "string",
- "lifetime": 0,
- "cn": "string",
- "country_code": "string",
- "state": "string",
- "city": "string",
- "org": "string",
- "ou": "string",
- "caref": "string"
}, - "method_existing": {
- "cert": "string",
- "private_key": "string",
- "next_serial": 0
}, - "method_intermediate": {
- "key_type": "string",
- "key_size": 0,
- "key_opt": "string",
- "digest_alg": "string",
- "lifetime": 0,
- "cn": "string",
- "country_code": "string",
- "state": "string",
- "city": "string",
- "org": "string",
- "ou": "string",
- "caref": "string"
}
}{- "name": "string",
- "refid": "string",
- "internal": true,
- "issuer": "string",
- "certificates": 0,
- "inuse": [
- "string"
], - "trust": true,
- "randomize_serial": true,
- "next_serial": 0,
- "info": {
- "issuer": "string",
- "serial": "string",
- "sig_digest": "string",
- "dn": "string",
- "san": "string",
- "key_usage": "string",
- "key_type": "string",
- "key_size": 0,
- "ext_key_usage": "string",
- "hash": "string",
- "subject": "string",
- "subject_key_id": "string",
- "auth_key_id": "string",
- "valid_from": "string",
- "expires": "string",
- "raw_data": "string",
- "cert_fingerprint": "string",
- "self_signed": true,
- "private_key": "string"
}
}| refid required | string |
{- "name": "string",
- "refid": "string",
- "internal": true,
- "issuer": "string",
- "certificates": 0,
- "inuse": [
- "string"
], - "trust": true,
- "randomize_serial": true,
- "next_serial": 0,
- "info": {
- "issuer": "string",
- "serial": "string",
- "sig_digest": "string",
- "dn": "string",
- "san": "string",
- "key_usage": "string",
- "key_type": "string",
- "key_size": 0,
- "ext_key_usage": "string",
- "hash": "string",
- "subject": "string",
- "subject_key_id": "string",
- "auth_key_id": "string",
- "valid_from": "string",
- "expires": "string",
- "raw_data": "string",
- "cert_fingerprint": "string",
- "self_signed": true,
- "private_key": "string"
}
}{- "cas": [
- {
- "name": "string",
- "refid": "string",
- "internal": true,
- "issuer": "string",
- "certificates": 0,
- "inuse": [
- "string"
], - "trust": true,
- "randomize_serial": true,
- "next_serial": 0,
- "info": {
- "issuer": "string",
- "serial": "string",
- "sig_digest": "string",
- "dn": "string",
- "san": "string",
- "key_usage": "string",
- "key_type": "string",
- "key_size": 0,
- "ext_key_usage": "string",
- "hash": "string",
- "subject": "string",
- "subject_key_id": "string",
- "auth_key_id": "string",
- "valid_from": "string",
- "expires": "string",
- "raw_data": "string",
- "cert_fingerprint": "string",
- "self_signed": true,
- "private_key": "string"
}
}
]
}| refid required | string |
| name required | string |
| trust | boolean |
| randomize_serial | boolean |
object (CaCertMethodNew) Options for creating/updating an internal CA certificate. The values for internal and intermediate certificates are the same, with the exception that the intermediate certificate is signed by a CA referenced by caref. For key type, size and options, query /system/certopts for the supported values.
| |
object (CaCertMethodExisting) Existing PEM certificate and key, either in PEM format or base64-encoded | |
object (CaCertMethodNew) Options for creating/updating an internal CA certificate. The values for internal and intermediate certificates are the same, with the exception that the intermediate certificate is signed by a CA referenced by caref. For key type, size and options, query /system/certopts for the supported values.
|
{- "name": "string",
- "trust": true,
- "randomize_serial": true,
- "method_internal": {
- "key_type": "string",
- "key_size": 0,
- "key_opt": "string",
- "digest_alg": "string",
- "lifetime": 0,
- "cn": "string",
- "country_code": "string",
- "state": "string",
- "city": "string",
- "org": "string",
- "ou": "string",
- "caref": "string"
}, - "method_existing": {
- "cert": "string",
- "private_key": "string",
- "next_serial": 0
}, - "method_intermediate": {
- "key_type": "string",
- "key_size": 0,
- "key_opt": "string",
- "digest_alg": "string",
- "lifetime": 0,
- "cn": "string",
- "country_code": "string",
- "state": "string",
- "city": "string",
- "org": "string",
- "ou": "string",
- "caref": "string"
}
}{- "name": "string",
- "refid": "string",
- "internal": true,
- "issuer": "string",
- "certificates": 0,
- "inuse": [
- "string"
], - "trust": true,
- "randomize_serial": true,
- "next_serial": 0,
- "info": {
- "issuer": "string",
- "serial": "string",
- "sig_digest": "string",
- "dn": "string",
- "san": "string",
- "key_usage": "string",
- "key_type": "string",
- "key_size": 0,
- "ext_key_usage": "string",
- "hash": "string",
- "subject": "string",
- "subject_key_id": "string",
- "auth_key_id": "string",
- "valid_from": "string",
- "expires": "string",
- "raw_data": "string",
- "cert_fingerprint": "string",
- "self_signed": true,
- "private_key": "string"
}
}{- "errcode": 0,
- "errlevel": "string",
- "errmsg": "string",
- "alerts": {
- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}
}{- "errcode": 0,
- "errlevel": "string",
- "errmsg": "string",
- "alerts": {
- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}
}| refid required | string |
| reusekey | boolean |
| reuseserial | boolean |
| strictsecurity | boolean |
{- "reusekey": true,
- "reuseserial": true,
- "strictsecurity": true
}{- "name": "string",
- "refid": "string",
- "internal": true,
- "issuer": "string",
- "certificates": 0,
- "inuse": [
- "string"
], - "trust": true,
- "randomize_serial": true,
- "next_serial": 0,
- "info": {
- "issuer": "string",
- "serial": "string",
- "sig_digest": "string",
- "dn": "string",
- "san": "string",
- "key_usage": "string",
- "key_type": "string",
- "key_size": 0,
- "ext_key_usage": "string",
- "hash": "string",
- "subject": "string",
- "subject_key_id": "string",
- "auth_key_id": "string",
- "valid_from": "string",
- "expires": "string",
- "raw_data": "string",
- "cert_fingerprint": "string",
- "self_signed": true,
- "private_key": "string"
}
}{- "certs": [
- {
- "refid": "string",
- "descr": "string",
- "crt": "string",
- "csr": "string",
- "caref": "string",
- "cadata": "string",
- "ends": "string",
- "inuse": "string",
- "issuer": "string",
- "prv": "string",
- "starts": "string",
- "subj": "string",
- "type": "string",
- "name": "string",
- "dn": "string",
- "info": {
- "issuer": "string",
- "serial": "string",
- "sig_digest": "string",
- "dn": "string",
- "san": "string",
- "key_usage": "string",
- "key_type": "string",
- "key_size": 0,
- "ext_key_usage": "string",
- "hash": "string",
- "subject": "string",
- "subject_key_id": "string",
- "auth_key_id": "string",
- "valid_from": "string",
- "expires": "string",
- "raw_data": "string",
- "cert_fingerprint": "string",
- "self_signed": true,
- "private_key": "string"
}, - "can_renew": true
}
]
}Add a certificate, CSR or sign CSR request. The NewCertReq method can contain one of:
| name | string |
| descr | string |
| description | string |
| userid | integer |
object (CertMethodNew) Options for creating/updating an internal certificate. For key type, size and options, query /system/certopts for the supported values.
| |
object (CertMethodExistingPEM) Existing PEM certificate and key, either in PEM/pkcs12 format or base64-encoded | |
object (CertMethodExistingPkcs12) Existing PKCS12 certificate and key; the PKCS12 payload is to be sent as a file upload part in a multi-part request, otherwise it can be included as pkcs12_b64 directly within this structure. | |
object (CertMethodSigningRequest) | |
object (CertMethodSignCSR) Sign a certificate signing request with the selected CA. An existing csr_refid or new CSR (base64 encoded "csr") must be provided. |
{- "name": "string",
- "descr": "string",
- "description": "string",
- "userid": 0,
- "method_internal": {
- "caref": "string",
- "key_type": "string",
- "key_size": 0,
- "key_opt": "string",
- "digest_alg": "string",
- "lifetime": 0,
- "cn": "string",
- "country_code": "string",
- "state": "string",
- "city": "string",
- "org": "string",
- "ou": "string",
- "server_cert": true,
- "alt_names": [
- {
- "type": "string",
- "value": "string"
}
]
}, - "method_existing_pem": {
- "cert": "string",
- "private_key": "string"
}, - "method_existing_pkcs12": {
- "password": "string",
- "intermediates": true,
- "pkcs12_b64": "string"
}, - "method_csr": {
- "key_type": "string",
- "key_size": 0,
- "key_opt": "string",
- "digest_alg": "string",
- "cn": "string",
- "country_code": "string",
- "state": "string",
- "city": "string",
- "org": "string",
- "ou": "string",
- "server_cert": true,
- "alt_names": [
- {
- "type": "string",
- "value": "string"
}
]
}, - "method_sign": {
- "caref": "string",
- "csr_refid": "string",
- "csr": "string",
- "priv_key": "string",
- "lifetime": 0,
- "digest_alg": "string",
- "server_cert": true,
- "alt_names": [
- {
- "type": "string",
- "value": "string"
}
]
}
}{- "refid": "string",
- "descr": "string",
- "crt": "string",
- "csr": "string",
- "caref": "string",
- "cadata": "string",
- "ends": "string",
- "inuse": "string",
- "issuer": "string",
- "prv": "string",
- "starts": "string",
- "subj": "string",
- "type": "string",
- "name": "string",
- "dn": "string",
- "info": {
- "issuer": "string",
- "serial": "string",
- "sig_digest": "string",
- "dn": "string",
- "san": "string",
- "key_usage": "string",
- "key_type": "string",
- "key_size": 0,
- "ext_key_usage": "string",
- "hash": "string",
- "subject": "string",
- "subject_key_id": "string",
- "auth_key_id": "string",
- "valid_from": "string",
- "expires": "string",
- "raw_data": "string",
- "cert_fingerprint": "string",
- "self_signed": true,
- "private_key": "string"
}, - "can_renew": true
}object (NewCertReq) Request for creating a cert or updating an existing one.
| |
| pkcs12file | string <binary> |
{- "refid": "string",
- "descr": "string",
- "crt": "string",
- "csr": "string",
- "caref": "string",
- "cadata": "string",
- "ends": "string",
- "inuse": "string",
- "issuer": "string",
- "prv": "string",
- "starts": "string",
- "subj": "string",
- "type": "string",
- "name": "string",
- "dn": "string",
- "info": {
- "issuer": "string",
- "serial": "string",
- "sig_digest": "string",
- "dn": "string",
- "san": "string",
- "key_usage": "string",
- "key_type": "string",
- "key_size": 0,
- "ext_key_usage": "string",
- "hash": "string",
- "subject": "string",
- "subject_key_id": "string",
- "auth_key_id": "string",
- "valid_from": "string",
- "expires": "string",
- "raw_data": "string",
- "cert_fingerprint": "string",
- "self_signed": true,
- "private_key": "string"
}, - "can_renew": true
}{- "cert": {
- "refid": "string",
- "descr": "string",
- "crt": "string",
- "csr": "string",
- "caref": "string",
- "cadata": "string",
- "ends": "string",
- "inuse": "string",
- "issuer": "string",
- "prv": "string",
- "starts": "string",
- "subj": "string",
- "type": "string",
- "name": "string",
- "dn": "string",
- "info": {
- "issuer": "string",
- "serial": "string",
- "sig_digest": "string",
- "dn": "string",
- "san": "string",
- "key_usage": "string",
- "key_type": "string",
- "key_size": 0,
- "ext_key_usage": "string",
- "hash": "string",
- "subject": "string",
- "subject_key_id": "string",
- "auth_key_id": "string",
- "valid_from": "string",
- "expires": "string",
- "raw_data": "string",
- "cert_fingerprint": "string",
- "self_signed": true,
- "private_key": "string"
}, - "can_renew": true
}
}{- "certs": [
- {
- "refid": "string",
- "descr": "string",
- "crt": "string",
- "csr": "string",
- "caref": "string",
- "cadata": "string",
- "ends": "string",
- "inuse": "string",
- "issuer": "string",
- "prv": "string",
- "starts": "string",
- "subj": "string",
- "type": "string",
- "name": "string",
- "dn": "string",
- "info": {
- "issuer": "string",
- "serial": "string",
- "sig_digest": "string",
- "dn": "string",
- "san": "string",
- "key_usage": "string",
- "key_type": "string",
- "key_size": 0,
- "ext_key_usage": "string",
- "hash": "string",
- "subject": "string",
- "subject_key_id": "string",
- "auth_key_id": "string",
- "valid_from": "string",
- "expires": "string",
- "raw_data": "string",
- "cert_fingerprint": "string",
- "self_signed": true,
- "private_key": "string"
}, - "can_renew": true
}
]
}| refid required | string |
| name | string |
| descr | string |
| description | string |
object (CertMethodExistingPEM) Existing PEM certificate and key, either in PEM/pkcs12 format or base64-encoded | |
object (CertMethodExistingPkcs12) Existing PKCS12 certificate and key; the PKCS12 payload is to be sent as a file upload part in a multi-part request, otherwise it can be included as pkcs12_b64 directly within this structure. |
{- "name": "string",
- "descr": "string",
- "description": "string",
- "method_existing_pem": {
- "cert": "string",
- "private_key": "string"
}, - "method_existing_pkcs12": {
- "password": "string",
- "intermediates": true,
- "pkcs12_b64": "string"
}
}{- "refid": "string",
- "descr": "string",
- "crt": "string",
- "csr": "string",
- "caref": "string",
- "cadata": "string",
- "ends": "string",
- "inuse": "string",
- "issuer": "string",
- "prv": "string",
- "starts": "string",
- "subj": "string",
- "type": "string",
- "name": "string",
- "dn": "string",
- "info": {
- "issuer": "string",
- "serial": "string",
- "sig_digest": "string",
- "dn": "string",
- "san": "string",
- "key_usage": "string",
- "key_type": "string",
- "key_size": 0,
- "ext_key_usage": "string",
- "hash": "string",
- "subject": "string",
- "subject_key_id": "string",
- "auth_key_id": "string",
- "valid_from": "string",
- "expires": "string",
- "raw_data": "string",
- "cert_fingerprint": "string",
- "self_signed": true,
- "private_key": "string"
}, - "can_renew": true
}| refid required | string |
object (UpdatePKCS12CertReq) Update the certificate with PKCS12 appended file upload | |
| pcsk12file | string <binary> |
{- "refid": "string",
- "descr": "string",
- "crt": "string",
- "csr": "string",
- "caref": "string",
- "cadata": "string",
- "ends": "string",
- "inuse": "string",
- "issuer": "string",
- "prv": "string",
- "starts": "string",
- "subj": "string",
- "type": "string",
- "name": "string",
- "dn": "string",
- "info": {
- "issuer": "string",
- "serial": "string",
- "sig_digest": "string",
- "dn": "string",
- "san": "string",
- "key_usage": "string",
- "key_type": "string",
- "key_size": 0,
- "ext_key_usage": "string",
- "hash": "string",
- "subject": "string",
- "subject_key_id": "string",
- "auth_key_id": "string",
- "valid_from": "string",
- "expires": "string",
- "raw_data": "string",
- "cert_fingerprint": "string",
- "self_signed": true,
- "private_key": "string"
}, - "can_renew": true
}{- "errcode": 0,
- "errlevel": "string",
- "errmsg": "string",
- "alerts": {
- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}
}{- "errcode": 0,
- "errlevel": "string",
- "errmsg": "string",
- "alerts": {
- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}
}| refid required | string |
| password | string pass-phrase to protect certificate |
{- "password": "string"
}{- "errcode": 0,
- "errlevel": "string",
- "errmsg": "string",
- "alerts": {
- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}
}| refid required | string |
{- "errcode": 0,
- "errlevel": "string",
- "errmsg": "string",
- "alerts": {
- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}
}| refid required | string |
| password | string pass-phrase to protect pkcs12 file |
| add_certauths | boolean add cert authorities to pkcs12 store |
| encryption | string Enum: "high" "low" "legacy" encryption level (high, low, legacy) |
{- "password": "string",
- "add_certauths": true,
- "encryption": "high"
}{- "errcode": 0,
- "errlevel": "string",
- "errmsg": "string",
- "alerts": {
- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}
}| refid required | string |
| reusekey | boolean |
| reuseserial | boolean |
| strictsecurity | boolean |
{- "reusekey": true,
- "reuseserial": true,
- "strictsecurity": true
}{- "refid": "string",
- "descr": "string",
- "crt": "string",
- "csr": "string",
- "caref": "string",
- "cadata": "string",
- "ends": "string",
- "inuse": "string",
- "issuer": "string",
- "prv": "string",
- "starts": "string",
- "subj": "string",
- "type": "string",
- "name": "string",
- "dn": "string",
- "info": {
- "issuer": "string",
- "serial": "string",
- "sig_digest": "string",
- "dn": "string",
- "san": "string",
- "key_usage": "string",
- "key_type": "string",
- "key_size": 0,
- "ext_key_usage": "string",
- "hash": "string",
- "subject": "string",
- "subject_key_id": "string",
- "auth_key_id": "string",
- "valid_from": "string",
- "expires": "string",
- "raw_data": "string",
- "cert_fingerprint": "string",
- "self_signed": true,
- "private_key": "string"
}, - "can_renew": true
}Retrieve the list of subsystem configuration which are pending applying of changes
{- "dirty_subsystems": {
- "property1": {
- "name": "string",
- "descr": "string",
- "file": "string"
}, - "property2": {
- "name": "string",
- "descr": "string",
- "file": "string"
}
}, - "all_subsystems": {
- "property1": {
- "name": "string",
- "descr": "string",
- "file": "string"
}, - "property2": {
- "name": "string",
- "descr": "string",
- "file": "string"
}
}
}The configuration has pending changes that require a series of being applied. It returns the list of subsystems that are still dirty.
| apply | boolean |
{- "apply": true
}{- "dirty_subsystems": {
- "property1": {
- "name": "string",
- "descr": "string",
- "file": "string"
}, - "property2": {
- "name": "string",
- "descr": "string",
- "file": "string"
}
}, - "all_subsystems": {
- "property1": {
- "name": "string",
- "descr": "string",
- "file": "string"
}, - "property2": {
- "name": "string",
- "descr": "string",
- "file": "string"
}
}
}{- "crls": [
- {
- "refid": "string",
- "ca_refid": "string",
- "descr": "string",
- "method": "string",
- "serial": 0,
- "lifetime": 0,
- "internal": true,
- "inuse": true,
- "is_ovpn_crl": true,
- "text": "string",
- "cert": [
- {
- "refid": "string",
- "ca_refid": "string",
- "descr": "string",
- "type": "string",
- "cert": "string",
- "privkey": "string",
- "serial": 0,
- "reason": "string",
- "revoke_time": 0
}
], - "pkgs": {
- "property1": {
- "used_by": [
- "string"
], - "count": 0
}, - "property2": {
- "used_by": [
- "string"
], - "count": 0
}
}
}
], - "refid": "string"
}Add a new CRL with either an existing X509 input or values for creating a new one. The NewCRLReq method must contain one of:
| ca_refid | string CA reference ID |
| descr | string descriptive name |
object (CRLMethodNew) | |
object (CRLMethodX509) |
{- "ca_refid": "string",
- "descr": "string",
- "method_internal": {
- "lifetime": 0,
- "serial": 0
}, - "method_x509": {
- "crl": "string"
}
}{- "crls": [
- {
- "refid": "string",
- "ca_refid": "string",
- "descr": "string",
- "method": "string",
- "serial": 0,
- "lifetime": 0,
- "internal": true,
- "inuse": true,
- "is_ovpn_crl": true,
- "text": "string",
- "cert": [
- {
- "refid": "string",
- "ca_refid": "string",
- "descr": "string",
- "type": "string",
- "cert": "string",
- "privkey": "string",
- "serial": 0,
- "reason": "string",
- "revoke_time": 0
}
], - "pkgs": {
- "property1": {
- "used_by": [
- "string"
], - "count": 0
}, - "property2": {
- "used_by": [
- "string"
], - "count": 0
}
}
}
], - "refid": "string"
}{- "refid": "string",
- "ca_refid": "string",
- "descr": "string",
- "method": "string",
- "serial": 0,
- "lifetime": 0,
- "internal": true,
- "inuse": true,
- "is_ovpn_crl": true,
- "text": "string",
- "cert": [
- {
- "refid": "string",
- "ca_refid": "string",
- "descr": "string",
- "type": "string",
- "cert": "string",
- "privkey": "string",
- "serial": 0,
- "reason": "string",
- "revoke_time": 0
}
], - "pkgs": {
- "property1": {
- "used_by": [
- "string"
], - "count": 0
}, - "property2": {
- "used_by": [
- "string"
], - "count": 0
}
}
}Update CRL details, with option to add certificates to be revoked (if the CRL is an internal one). The update request must provide the complete CRL information including its description, just like creating a new CRL.
| refid required | string |
| ca_refid | string CA reference ID |
| descr | string descriptive name |
object (CRLMethodInternalUpdate) | |
object (CRLMethodX509) |
{- "ca_refid": "string",
- "descr": "string",
- "method_internal": {
- "lifetime": 0,
- "serial": 0,
- "revoke_reason": "nostatus",
- "revoke_serials": [
- 0
], - "revoke_certref": [
- "string"
]
}, - "method_x509": {
- "crl": "string"
}
}{- "crls": [
- {
- "refid": "string",
- "ca_refid": "string",
- "descr": "string",
- "method": "string",
- "serial": 0,
- "lifetime": 0,
- "internal": true,
- "inuse": true,
- "is_ovpn_crl": true,
- "text": "string",
- "cert": [
- {
- "refid": "string",
- "ca_refid": "string",
- "descr": "string",
- "type": "string",
- "cert": "string",
- "privkey": "string",
- "serial": 0,
- "reason": "string",
- "revoke_time": 0
}
], - "pkgs": {
- "property1": {
- "used_by": [
- "string"
], - "count": 0
}, - "property2": {
- "used_by": [
- "string"
], - "count": 0
}
}
}
], - "refid": "string"
}Deletes the CRL record from the configuration. This also results in certificates being unrevoked.
| refid required | string |
{- "crls": [
- {
- "refid": "string",
- "ca_refid": "string",
- "descr": "string",
- "method": "string",
- "serial": 0,
- "lifetime": 0,
- "internal": true,
- "inuse": true,
- "is_ovpn_crl": true,
- "text": "string",
- "cert": [
- {
- "refid": "string",
- "ca_refid": "string",
- "descr": "string",
- "type": "string",
- "cert": "string",
- "privkey": "string",
- "serial": 0,
- "reason": "string",
- "revoke_time": 0
}
], - "pkgs": {
- "property1": {
- "used_by": [
- "string"
], - "count": 0
}, - "property2": {
- "used_by": [
- "string"
], - "count": 0
}
}
}
], - "refid": "string"
}Unrevokes the certificate by removing it from the CRL.
| refid required | string |
| certid required | string |
{- "crls": [
- {
- "refid": "string",
- "ca_refid": "string",
- "descr": "string",
- "method": "string",
- "serial": 0,
- "lifetime": 0,
- "internal": true,
- "inuse": true,
- "is_ovpn_crl": true,
- "text": "string",
- "cert": [
- {
- "refid": "string",
- "ca_refid": "string",
- "descr": "string",
- "type": "string",
- "cert": "string",
- "privkey": "string",
- "serial": 0,
- "reason": "string",
- "revoke_time": 0
}
], - "pkgs": {
- "property1": {
- "used_by": [
- "string"
], - "count": 0
}, - "property2": {
- "used_by": [
- "string"
], - "count": 0
}
}
}
], - "refid": "string"
}{- "errcode": 0,
- "errlevel": "string",
- "errmsg": "string",
- "alerts": {
- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}
}Retrieve the system's current firmware version and determine if there is an upgradable firmware image available to install on the system.
{- "current_version": "string",
- "latest_version": "string",
- "status": "string",
- "message": "string"
}Upgrade the system's firmware to the latest available version. The system should be rebooted after upgrading.
| upgrade | boolean set to true to confirm upgrade |
{- "upgrade": true
}{- "result": "string"
}{- "defaults": {
- "defaultgw4": "string",
- "defaultgw6": "string"
}, - "gateways": [
- {
- "gateway": "string",
- "name": "string",
- "dynamic": true,
- "disabled": true,
- "ipprotocol": "string",
- "gw_down_kill_states": "string",
- "interface_device": "string",
- "interface_identity": "string",
- "interface_assigned": "string",
- "interface": "string",
- "friendlyiface": "string",
- "friendlyifdescr": "string",
- "action_disable": true,
- "attribute": "string",
- "isdefaultgw": true,
- "monitor": "string",
- "monitor_disable": true,
- "descr": "string",
- "tiername": "string",
- "weight": 0,
- "data_payload": 0,
- "interval": 0,
- "latencylow": 0,
- "latencyhigh": 0,
- "losslow": 0,
- "losshigh": 0,
- "loss_interval": 0,
- "time_period": 0,
- "alert_interval": 0,
- "nonlocalgateway": true,
- "defaults": {
- "defaultgw4": "string",
- "defaultgw6": "string"
}
}
], - "default_assignable_gw4": [
- {
- "value": "string",
- "text": "string"
}
], - "default_assignable_gw6": [
- {
- "value": "string",
- "text": "string"
}
]
}| gateway required | string |
| name | string |
| dynamic | boolean |
| disabled | boolean |
| ipprotocol | string |
| gw_down_kill_states | string |
| interface_device | string |
| interface_identity | string |
| interface_assigned | string |
| interface | string obsolete - use interface_device |
| friendlyiface | string obsolete - use interface_identity |
| friendlyifdescr | string obsolete - use interface_assigned |
| action_disable | boolean |
| attribute | string |
| isdefaultgw | boolean |
| monitor | string |
| monitor_disable | boolean |
| descr | string |
| tiername | string |
| weight | integer |
| data_payload | integer |
| interval | integer |
| latencylow | integer |
| latencyhigh | integer |
| losslow | integer |
| losshigh | integer |
| loss_interval | integer |
| time_period | integer |
| alert_interval | integer |
| nonlocalgateway | boolean |
object (GatewayDefaults) |
{- "gateway": "string",
- "name": "string",
- "dynamic": true,
- "disabled": true,
- "ipprotocol": "string",
- "gw_down_kill_states": "string",
- "interface_device": "string",
- "interface_identity": "string",
- "interface_assigned": "string",
- "interface": "string",
- "friendlyiface": "string",
- "friendlyifdescr": "string",
- "action_disable": true,
- "attribute": "string",
- "isdefaultgw": true,
- "monitor": "string",
- "monitor_disable": true,
- "descr": "string",
- "tiername": "string",
- "weight": 0,
- "data_payload": 0,
- "interval": 0,
- "latencylow": 0,
- "latencyhigh": 0,
- "losslow": 0,
- "losshigh": 0,
- "loss_interval": 0,
- "time_period": 0,
- "alert_interval": 0,
- "nonlocalgateway": true,
- "defaults": {
- "defaultgw4": "string",
- "defaultgw6": "string"
}
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "gateways": [
- {
- "name": "string",
- "gateway": "string",
- "vaddress": [
- {
- "vaddress": "string",
- "descr": "string"
}
], - "descr": "string",
- "ipprotocol": "string"
}
], - "priorities": [
- {
- "priority": "string",
- "priority_descr": "string"
}
]
}{- "groups": [
- {
- "idx": 0,
- "name": "string",
- "descr": "string",
- "gateway_priority": [
- {
- "gateway": "string",
- "priority": "string",
- "vaddress": "string"
}
], - "keep_failover_states": "string",
- "trigger": "string",
- "trigger_descr": "string",
- "keep_failover_states_descr": "string"
}
]
}| idx | integer |
| name required | string |
| descr | string |
Array of objects (GatewayGroupPriority) | |
| keep_failover_states | string |
| trigger | string |
| trigger_descr | string |
| keep_failover_states_descr | string |
{- "idx": 0,
- "name": "string",
- "descr": "string",
- "gateway_priority": [
- {
- "gateway": "string",
- "priority": "string",
- "vaddress": "string"
}
], - "keep_failover_states": "string",
- "trigger": "string",
- "trigger_descr": "string",
- "keep_failover_states_descr": "string"
}{- "groups": [
- {
- "idx": 0,
- "name": "string",
- "descr": "string",
- "gateway_priority": [
- {
- "gateway": "string",
- "priority": "string",
- "vaddress": "string"
}
], - "keep_failover_states": "string",
- "trigger": "string",
- "trigger_descr": "string",
- "keep_failover_states_descr": "string"
}
]
}{- "groups": [
- {
- "idx": 0,
- "name": "string",
- "descr": "string",
- "gateway_priority": [
- {
- "gateway": "string",
- "priority": "string",
- "vaddress": "string"
}
], - "keep_failover_states": "string",
- "trigger": "string",
- "trigger_descr": "string",
- "keep_failover_states_descr": "string"
}
]
}| id required | string |
| idx | integer |
| name required | string |
| descr | string |
Array of objects (GatewayGroupPriority) | |
| keep_failover_states | string |
| trigger | string |
| trigger_descr | string |
| keep_failover_states_descr | string |
{- "idx": 0,
- "name": "string",
- "descr": "string",
- "gateway_priority": [
- {
- "gateway": "string",
- "priority": "string",
- "vaddress": "string"
}
], - "keep_failover_states": "string",
- "trigger": "string",
- "trigger_descr": "string",
- "keep_failover_states_descr": "string"
}{- "groups": [
- {
- "idx": 0,
- "name": "string",
- "descr": "string",
- "gateway_priority": [
- {
- "gateway": "string",
- "priority": "string",
- "vaddress": "string"
}
], - "keep_failover_states": "string",
- "trigger": "string",
- "trigger_descr": "string",
- "keep_failover_states_descr": "string"
}
]
}{- "gateways": [
- {
- "name": "string",
- "gateway": "string",
- "defaultgw": true,
- "monitor": "string",
- "descr": "string",
- "delay": "string",
- "stddev": "string",
- "loss": "string",
- "status": "string",
- "display": "string"
}
], - "groups": [
- {
- "name": "string",
- "descr": "string",
- "tier1": [
- {
- "name": "string",
- "status": "string",
- "display": "string"
}
], - "tier2": [
- {
- "name": "string",
- "status": "string",
- "display": "string"
}
], - "tier3": [
- {
- "name": "string",
- "status": "string",
- "display": "string"
}
], - "tier4": [
- {
- "name": "string",
- "status": "string",
- "display": "string"
}
], - "tier5": [
- {
- "name": "string",
- "status": "string",
- "display": "string"
}
]
}
]
}| id required | string |
| gateway required | string |
| name | string |
| dynamic | boolean |
| disabled | boolean |
| ipprotocol | string |
| gw_down_kill_states | string |
| interface_device | string |
| interface_identity | string |
| interface_assigned | string |
| interface | string obsolete - use interface_device |
| friendlyiface | string obsolete - use interface_identity |
| friendlyifdescr | string obsolete - use interface_assigned |
| action_disable | boolean |
| attribute | string |
| isdefaultgw | boolean |
| monitor | string |
| monitor_disable | boolean |
| descr | string |
| tiername | string |
| weight | integer |
| data_payload | integer |
| interval | integer |
| latencylow | integer |
| latencyhigh | integer |
| losslow | integer |
| losshigh | integer |
| loss_interval | integer |
| time_period | integer |
| alert_interval | integer |
| nonlocalgateway | boolean |
object (GatewayDefaults) |
{- "gateway": "string",
- "name": "string",
- "dynamic": true,
- "disabled": true,
- "ipprotocol": "string",
- "gw_down_kill_states": "string",
- "interface_device": "string",
- "interface_identity": "string",
- "interface_assigned": "string",
- "interface": "string",
- "friendlyiface": "string",
- "friendlyifdescr": "string",
- "action_disable": true,
- "attribute": "string",
- "isdefaultgw": true,
- "monitor": "string",
- "monitor_disable": true,
- "descr": "string",
- "tiername": "string",
- "weight": 0,
- "data_payload": 0,
- "interval": 0,
- "latencylow": 0,
- "latencyhigh": 0,
- "losslow": 0,
- "losshigh": 0,
- "loss_interval": 0,
- "time_period": 0,
- "alert_interval": 0,
- "nonlocalgateway": true,
- "defaults": {
- "defaultgw4": "string",
- "defaultgw6": "string"
}
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "pfsync": {
- "enabled": true,
- "sync_assigned_intf": "string",
- "hostid": "string",
- "peer_ip": "string"
}, - "xmlrpc": {
- "sync_to_ip": "string",
- "username": "string",
- "password": "string",
- "sync_admin_acct": true,
- "sync_users": true,
- "sync_auth_servers": true,
- "sync_certs": true,
- "sync_fw_rules": true,
- "sync_fw_schedules": true,
- "sync_fw_aliases": true,
- "sync_nat": true,
- "sync_ipsec": true,
- "sync_ovpn": true,
- "sync_dhcp_server": true,
- "sync_dhcp_relay": true,
- "sync_dhcp6_server": true,
- "sync_dhcp6_relay": true,
- "sync_static_routes": true,
- "sync_wol": true,
- "sync_virtual_ips": true,
- "sync_traffic_shaper": true,
- "sync_traffic_shaper_limiters": true,
- "sync_dns": true,
- "sync_cap_portal": true
}, - "avail_sync_interfaces": [
- "string"
]
}object (HAPfsync) | |
object (HAXMLRPCSync) | |
| avail_sync_interfaces | Array of strings |
{- "pfsync": {
- "enabled": true,
- "sync_assigned_intf": "string",
- "hostid": "string",
- "peer_ip": "string"
}, - "xmlrpc": {
- "sync_to_ip": "string",
- "username": "string",
- "password": "string",
- "sync_admin_acct": true,
- "sync_users": true,
- "sync_auth_servers": true,
- "sync_certs": true,
- "sync_fw_rules": true,
- "sync_fw_schedules": true,
- "sync_fw_aliases": true,
- "sync_nat": true,
- "sync_ipsec": true,
- "sync_ovpn": true,
- "sync_dhcp_server": true,
- "sync_dhcp_relay": true,
- "sync_dhcp6_server": true,
- "sync_dhcp6_relay": true,
- "sync_static_routes": true,
- "sync_wol": true,
- "sync_virtual_ips": true,
- "sync_traffic_shaper": true,
- "sync_traffic_shaper_limiters": true,
- "sync_dns": true,
- "sync_cap_portal": true
}, - "avail_sync_interfaces": [
- "string"
]
}{- "pfsync": {
- "enabled": true,
- "sync_assigned_intf": "string",
- "hostid": "string",
- "peer_ip": "string"
}, - "xmlrpc": {
- "sync_to_ip": "string",
- "username": "string",
- "password": "string",
- "sync_admin_acct": true,
- "sync_users": true,
- "sync_auth_servers": true,
- "sync_certs": true,
- "sync_fw_rules": true,
- "sync_fw_schedules": true,
- "sync_fw_aliases": true,
- "sync_nat": true,
- "sync_ipsec": true,
- "sync_ovpn": true,
- "sync_dhcp_server": true,
- "sync_dhcp_relay": true,
- "sync_dhcp6_server": true,
- "sync_dhcp6_relay": true,
- "sync_static_routes": true,
- "sync_wol": true,
- "sync_virtual_ips": true,
- "sync_traffic_shaper": true,
- "sync_traffic_shaper_limiters": true,
- "sync_dns": true,
- "sync_cap_portal": true
}, - "avail_sync_interfaces": [
- "string"
]
}{- "setup": {
- "hostname": "string",
- "domain": "string",
- "dnsservers": [
- {
- "name": "string",
- "ip": "string",
- "gw": "string"
}
], - "dnsoveride": true,
- "dnsresolution": "string",
- "timezone": "string",
- "timeservers": "string",
- "lang": "string",
- "login_message": "string",
- "ui_req_state_filter": true
}
}{- "interfaces": [
- {
- "assigned_interface": "string",
- "internal_name": "string",
- "friendly_name": "string",
- "assigned_name": "string",
- "identity": "string",
- "device": "string",
- "enabled": true,
- "status": "string",
- "mac_address": "string",
- "mtu": 0,
- "media": "string",
- "plugged": "string",
- "vendor": "string",
- "temperature": "string",
- "voltage": "string",
- "rx": "string",
- "tx": "string",
- "channel": 0,
- "ssid": "string",
- "bssid": "string",
- "rate": "string",
- "rssi": "string",
- "in_packets": 0,
- "out_packets": 0,
- "in_bytes": 0,
- "out_bytes": 0,
- "in_packets_pass": 0,
- "out_packets_pass": 0,
- "in_bytes_pass": 0,
- "out_bytes_pass": 0,
- "in_packets_block": 0,
- "out_packets_block": 0,
- "in_bytes_block": 0,
- "out_bytes_block": 0,
- "in_errors": 0,
- "out_errors": 0,
- "collisions": 0,
- "ip_address": "string",
- "subnet_mask": "string",
- "gateway": "string",
- "ipv6_link_local": "string",
- "ipv6_address": "string",
- "ipv6_subnet_mask": "string",
- "ipv6_gateway": "string",
- "dns_servers": [
- "string"
], - "lagg_enabled": true,
- "lagg_ports": "string",
- "current_ppp_uptime": "string",
- "historical_ppp_uptime": "string",
- "cell_rssi": "string",
- "cell_mode": "string",
- "cell_simstate": "string",
- "cell_service": "string",
- "cell_bwupstream": 0,
- "cell_bwdownstream": 0,
- "cell_upstream": 0,
- "cell_downstream": 0,
- "dhcplink": "string",
- "pppoelink": "string",
- "pptplink": "string"
}
]
}| reverse | boolean |
| nentries | integer |
| logfilesize | integer |
| logcompressiontype | string none, bzip2, gzip, xz, zstd |
| format | string rfc3164, rfc5424 |
| default_log_level | string refer to options in syslog_levels |
| rotatecount | integer |
| enable_remote | boolean |
| remoteserver | string ip:port of remote server |
| remoteserver2 | string ip:port of second remote server |
| remoteserver3 | string ip:port of third remote server |
| sourceip | string source network interface for binding to |
| ipproto | string ipv4, ipv6 |
| logall | boolean remote log everything |
| filter | boolean remote log firewall events |
| dhcp | boolean remote log DHCP events |
| auth | boolean remote log authentication events |
| portalauth | boolean remtoe log captive portal events |
| vpn | boolean remote log vpn events |
| dpinger | boolean remote log gateway monitor events |
| hostapd | boolean remote log wireless events |
| system | boolean remote log system events |
| pfnet_controller | boolean remote log Nexus events |
| resolver | boolean remote log DNS events |
| ppp | boolean remote log PPP events |
| routing | boolean remote log routing daemon events |
| ntpd | boolean remote log NTP events |
| disablelocallogging | boolean disable local logging |
| rawfilter | boolean show raw filter logs |
| showfilterdescrips | string where to show firewall rule descriptions:
|
| logipoptions | boolean log blocked packets due to IP options |
| logdefaultblock | boolean log default "block" rules |
| logdefaultpass | boolean log default "pass" rules |
| logbogons | boolean log Bogon Networks block rules |
| logprivatenets | boolean log Private Networks block rules |
| loglinklocal4 | boolean log IPv4 link-local block rules |
| logids | boolean log hosts blocked by IDS |
| lognginx | boolean log web server |
| logconfigchanges | boolean log configuration changes |
Array of objects (TextValue) | |
Array of objects (TextValue) |
{- "reverse": true,
- "nentries": 0,
- "logfilesize": 0,
- "logcompressiontype": "string",
- "format": "string",
- "default_log_level": "string",
- "rotatecount": 0,
- "enable_remote": true,
- "remoteserver": "string",
- "remoteserver2": "string",
- "remoteserver3": "string",
- "sourceip": "string",
- "ipproto": "string",
- "logall": true,
- "filter": true,
- "dhcp": true,
- "auth": true,
- "portalauth": true,
- "vpn": true,
- "dpinger": true,
- "hostapd": true,
- "system": true,
- "pfnet_controller": true,
- "resolver": true,
- "ppp": true,
- "routing": true,
- "ntpd": true,
- "disablelocallogging": true,
- "rawfilter": true,
- "showfilterdescrips": "string",
- "logipoptions": true,
- "logdefaultblock": true,
- "logdefaultpass": true,
- "logbogons": true,
- "logprivatenets": true,
- "loglinklocal4": true,
- "logids": true,
- "lognginx": true,
- "logconfigchanges": true,
- "source_addresses": [
- {
- "value": "string",
- "text": "string"
}
], - "syslog_levels": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "result": "string"
}{- "reverse": true,
- "nentries": 0,
- "logfilesize": 0,
- "logcompressiontype": "string",
- "format": "string",
- "default_log_level": "string",
- "rotatecount": 0,
- "enable_remote": true,
- "remoteserver": "string",
- "remoteserver2": "string",
- "remoteserver3": "string",
- "sourceip": "string",
- "ipproto": "string",
- "logall": true,
- "filter": true,
- "dhcp": true,
- "auth": true,
- "portalauth": true,
- "vpn": true,
- "dpinger": true,
- "hostapd": true,
- "system": true,
- "pfnet_controller": true,
- "resolver": true,
- "ppp": true,
- "routing": true,
- "ntpd": true,
- "disablelocallogging": true,
- "rawfilter": true,
- "showfilterdescrips": "string",
- "logipoptions": true,
- "logdefaultblock": true,
- "logdefaultpass": true,
- "logbogons": true,
- "logprivatenets": true,
- "loglinklocal4": true,
- "logids": true,
- "lognginx": true,
- "logconfigchanges": true,
- "source_addresses": [
- {
- "value": "string",
- "text": "string"
}
], - "syslog_levels": [
- {
- "value": "string",
- "text": "string"
}
]
}Regular log files are returned as a list of records in StdLogs.Logs. For firewall logs (filename being "filter" or "firewall"), the log records are returned in StdLogs.filter_logs. If the query string "summary=true" is provided, then the firewall log summary is returned in StdLogs.filter_summary with dictionaries of each category with its tallied values.
| filename required | string |
| start | string |
| end | string |
| summary | boolean |
{- "logfile": "string",
- "logs": [
- {
- "time": "string",
- "proc": "string",
- "pid": "string",
- "msg": "string"
}
], - "filter_logs": [
- {
- "time_usec": 0,
- "time": "string",
- "rulenum": 0,
- "subrulenum": 0,
- "anchor": "string",
- "rule_descr": "string",
- "tracker": "string",
- "interface_assigned": "string",
- "interface_device": "string",
- "reason": "string",
- "action": "string",
- "direction": "string",
- "version": 0,
- "proto_id": 0,
- "proto": "string",
- "v4info": {
- "tos": "string",
- "ecn": "string",
- "ttl": "string",
- "id": "string",
- "offset": "string",
- "flags": "string"
}, - "v6info": {
- "class": "string",
- "flow_label": "string",
- "hlim": "string"
}, - "length": 0,
- "src": "string",
- "dst": "string",
- "src_ip": "string",
- "dst_ip": "string",
- "src_port": 0,
- "dst_port": 0,
- "tcp_info": {
- "tcp_flags": "string",
- "seq": "string",
- "ack": 0,
- "window": 0,
- "urg": 0,
- "options": "string"
}, - "icmp_info": {
- "icmp_type": "string",
- "icmp_id": 0,
- "icmp_seq": 0,
- "icmp_dstip": "string",
- "icmp_proto_id": 0,
- "icmp_port": 0,
- "icmp_descr": "string",
- "icmp_mtu": 0,
- "icmp_otime": "string",
- "icmp_rtime": "string",
- "icmp_ttime": "string"
}, - "carp_info": {
- "type": "string",
- "ttl": 0,
- "vhid": 0,
- "version": 0,
- "adv_skew": 0,
- "adv_base": 0
}
}
], - "filter_rules": {
- "property1": [
- "string"
], - "property2": [
- "string"
]
}, - "filter_summary": {
- "total_records": 0,
- "actions": {
- "property1": 0,
- "property2": 0
}, - "interfaces": {
- "property1": 0,
- "property2": 0
}, - "protocols": {
- "property1": 0,
- "property2": 0
}, - "src_ips": {
- "property1": 0,
- "property2": 0
}, - "dest_ips": {
- "property1": 0,
- "property2": 0
}, - "src_ports": {
- "property1": 0,
- "property2": 0
}, - "dest_ports": {
- "property1": 0,
- "property2": 0
}, - "tracker_hits": {
- "property1": 0,
- "property2": 0
}
}, - "alerts": {
- "result": "string"
}
}| filename required | string |
| cronorder | string reverse, forward, or empty for default |
| nentries | integer |
| logfilesize | integer |
| rotatecount | integer |
| format | string formatted, raw |
| lognginx | boolean |
| logipoptions | boolean log blocked packets due to IP options |
| logdefaultblock | boolean log default "block" rules |
| logdefaultpass | boolean log default "pass" rules |
| logbogons | boolean log Bogon Networks block rules |
| logprivatenets | boolean log Private Networks block rules |
| loglinklocal4 | boolean log IPv4 link-local block rules |
| logids | boolean log hosts blocked by IDS |
| showfilterdescrips | string where to show firewall rule descriptions:
|
{- "cronorder": "string",
- "nentries": 0,
- "logfilesize": 0,
- "rotatecount": 0,
- "format": "string",
- "lognginx": true,
- "logipoptions": true,
- "logdefaultblock": true,
- "logdefaultpass": true,
- "logbogons": true,
- "logprivatenets": true,
- "loglinklocal4": true,
- "logids": true,
- "showfilterdescrips": "string"
}{- "result": "string"
}| filename required | string |
{- "cronorder": "string",
- "nentries": 0,
- "logfilesize": 0,
- "rotatecount": 0,
- "format": "string",
- "lognginx": true,
- "logipoptions": true,
- "logdefaultblock": true,
- "logdefaultpass": true,
- "logbogons": true,
- "logprivatenets": true,
- "loglinklocal4": true,
- "logids": true,
- "showfilterdescrips": "string"
}| scope | string |
| dataset | string |
| start_time_unix_seconds | integer |
| end_time_unix_seconds | integer |
| resolution_seconds | integer |
{- "scope": "string",
- "dataset": "string",
- "start_time_unix_seconds": 0,
- "end_time_unix_seconds": 0,
- "resolution_seconds": 0
}{- "request": {
- "scope": "string",
- "dataset": "string",
- "start_time_unix_seconds": 0,
- "end_time_unix_seconds": 0,
- "resolution_seconds": 0
}, - "dataseries": [
- "string"
], - "data_format": "string",
- "data": [
- "string"
]
}{- "packages": [
- {
- "name": "string",
- "internal_name": "string",
- "info_link": "string",
- "descr": "string",
- "version": "string",
- "installed_version": "string",
- "available_version": "string",
- "update_available": true,
- "config_file": "string",
- "include_file": "string",
- "category": "string",
- "dependencies": [
- {
- "name": "string",
- "version": "string",
- "origin": "string",
- "url": "string"
}
]
}
]
}Install specified list of packages. If chunked=true, then the progress of the installation is returned as chunks.
| chunked | boolean |
Array of objects (InstallPackageOpt) |
{- "packages": [
- {
- "name": "string",
- "version": "string"
}
]
}{- "transaction": "string",
- "progress": [
- {
- "name": "string",
- "version": "string",
- "messages": [
- "string"
], - "percent": 0,
- "error": "string",
- "action": "string"
}
]
}{- "packages": [
- {
- "name": "string",
- "internal_name": "string",
- "info_link": "string",
- "descr": "string",
- "version": "string",
- "installed_version": "string",
- "available_version": "string",
- "update_available": true,
- "config_file": "string",
- "include_file": "string",
- "category": "string",
- "dependencies": [
- {
- "name": "string",
- "version": "string",
- "origin": "string",
- "url": "string"
}
]
}
]
}| name required | string |
{- "transaction": "string",
- "progress": [
- {
- "name": "string",
- "version": "string",
- "messages": [
- "string"
], - "percent": 0,
- "error": "string",
- "action": "string"
}
]
}| chunked | boolean |
{- "transaction": "string",
- "progress": [
- {
- "name": "string",
- "version": "string",
- "messages": [
- "string"
], - "percent": 0,
- "error": "string",
- "action": "string"
}
]
}Reinstall specified list of packages. If chunked=true, then the progress of the reinstallation is returned as chunks.
| chunked | boolean |
Array of objects (InstallPackageOpt) |
{- "packages": [
- {
- "name": "string",
- "version": "string"
}
]
}{- "transaction": "string",
- "progress": [
- {
- "name": "string",
- "version": "string",
- "messages": [
- "string"
], - "percent": 0,
- "error": "string",
- "action": "string"
}
]
}{- "name": "string",
- "interface": "string",
- "shapertype": "string",
- "contains": [
- "string"
], - "pkts": "string",
- "bytes": "string",
- "droppedpkts": "string",
- "droppedbytes": "string",
- "qlengthitems": "string",
- "qlengthsize": "string",
- "borrows": "string",
- "suspends": "string"
}| apply | boolean |
{- "apply": true
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| network required | string |
| gateway required | string |
| descr | string |
| disabled | boolean |
| interface | string |
| network_encoded | string base64 encoded network; read-only |
| gateway_encoded | string base64 encoded gateway; read-only |
{- "network": "string",
- "gateway": "string",
- "descr": "string",
- "disabled": true,
- "interface": "string",
- "network_encoded": "string",
- "gateway_encoded": "string"
}{- "routes": [
- {
- "network": "string",
- "gateway": "string",
- "descr": "string",
- "disabled": true,
- "interface": "string",
- "network_encoded": "string",
- "gateway_encoded": "string"
}
]
}The network address must be URL-safe, base64 encoded.
| network required | string |
{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}The network address and gateway name must be URL-safe, base64 encoded.
| network required | string |
| gateway required | string |
{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "country": {
- "code": "string",
- "provider": [
- {
- "name": "string",
- "plans": [
- {
- "name": "string",
- "apn": "string",
- "username": "string",
- "password": "string",
- "number": "string"
}
]
}
]
}
}{- "hostname": "string",
- "domain": "string",
- "dnsservers": [
- {
- "name": "string",
- "ip": "string",
- "gw": "string"
}
], - "dnsoveride": true,
- "dnsresolution": "string",
- "timezone": "string",
- "timeservers": "string",
- "lang": "string",
- "login_message": "string",
- "ui_req_state_filter": true
}| hostname required | string |
| domain | string |
Array of objects (SetupDNSSetting) | |
| dnsoveride | boolean |
| dnsresolution | string DNS resolution behavior, options - not-specified (default), local, remote |
| timezone | string |
| timeservers | string space separated list of time servers |
| lang | string |
| login_message | string message to display when user authenticates |
| ui_req_state_filter | boolean require state filter in diagnostics-states |
{- "hostname": "string",
- "domain": "string",
- "dnsservers": [
- {
- "name": "string",
- "ip": "string",
- "gw": "string"
}
], - "dnsoveride": true,
- "dnsresolution": "string",
- "timezone": "string",
- "timeservers": "string",
- "lang": "string",
- "login_message": "string",
- "ui_req_state_filter": true
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "setup": {
- "hostname": "string",
- "domain": "string",
- "pridns": "string",
- "secdns": "string",
- "dnsoverride": true,
- "tz": "string",
- "timeservers": "string",
- "wantype": "string",
- "wanip": "string",
- "gw": "string",
- "spoofmac": "string",
- "mtu": "string",
- "mss": "string",
- "dhcphost": "string",
- "lanip": "string",
- "bogons": true,
- "rfc1918": true,
- "pppoe": {
- "service_name": "string",
- "username": "string",
- "password": "string",
- "dod": true,
- "idletimeout": "string",
- "provider": "string",
- "localip": "string"
}
}
}object (SetupWizardOptions) |
{- "setup": {
- "hostname": "string",
- "domain": "string",
- "pridns": "string",
- "secdns": "string",
- "dnsoverride": true,
- "tz": "string",
- "timeservers": "string",
- "wantype": "string",
- "wanip": "string",
- "gw": "string",
- "spoofmac": "string",
- "mtu": "string",
- "mss": "string",
- "dhcphost": "string",
- "lanip": "string",
- "bogons": true,
- "rfc1918": true,
- "pppoe": {
- "service_name": "string",
- "username": "string",
- "password": "string",
- "dod": true,
- "idletimeout": "string",
- "provider": "string",
- "localip": "string"
}
}
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "status": {
- "prod": "string",
- "host": "string",
- "osver": "string",
- "os": "string",
- "machine": "string",
- "arch": "string",
- "vndr": "string",
- "cores": 0,
- "cpu": "string",
- "up": "string",
- "rev": "string",
- "ram": 0,
- "fram": 0,
- "swap": 0,
- "fswap": 0,
- "timestamp": "string",
- "apiver": "string",
- "vpn_addr": "string",
- "ndi": "string",
- "license": "string",
- "alerts": "string",
- "net_interfaces": [
- {
- "assigned_name": "string",
- "identity": "string",
- "device": "string",
- "state": "string",
- "addresses": [
- "string"
]
}
], - "nexus_controllers": [
- {
- "addresses": [
- "string"
], - "public_key": "string",
- "vpn_pubkey": "string",
- "vpn_addr": "string",
- "mim_addr": "string"
}
]
}, - "timestamp": 0,
- "packages": [
- {
- "name": "string",
- "version": "string",
- "descr": "string",
- "enabled": true
}
], - "dirty": {
- "dirty_subsystems": {
- "property1": {
- "name": "string",
- "descr": "string",
- "file": "string"
}, - "property2": {
- "name": "string",
- "descr": "string",
- "file": "string"
}
}, - "all_subsystems": {
- "property1": {
- "name": "string",
- "descr": "string",
- "file": "string"
}, - "property2": {
- "name": "string",
- "descr": "string",
- "file": "string"
}
}
}, - "ui_features": {
- "property1": true,
- "property2": true
}, - "alerts": "string"
}{- "firmware_branch": "string",
- "firmware_branches": [
- {
- "name": "string",
- "descr": "string"
}
], - "messages": [
- "string"
], - "boot_env": "string",
- "curr_base_system": "string",
- "latest_base_system": "string",
- "status_message": "string",
- "update_messages": [
- "string"
]
}{- "firmware_branch": "string"
}{- "messages": [
- "string"
], - "completed": 0,
- "started_timestamp": 0,
- "ended_timestamp": 0,
- "started_time": "string",
- "ended_time": "string"
}{- "firmware_branch": "string",
- "firmware_branches": [
- {
- "name": "string",
- "descr": "string"
}
], - "disable_check": true,
- "boot_envs": {
- "deferred_boot": true,
- "verify": true,
- "verify_timeout": 0
}, - "git_sync": {
- "sync_on_upgrade": true,
- "repo_url": "string",
- "branches": [
- "string"
], - "minimal": true,
- "diff": true,
- "show_files": true,
- "show_command": true,
- "dry_run": true
}
}| firmware_branch | string |
| disable_check | boolean |
object (SystemUpdateBootEnvsSettings) |
{- "firmware_branch": "string",
- "disable_check": true,
- "boot_envs": {
- "deferred_boot": true,
- "verify": true,
- "verify_timeout": 0
}
}{- "firmware_branch": "string",
- "firmware_branches": [
- {
- "name": "string",
- "descr": "string"
}
], - "disable_check": true,
- "boot_envs": {
- "deferred_boot": true,
- "verify": true,
- "verify_timeout": 0
}, - "git_sync": {
- "sync_on_upgrade": true,
- "repo_url": "string",
- "branches": [
- "string"
], - "minimal": true,
- "diff": true,
- "show_files": true,
- "show_command": true,
- "dry_run": true
}
}{- "users": [
- {
- "username": "string",
- "name": "string",
- "descr": "string",
- "scope": "string",
- "groupname": "string",
- "groups": [
- "string"
], - "disabled": true,
- "uid": 0,
- "full_name": "string",
- "cert_refids": [
- "string"
], - "authorized_keys": "string",
- "privs": [
- "string"
], - "keep_cmd_history": true,
- "expiration": 0,
- "ipsec_psk": "string",
- "custom_settings": true,
- "interfaces_sort": true,
- "webguicss": "string",
- "webguifixedmenu": "string",
- "webguihostnamemenu": "string",
- "dashboardcolumns": 0,
- "dashboardavailablewidgetspanel": true,
- "systemlogsfilterpanel": true,
- "systemlogsmanagelogpanel": true,
- "statusmonitoringsettingspanel": true,
- "webguileftcolumnhyper": true,
- "disablealiaspopupdetail": true,
- "pagenamefirst": true
}
], - "groups": [
- {
- "name": "string",
- "description": "string",
- "scope": "string",
- "gid": 0,
- "members": [
- 0
], - "privs": [
- "string"
]
}
]
}{- "active_type": "string",
- "active_name": "string",
- "ldap": [
- {
- "type": "string",
- "name": "string",
- "host": "string",
- "version": 0,
- "port": 0,
- "transport": "string",
- "timeout": 0,
- "search_scope": "string",
- "base_dn": "string",
- "auth_containers": "string",
- "extended_query": "string",
- "extended_enabled": true,
- "bind_user_dn": "string",
- "bind_password": "string",
- "user_naming_attrib": "string",
- "group_naming_attrib": "string",
- "group_member_attrib": "string",
- "rfc2307": true,
- "rfc2307_group_class": "string",
- "rfc2307_use_userdn": true,
- "rfc2307_group_use_basedn": true,
- "shell_group_dn": "string",
- "username_alterations": true,
- "utf8_encode": true,
- "unauthenticated_bind": true,
- "no_strip_at": true,
- "caref": "string",
- "certref": "string",
- "refid": "string",
- "nexus_group_prefix": "string"
}
], - "radius": [
- {
- "type": "string",
- "name": "string",
- "host": "string",
- "protocol": "string",
- "nasip_attribute": "string",
- "secret": "string",
- "timeout": 0,
- "auth_port": 0,
- "acct_port": 0,
- "refid": "string"
}
], - "saml": [
- {
- "type": "string",
- "name": "string",
- "enable": true,
- "entity_id": "string",
- "acs_url": "string",
- "metadata_url": "string",
- "idp_entity_id": "string",
- "idp_sso_url": "string",
- "idp_cert_pem": "string",
- "sp_cert_pem": "string",
- "sp_key_pem": "string",
- "sign_requests": true,
- "user_attr": "string",
- "group_attr": "string",
- "session_timeout": 0,
- "group_map": {
- "property1": "string",
- "property2": "string"
}
}
], - "local": {
- "name": "string",
- "type": "string",
- "host": "string"
}, - "radius_nas_list": [
- {
- "value": "string",
- "text": "string"
}
]
}object (LdapAuthServer) | |
object (RadiusAuthServer) | |
object (SamlServer) |
{- "ldap": {
- "type": "string",
- "name": "string",
- "host": "string",
- "version": 0,
- "port": 0,
- "transport": "string",
- "timeout": 0,
- "search_scope": "string",
- "base_dn": "string",
- "auth_containers": "string",
- "extended_query": "string",
- "extended_enabled": true,
- "bind_user_dn": "string",
- "bind_password": "string",
- "user_naming_attrib": "string",
- "group_naming_attrib": "string",
- "group_member_attrib": "string",
- "rfc2307": true,
- "rfc2307_group_class": "string",
- "rfc2307_use_userdn": true,
- "rfc2307_group_use_basedn": true,
- "shell_group_dn": "string",
- "username_alterations": true,
- "utf8_encode": true,
- "unauthenticated_bind": true,
- "no_strip_at": true,
- "caref": "string",
- "certref": "string",
- "refid": "string",
- "nexus_group_prefix": "string"
}, - "radius": {
- "type": "string",
- "name": "string",
- "host": "string",
- "protocol": "string",
- "nasip_attribute": "string",
- "secret": "string",
- "timeout": 0,
- "auth_port": 0,
- "acct_port": 0,
- "refid": "string"
}, - "saml": {
- "type": "string",
- "name": "string",
- "enable": true,
- "entity_id": "string",
- "acs_url": "string",
- "metadata_url": "string",
- "idp_entity_id": "string",
- "idp_sso_url": "string",
- "idp_cert_pem": "string",
- "sp_cert_pem": "string",
- "sp_key_pem": "string",
- "sign_requests": true,
- "user_attr": "string",
- "group_attr": "string",
- "session_timeout": 0,
- "group_map": {
- "property1": "string",
- "property2": "string"
}
}
}{- "active_type": "string",
- "active_name": "string",
- "ldap": [
- {
- "type": "string",
- "name": "string",
- "host": "string",
- "version": 0,
- "port": 0,
- "transport": "string",
- "timeout": 0,
- "search_scope": "string",
- "base_dn": "string",
- "auth_containers": "string",
- "extended_query": "string",
- "extended_enabled": true,
- "bind_user_dn": "string",
- "bind_password": "string",
- "user_naming_attrib": "string",
- "group_naming_attrib": "string",
- "group_member_attrib": "string",
- "rfc2307": true,
- "rfc2307_group_class": "string",
- "rfc2307_use_userdn": true,
- "rfc2307_group_use_basedn": true,
- "shell_group_dn": "string",
- "username_alterations": true,
- "utf8_encode": true,
- "unauthenticated_bind": true,
- "no_strip_at": true,
- "caref": "string",
- "certref": "string",
- "refid": "string",
- "nexus_group_prefix": "string"
}
], - "radius": [
- {
- "type": "string",
- "name": "string",
- "host": "string",
- "protocol": "string",
- "nasip_attribute": "string",
- "secret": "string",
- "timeout": 0,
- "auth_port": 0,
- "acct_port": 0,
- "refid": "string"
}
], - "saml": [
- {
- "type": "string",
- "name": "string",
- "enable": true,
- "entity_id": "string",
- "acs_url": "string",
- "metadata_url": "string",
- "idp_entity_id": "string",
- "idp_sso_url": "string",
- "idp_cert_pem": "string",
- "sp_cert_pem": "string",
- "sp_key_pem": "string",
- "sign_requests": true,
- "user_attr": "string",
- "group_attr": "string",
- "session_timeout": 0,
- "group_map": {
- "property1": "string",
- "property2": "string"
}
}
], - "local": {
- "name": "string",
- "type": "string",
- "host": "string"
}, - "radius_nas_list": [
- {
- "value": "string",
- "text": "string"
}
]
}| name required | string |
object (LdapAuthServer) | |
object (RadiusAuthServer) | |
object (SamlServer) |
{- "ldap": {
- "type": "string",
- "name": "string",
- "host": "string",
- "version": 0,
- "port": 0,
- "transport": "string",
- "timeout": 0,
- "search_scope": "string",
- "base_dn": "string",
- "auth_containers": "string",
- "extended_query": "string",
- "extended_enabled": true,
- "bind_user_dn": "string",
- "bind_password": "string",
- "user_naming_attrib": "string",
- "group_naming_attrib": "string",
- "group_member_attrib": "string",
- "rfc2307": true,
- "rfc2307_group_class": "string",
- "rfc2307_use_userdn": true,
- "rfc2307_group_use_basedn": true,
- "shell_group_dn": "string",
- "username_alterations": true,
- "utf8_encode": true,
- "unauthenticated_bind": true,
- "no_strip_at": true,
- "caref": "string",
- "certref": "string",
- "refid": "string",
- "nexus_group_prefix": "string"
}, - "radius": {
- "type": "string",
- "name": "string",
- "host": "string",
- "protocol": "string",
- "nasip_attribute": "string",
- "secret": "string",
- "timeout": 0,
- "auth_port": 0,
- "acct_port": 0,
- "refid": "string"
}, - "saml": {
- "type": "string",
- "name": "string",
- "enable": true,
- "entity_id": "string",
- "acs_url": "string",
- "metadata_url": "string",
- "idp_entity_id": "string",
- "idp_sso_url": "string",
- "idp_cert_pem": "string",
- "sp_cert_pem": "string",
- "sp_key_pem": "string",
- "sign_requests": true,
- "user_attr": "string",
- "group_attr": "string",
- "session_timeout": 0,
- "group_map": {
- "property1": "string",
- "property2": "string"
}
}
}{- "active_type": "string",
- "active_name": "string",
- "ldap": [
- {
- "type": "string",
- "name": "string",
- "host": "string",
- "version": 0,
- "port": 0,
- "transport": "string",
- "timeout": 0,
- "search_scope": "string",
- "base_dn": "string",
- "auth_containers": "string",
- "extended_query": "string",
- "extended_enabled": true,
- "bind_user_dn": "string",
- "bind_password": "string",
- "user_naming_attrib": "string",
- "group_naming_attrib": "string",
- "group_member_attrib": "string",
- "rfc2307": true,
- "rfc2307_group_class": "string",
- "rfc2307_use_userdn": true,
- "rfc2307_group_use_basedn": true,
- "shell_group_dn": "string",
- "username_alterations": true,
- "utf8_encode": true,
- "unauthenticated_bind": true,
- "no_strip_at": true,
- "caref": "string",
- "certref": "string",
- "refid": "string",
- "nexus_group_prefix": "string"
}
], - "radius": [
- {
- "type": "string",
- "name": "string",
- "host": "string",
- "protocol": "string",
- "nasip_attribute": "string",
- "secret": "string",
- "timeout": 0,
- "auth_port": 0,
- "acct_port": 0,
- "refid": "string"
}
], - "saml": [
- {
- "type": "string",
- "name": "string",
- "enable": true,
- "entity_id": "string",
- "acs_url": "string",
- "metadata_url": "string",
- "idp_entity_id": "string",
- "idp_sso_url": "string",
- "idp_cert_pem": "string",
- "sp_cert_pem": "string",
- "sp_key_pem": "string",
- "sign_requests": true,
- "user_attr": "string",
- "group_attr": "string",
- "session_timeout": 0,
- "group_map": {
- "property1": "string",
- "property2": "string"
}
}
], - "local": {
- "name": "string",
- "type": "string",
- "host": "string"
}, - "radius_nas_list": [
- {
- "value": "string",
- "text": "string"
}
]
}| name required | string |
| description | string |
| scope required | string |
| gid | integer |
| members | Array of integers |
| privs | Array of strings |
{- "name": "string",
- "description": "string",
- "scope": "string",
- "gid": 0,
- "members": [
- 0
], - "privs": [
- "string"
]
}{- "groups": [
- {
- "name": "string",
- "description": "string",
- "scope": "string",
- "gid": 0,
- "members": [
- 0
], - "privs": [
- "string"
]
}
], - "errmsg": "string"
}| groupname required | string |
| description | string |
| scope | string local or remote (if non-system) |
| gid | integer |
| members | Array of integers |
| remove_members | Array of integers |
| privs | Array of strings |
{- "description": "string",
- "scope": "string",
- "gid": 0,
- "members": [
- 0
], - "remove_members": [
- 0
], - "privs": [
- "string"
]
}{- "groups": [
- {
- "name": "string",
- "description": "string",
- "scope": "string",
- "gid": 0,
- "members": [
- 0
], - "privs": [
- "string"
]
}
], - "errmsg": "string"
}In pfSense, the user privileges are applied to the user's login to the legacy user interface. When pfSense acts as a Multi-instance Management Controller, MIM privileges are defined by the group's name.
When the Controller runs as a separate entity, group privileges are used as roles in Multi-instance management and define the entitlements of the user belonging to the group. Apart from the superuser (or admin) role, all roles can be made granular with read, modify and delete attributes. A role without these attributes is considered to be granted them all.
{- "privs": [
- {
- "value": "string",
- "text": "string",
- "descr": "string",
- "warn": "string"
}
]
}| authentication_server required | string |
| save_and_test | boolean |
| session_timeout | string session timeout in minutes, empty string is default 240 |
| password_hash | string |
| shell_auth | boolean |
| auth_refresh_time | string duration to cache authentication results from remote auth servers in seconds, empty string is default 30, max 3600 |
{- "authentication_server": "string",
- "save_and_test": true,
- "session_timeout": "string",
- "password_hash": "string",
- "shell_auth": true,
- "auth_refresh_time": "string"
}{- "session_timeout": "string",
- "authentication_server": "string",
- "authentication_servers": [
- "string"
], - "password_hash": "string",
- "password_hashes": [
- "string"
], - "shell_auth": true,
- "auth_refresh_time": "string"
}{- "users": [
- {
- "username": "string",
- "name": "string",
- "descr": "string",
- "scope": "string",
- "groupname": "string",
- "groups": [
- "string"
], - "disabled": true,
- "uid": 0,
- "full_name": "string",
- "cert_refids": [
- "string"
], - "authorized_keys": "string",
- "privs": [
- "string"
], - "keep_cmd_history": true,
- "expiration": 0,
- "ipsec_psk": "string",
- "custom_settings": true,
- "interfaces_sort": true,
- "webguicss": "string",
- "webguifixedmenu": "string",
- "webguihostnamemenu": "string",
- "dashboardcolumns": 0,
- "dashboardavailablewidgetspanel": true,
- "systemlogsfilterpanel": true,
- "systemlogsmanagelogpanel": true,
- "statusmonitoringsettingspanel": true,
- "webguileftcolumnhyper": true,
- "disablealiaspopupdetail": true,
- "pagenamefirst": true
}
]
}| username required | string |
| uid | integer |
| password | string |
| full_name | string |
| groups | Array of strings |
| cert_refids | Array of strings |
| authorized_keys | string <byte> |
| privs | Array of strings |
| scope | string |
| keep_cmd_history | boolean |
| expiration | integer |
| disabled | boolean |
| ipsec_psk | string <byte> |
{- "username": "string",
- "uid": 0,
- "password": "string",
- "full_name": "string",
- "groups": [
- "string"
], - "cert_refids": [
- "string"
], - "authorized_keys": "string",
- "privs": [
- "string"
], - "scope": "string",
- "keep_cmd_history": true,
- "expiration": 0,
- "disabled": true,
- "ipsec_psk": "string"
}{- "users": [
- {
- "username": "string",
- "name": "string",
- "descr": "string",
- "scope": "string",
- "groupname": "string",
- "groups": [
- "string"
], - "disabled": true,
- "uid": 0,
- "full_name": "string",
- "cert_refids": [
- "string"
], - "authorized_keys": "string",
- "privs": [
- "string"
], - "keep_cmd_history": true,
- "expiration": 0,
- "ipsec_psk": "string",
- "custom_settings": true,
- "interfaces_sort": true,
- "webguicss": "string",
- "webguifixedmenu": "string",
- "webguihostnamemenu": "string",
- "dashboardcolumns": 0,
- "dashboardavailablewidgetspanel": true,
- "systemlogsfilterpanel": true,
- "systemlogsmanagelogpanel": true,
- "statusmonitoringsettingspanel": true,
- "webguileftcolumnhyper": true,
- "disablealiaspopupdetail": true,
- "pagenamefirst": true
}
]
}| username required | string |
| password | string |
| full_name | string |
| groups | Array of strings |
| cert_refids | Array of strings |
| authorized_keys | string |
| ipsec_psk | string <byte> |
| privs | Array of strings |
| keep_cmd_history | boolean |
| expiration | integer |
| disabled | boolean |
{- "password": "string",
- "full_name": "string",
- "groups": [
- "string"
], - "cert_refids": [
- "string"
], - "authorized_keys": "string",
- "ipsec_psk": "string",
- "privs": [
- "string"
], - "keep_cmd_history": true,
- "expiration": 0,
- "disabled": true
}{- "users": [
- {
- "username": "string",
- "name": "string",
- "descr": "string",
- "scope": "string",
- "groupname": "string",
- "groups": [
- "string"
], - "disabled": true,
- "uid": 0,
- "full_name": "string",
- "cert_refids": [
- "string"
], - "authorized_keys": "string",
- "privs": [
- "string"
], - "keep_cmd_history": true,
- "expiration": 0,
- "ipsec_psk": "string",
- "custom_settings": true,
- "interfaces_sort": true,
- "webguicss": "string",
- "webguifixedmenu": "string",
- "webguihostnamemenu": "string",
- "dashboardcolumns": 0,
- "dashboardavailablewidgetspanel": true,
- "systemlogsfilterpanel": true,
- "systemlogsmanagelogpanel": true,
- "statusmonitoringsettingspanel": true,
- "webguileftcolumnhyper": true,
- "disablealiaspopupdetail": true,
- "pagenamefirst": true
}
]
}{- "interfaces": {
- "property1": {
- "packets_in": 0,
- "packets_out": 0,
- "bytes_in": 0,
- "bytes_out": 0,
- "errors_in": 0,
- "errors_out": 0,
- "collisions": 0
}, - "property2": {
- "packets_in": 0,
- "packets_out": 0,
- "bytes_in": 0,
- "bytes_out": 0,
- "errors_in": 0,
- "errors_out": 0,
- "collisions": 0
}
}
}{- "phase1s_active": 0,
- "phase1s_total": 0,
- "phase2s_active": 0,
- "phase2s_total": 0,
- "total_active": 0,
- "total_inactive": 0,
- "mobile_users": 0,
- "mobile_active": 0,
- "mobile_total": 0,
- "tunnels": [
- {
- "source": "string",
- "destination": "string",
- "description": "string",
- "status": "string"
}
], - "mobile": [
- {
- "user": "string",
- "ip": "string",
- "status": "string"
}
]
}| maxvalues | integer maximum number of values to return for each alias, default 5 |
{- "aliases": [
- {
- "tags": "string",
- "name": "string",
- "address": "string",
- "targets": [
- {
- "name": "string",
- "descr": "string",
- "updatefreq": "string"
}
], - "descr": "string",
- "type": "host",
- "detail": "string",
- "updatefreq": "string",
- "truncated": true,
- "display_values": [
- "string"
]
}
], - "system_aliases": [
- {
- "name": "string",
- "type": "string",
- "descr": "string",
- "address": "string",
- "url": "string",
- "table": "string",
- "if_ident": "string",
- "if_assigned_name": "string",
- "truncated": true,
- "display_values": [
- "string"
]
}
]
}| tags | string |
| name required | string |
| address | string space separated list of addresses |
Array of objects (FWTarget) | |
| descr | string |
| type | string Enum: "host" "network" "url" "urltable" "urltable_ports" "port" "url_ports" host, network, url, urltable, urltable_ports, port, or url_ports |
| detail | string |
| updatefreq | string |
| truncated | boolean |
| display_values | Array of strings |
{- "tags": "string",
- "name": "string",
- "address": "string",
- "targets": [
- {
- "name": "string",
- "descr": "string",
- "updatefreq": "string"
}
], - "descr": "string",
- "type": "host",
- "detail": "string",
- "updatefreq": "string",
- "truncated": true,
- "display_values": [
- "string"
]
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "tags": "string",
- "name": "string",
- "address": "string",
- "targets": [
- {
- "name": "string",
- "descr": "string",
- "updatefreq": "string"
}
], - "descr": "string",
- "type": "host",
- "detail": "string",
- "updatefreq": "string",
- "truncated": true,
- "display_values": [
- "string"
]
}| id required | string |
| tags | string |
| name required | string |
| address | string space separated list of addresses |
Array of objects (FWTarget) | |
| descr | string |
| type | string Enum: "host" "network" "url" "urltable" "urltable_ports" "port" "url_ports" host, network, url, urltable, urltable_ports, port, or url_ports |
| detail | string |
| updatefreq | string |
| truncated | boolean |
| display_values | Array of strings |
{- "tags": "string",
- "name": "string",
- "address": "string",
- "targets": [
- {
- "name": "string",
- "descr": "string",
- "updatefreq": "string"
}
], - "descr": "string",
- "type": "host",
- "detail": "string",
- "updatefreq": "string",
- "truncated": true,
- "display_values": [
- "string"
]
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "interfaces": [
- {
- "name": "string",
- "identity": "string",
- "assigned": "string",
- "if": "string",
- "descr": "string",
- "ipaddr": "string",
- "ipaddrv6": "string",
- "mac": "string",
- "tag": 0,
- "member": "string",
- "addresses": [
- "string"
], - "enable": true
}
]
}Array of objects (InterfaceSimple) |
{- "interfaces": [
- {
- "name": "string",
- "identity": "string",
- "assigned": "string",
- "if": "string",
- "descr": "string",
- "ipaddr": "string",
- "ipaddrv6": "string",
- "mac": "string",
- "tag": 0,
- "member": "string",
- "addresses": [
- "string"
], - "enable": true
}
]
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| name | string alias to assigned name |
| if | string alias to device_name |
| assigned_name | string user assigned name, e.g. MYLAN |
| device_name | string host device name, e.g. ix1 |
| identity | string unique identity of device, e.g. opt1 |
| enable | boolean |
| blockbogons | boolean |
| pseudo | boolean |
| blockpriv | boolean |
| slaacusev4iface | boolean |
| descr | string |
| type | string |
| type6 | string |
| mtu | integer |
| mss | integer |
| pcp | integer |
| promisc | boolean |
| ipaddr | string |
| member | string |
| media | string |
| mac | string |
| mediaopt | string |
| spoofmac | string |
| tag | integer |
| gateway | string |
| ipaddrv6 | string |
| ipv6usev4iface | boolean |
| gatewayv6 | string |
| alias_address | string |
| dhcphostname | string |
| dhcprejectfrom | string |
| dhcprejectfromarray | Array of strings |
| dhcpvlanenable | boolean |
| dhcp6usev4iface | boolean |
| dhcp6prefixonly | boolean |
| dhcp6_ia_pd_send_hint | boolean |
| dhcp6debug | boolean |
| dhcp6withoutra | boolean |
| dhcp6norelease | boolean |
| dhcpcvpt | string |
| dhcp6cvpt | string |
| prefix_6rd | string |
| gateway_6rd | string |
| dhcp6_ia_pd_len | string |
| prefix_6rd_v4plen | string |
| track6_interface | string |
| track6_prefix_id | string |
| adv_dhcp_config_advanced | boolean |
| adv_dhcp_config_file_override | boolean |
| adv_dhcp_pt_timeout | string |
| adv_dhcp_pt_retry | string |
| adv_dhcp_pt_select_timeout | string |
| adv_dhcp_pt_reboot | string |
| adv_dhcp_pt_backoff_cutoff | string |
| adv_dhcp_pt_initial_interval | string |
| adv_dhcp_pt_values | string |
| adv_dhcp_config_file_override_path | string |
| adv_dhcp_send_options | string |
| adv_dhcp_request_options | string |
| adv_dhcp_required_options | string |
| adv_dhcp_option_modifiers | string |
| adv_dhcp6_config_advanced | boolean |
| adv_dhcp6_config_file_override | boolean |
| adv_dhcp6_prefix_selected_interface | string |
| adv_dhcp6_config_file_override_path | string |
| adv_dhcp6_interface_statement_information_only_enable | boolean |
| adv_dhcp6_interface_statement_send_options | string |
| adv_dhcp6_interface_statement_request_options | string |
| adv_dhcp6_interface_statement_script | string |
| adv_dhcp6_id_assoc_statement_address_enable | boolean |
| adv_dhcp6_id_assoc_statement_address_id | string |
| adv_dhcp6_id_assoc_statement_address | string |
| adv_dhcp6_id_assoc_statement_address_pltime | string |
| adv_dhcp6_id_assoc_statement_address_vltime | string |
| adv_dhcp6_id_assoc_statement_prefix_enable | boolean |
| adv_dhcp6_id_assoc_statement_prefix_id | string |
| adv_dhcp6_id_assoc_statement_prefix | string |
| adv_dhcp6_id_assoc_statement_prefix_pltime | string |
| adv_dhcp6_id_assoc_statement_prefix_vltime | string |
| adv_dhcp6_prefix_interface_statement_sla_id | string |
| adv_dhcp6_prefix_interface_statement_sla_len | string |
| adv_dhcp6_authentication_statement_authname | string |
| adv_dhcp6_authentication_statement_protocol | string |
| adv_dhcp6_authentication_statement_algorithm | string |
| adv_dhcp6_authentication_statement_rdm | string |
| adv_dhcp6_key_info_statement_keyname | string |
| adv_dhcp6_key_info_statement_realm | string |
| adv_dhcp6_key_info_statement_keyid | string |
| adv_dhcp6_key_info_statement_secret | string |
| adv_dhcp6_key_info_statement_expire | string |
{- "name": "string",
- "if": "string",
- "assigned_name": "string",
- "device_name": "string",
- "identity": "string",
- "enable": true,
- "blockbogons": true,
- "pseudo": true,
- "blockpriv": true,
- "slaacusev4iface": true,
- "descr": "string",
- "type": "string",
- "type6": "string",
- "mtu": 0,
- "mss": 0,
- "pcp": 0,
- "promisc": true,
- "ipaddr": "string",
- "member": "string",
- "media": "string",
- "mac": "string",
- "mediaopt": "string",
- "spoofmac": "string",
- "tag": 0,
- "gateway": "string",
- "ipaddrv6": "string",
- "ipv6usev4iface": true,
- "gatewayv6": "string",
- "alias_address": "string",
- "dhcphostname": "string",
- "dhcprejectfrom": "string",
- "dhcprejectfromarray": [
- "string"
], - "dhcpvlanenable": true,
- "dhcp6usev4iface": true,
- "dhcp6prefixonly": true,
- "dhcp6_ia_pd_send_hint": true,
- "dhcp6debug": true,
- "dhcp6withoutra": true,
- "dhcp6norelease": true,
- "dhcpcvpt": "string",
- "dhcp6cvpt": "string",
- "prefix_6rd": "string",
- "gateway_6rd": "string",
- "dhcp6_ia_pd_len": "string",
- "prefix_6rd_v4plen": "string",
- "track6_interface": "string",
- "track6_prefix_id": "string",
- "adv_dhcp_config_advanced": true,
- "adv_dhcp_config_file_override": true,
- "adv_dhcp_pt_timeout": "string",
- "adv_dhcp_pt_retry": "string",
- "adv_dhcp_pt_select_timeout": "string",
- "adv_dhcp_pt_reboot": "string",
- "adv_dhcp_pt_backoff_cutoff": "string",
- "adv_dhcp_pt_initial_interval": "string",
- "adv_dhcp_pt_values": "string",
- "adv_dhcp_config_file_override_path": "string",
- "adv_dhcp_send_options": "string",
- "adv_dhcp_request_options": "string",
- "adv_dhcp_required_options": "string",
- "adv_dhcp_option_modifiers": "string",
- "adv_dhcp6_config_advanced": true,
- "adv_dhcp6_config_file_override": true,
- "adv_dhcp6_prefix_selected_interface": "string",
- "adv_dhcp6_config_file_override_path": "string",
- "adv_dhcp6_interface_statement_information_only_enable": true,
- "adv_dhcp6_interface_statement_send_options": "string",
- "adv_dhcp6_interface_statement_request_options": "string",
- "adv_dhcp6_interface_statement_script": "string",
- "adv_dhcp6_id_assoc_statement_address_enable": true,
- "adv_dhcp6_id_assoc_statement_address_id": "string",
- "adv_dhcp6_id_assoc_statement_address": "string",
- "adv_dhcp6_id_assoc_statement_address_pltime": "string",
- "adv_dhcp6_id_assoc_statement_address_vltime": "string",
- "adv_dhcp6_id_assoc_statement_prefix_enable": true,
- "adv_dhcp6_id_assoc_statement_prefix_id": "string",
- "adv_dhcp6_id_assoc_statement_prefix": "string",
- "adv_dhcp6_id_assoc_statement_prefix_pltime": "string",
- "adv_dhcp6_id_assoc_statement_prefix_vltime": "string",
- "adv_dhcp6_prefix_interface_statement_sla_id": "string",
- "adv_dhcp6_prefix_interface_statement_sla_len": "string",
- "adv_dhcp6_authentication_statement_authname": "string",
- "adv_dhcp6_authentication_statement_protocol": "string",
- "adv_dhcp6_authentication_statement_algorithm": "string",
- "adv_dhcp6_authentication_statement_rdm": "string",
- "adv_dhcp6_key_info_statement_keyname": "string",
- "adv_dhcp6_key_info_statement_realm": "string",
- "adv_dhcp6_key_info_statement_keyid": "string",
- "adv_dhcp6_key_info_statement_secret": "string",
- "adv_dhcp6_key_info_statement_expire": "string"
}{- "name": "string"
}{- "interfaces": [
- {
- "members": [
- "string"
], - "enablestp": true,
- "descr": "string",
- "maxaddr": 0,
- "timeout": 0,
- "maxage": 0,
- "fwdelay": 0,
- "hellotime": 0,
- "priority": 0,
- "proto": "string",
- "holdcnt": 0,
- "ip6linklocal": true,
- "ifpriority": {
- "property1": 0,
- "property2": 0
}, - "ifpathcost": {
- "property1": 0,
- "property2": 0
}, - "static": [
- "string"
], - "private": [
- "string"
], - "stp": [
- "string"
], - "span": [
- "string"
], - "edge": [
- "string"
], - "autoedge": [
- "string"
], - "ptp": [
- "string"
], - "autoptp": [
- "string"
], - "bridgeif_device": "string"
}
], - "bridge_capable_ifs": [
- {
- "if_identity": "string",
- "if_assigned_name": "string"
}
]
}| members required | Array of strings |
| enablestp | boolean enable RSTP/STP |
| descr | string description |
| maxaddr | integer cache size of the bridge address, default is 2000 entries |
| timeout | integer cache expire time, default is 1200 seconds |
| maxage | integer the time that a Spanning Tree Protocol configuration is valid default is 20 seconds, minimum is 6 seconds and maximum is 40 seconds |
| fwdelay | integer the time that must pass before an interface begins forwarding packets when spanning tree is enabled default is 15 seconds, minimum is 4 seconds and maximum is 30 seconds |
| hellotime | integer the time in seconds between broadcasting of STP configuration messages default is 2 seconds, minimum is 1 second and maximum is 2 seconds |
| priority | integer the bridge priority for spanning tree default is 32768, minimum is 0 and maximum is 61440 |
| proto | string protocol used for spanning tree valid value = "rstp" or "stp" |
| holdcnt | integer the transmit hold count for spanning tree default is 6, minimum is 1 and maximum is 10 |
| ip6linklocal | boolean enable IPv6 auto linklocal |
object | |
object | |
| static | Array of strings |
| private | Array of strings |
| stp | Array of strings |
| span | Array of strings |
| edge | Array of strings |
| autoedge | Array of strings |
| ptp | Array of strings |
| autoptp | Array of strings |
| bridgeif_device | string generated by system when a Bridge is created |
{- "members": [
- "string"
], - "enablestp": true,
- "descr": "string",
- "maxaddr": 0,
- "timeout": 0,
- "maxage": 0,
- "fwdelay": 0,
- "hellotime": 0,
- "priority": 0,
- "proto": "string",
- "holdcnt": 0,
- "ip6linklocal": true,
- "ifpriority": {
- "property1": 0,
- "property2": 0
}, - "ifpathcost": {
- "property1": 0,
- "property2": 0
}, - "static": [
- "string"
], - "private": [
- "string"
], - "stp": [
- "string"
], - "span": [
- "string"
], - "edge": [
- "string"
], - "autoedge": [
- "string"
], - "ptp": [
- "string"
], - "autoptp": [
- "string"
], - "bridgeif_device": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| name required | string |
| members required | Array of strings |
| enablestp | boolean enable RSTP/STP |
| descr | string description |
| maxaddr | integer cache size of the bridge address, default is 2000 entries |
| timeout | integer cache expire time, default is 1200 seconds |
| maxage | integer the time that a Spanning Tree Protocol configuration is valid default is 20 seconds, minimum is 6 seconds and maximum is 40 seconds |
| fwdelay | integer the time that must pass before an interface begins forwarding packets when spanning tree is enabled default is 15 seconds, minimum is 4 seconds and maximum is 30 seconds |
| hellotime | integer the time in seconds between broadcasting of STP configuration messages default is 2 seconds, minimum is 1 second and maximum is 2 seconds |
| priority | integer the bridge priority for spanning tree default is 32768, minimum is 0 and maximum is 61440 |
| proto | string protocol used for spanning tree valid value = "rstp" or "stp" |
| holdcnt | integer the transmit hold count for spanning tree default is 6, minimum is 1 and maximum is 10 |
| ip6linklocal | boolean enable IPv6 auto linklocal |
object | |
object | |
| static | Array of strings |
| private | Array of strings |
| stp | Array of strings |
| span | Array of strings |
| edge | Array of strings |
| autoedge | Array of strings |
| ptp | Array of strings |
| autoptp | Array of strings |
| bridgeif_device | string generated by system when a Bridge is created |
{- "members": [
- "string"
], - "enablestp": true,
- "descr": "string",
- "maxaddr": 0,
- "timeout": 0,
- "maxage": 0,
- "fwdelay": 0,
- "hellotime": 0,
- "priority": 0,
- "proto": "string",
- "holdcnt": 0,
- "ip6linklocal": true,
- "ifpriority": {
- "property1": 0,
- "property2": 0
}, - "ifpathcost": {
- "property1": 0,
- "property2": 0
}, - "static": [
- "string"
], - "private": [
- "string"
], - "stp": [
- "string"
], - "span": [
- "string"
], - "edge": [
- "string"
], - "autoedge": [
- "string"
], - "ptp": [
- "string"
], - "autoptp": [
- "string"
], - "bridgeif_device": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "interfaces": [
- {
- "assigned_name": "string",
- "device_name": "string",
- "identity": "string",
- "descr": "string",
- "enable": true,
- "pseudo": true,
- "addr_type": "string",
- "addr6_type": "string",
- "options": {
- "blockbogons": true,
- "blockpriv": true,
- "mtu": 0,
- "mss": 0,
- "pcp": 0,
- "promisc": true,
- "member": "string",
- "mac": "string",
- "mediaopt": "string",
- "spoofmac": "string",
- "tag": 0
}, - "addr": {
- "ipaddr": "string",
- "gateway_ip": "string",
- "gateway_name": "string",
- "alias_address": "string",
- "ipaddrv6": "string",
- "default_gw6": true,
- "gateway_ip6": "string",
- "gateway_descr6": "string",
- "gateway_name6": "string",
- "ipv6_usev4_iface": true,
- "slaac_usev4_iface": true
}, - "dhcp": {
- "dhcp_hostname": "string",
- "dhcp_reject_from": [
- "string"
], - "dhcp_vlan_enable": true,
- "dhcp_vlan_priority": 0,
- "dhcp6_usev4_iface": true,
- "dhcp6_prefix_only": true,
- "dhcp6_ia_pd_send_hint": true,
- "dhcp6_debug": true,
- "dhcp6_without_ra": true,
- "dhcp6_no_release": true,
- "dhcp6_vlan_priority": 0,
- "enable_adv_opt": true,
- "enable_adv6_opt": true,
- "dhcp_advanced": {
- "req_timeout": "string",
- "req_retry": "string",
- "req_select_timeout": "string",
- "req_restart": "string",
- "req_backoff_cutoff": "string",
- "req_initial_interval": "string",
- "send_options": "string",
- "request_options": "string",
- "required_options": "string",
- "option_modifiers": "string",
- "enable_override_options": true,
- "override_options": "string",
- "config_file_override_path": "string"
}, - "dhcp6_advanced": {
- "duid": "string",
- "client_id": "string",
- "dhcp6_pfxdel_len": 0,
- "prefix_selected_interface": "string",
- "ifreq_information_only_enable": true,
- "send_options": "string",
- "request_options": "string",
- "enable_override_options": true,
- "override_options": "string",
- "config_file_override_path": "string"
}
}, - "ipv6rd": {
- "prefix_6rd": "string",
- "gateway_6rd": "string",
- "track6_prefix_id_hex": "string",
- "prefix_6rd_v4plen": "string",
- "track6_interface": "string"
}, - "ownership": {
- "owner_type": "string",
- "owner_id": "string",
- "host_config": {
- "wol": true,
- "hw_flags": "string"
}, - "vpp_config": {
- "name": "string"
}, - "container_config": {
- "ctn_id": "string"
}, - "vm_config": {
- "vm_id": "string"
}
}, - "device_config": {
- "device": "string",
- "bus_path": "string",
- "mac": "string",
- "parent_device": "string",
- "parent_path": "string",
- "iftype": "string",
- "members": [
- "string"
]
}, - "info": {
- "media": "string",
- "state": "string"
}
}
]
}Host interfaces are those defined by the operating system's drivers. It also includes pseudo interfaces, which are software created, such as TUN, TAP and bridges. This function gets the information of the {devname} specified.
| devname required | string |
{- "assigned_name": "string",
- "device_name": "string",
- "identity": "string",
- "descr": "string",
- "enable": true,
- "pseudo": true,
- "addr_type": "string",
- "addr6_type": "string",
- "options": {
- "blockbogons": true,
- "blockpriv": true,
- "mtu": 0,
- "mss": 0,
- "pcp": 0,
- "promisc": true,
- "member": "string",
- "mac": "string",
- "mediaopt": "string",
- "spoofmac": "string",
- "tag": 0
}, - "addr": {
- "ipaddr": "string",
- "gateway_ip": "string",
- "gateway_name": "string",
- "alias_address": "string",
- "ipaddrv6": "string",
- "default_gw6": true,
- "gateway_ip6": "string",
- "gateway_descr6": "string",
- "gateway_name6": "string",
- "ipv6_usev4_iface": true,
- "slaac_usev4_iface": true
}, - "dhcp": {
- "dhcp_hostname": "string",
- "dhcp_reject_from": [
- "string"
], - "dhcp_vlan_enable": true,
- "dhcp_vlan_priority": 0,
- "dhcp6_usev4_iface": true,
- "dhcp6_prefix_only": true,
- "dhcp6_ia_pd_send_hint": true,
- "dhcp6_debug": true,
- "dhcp6_without_ra": true,
- "dhcp6_no_release": true,
- "dhcp6_vlan_priority": 0,
- "enable_adv_opt": true,
- "enable_adv6_opt": true,
- "dhcp_advanced": {
- "req_timeout": "string",
- "req_retry": "string",
- "req_select_timeout": "string",
- "req_restart": "string",
- "req_backoff_cutoff": "string",
- "req_initial_interval": "string",
- "send_options": "string",
- "request_options": "string",
- "required_options": "string",
- "option_modifiers": "string",
- "enable_override_options": true,
- "override_options": "string",
- "config_file_override_path": "string"
}, - "dhcp6_advanced": {
- "duid": "string",
- "client_id": "string",
- "dhcp6_pfxdel_len": 0,
- "prefix_selected_interface": "string",
- "ifreq_information_only_enable": true,
- "send_options": "string",
- "request_options": "string",
- "enable_override_options": true,
- "override_options": "string",
- "config_file_override_path": "string"
}
}, - "ipv6rd": {
- "prefix_6rd": "string",
- "gateway_6rd": "string",
- "track6_prefix_id_hex": "string",
- "prefix_6rd_v4plen": "string",
- "track6_interface": "string"
}, - "ownership": {
- "owner_type": "string",
- "owner_id": "string",
- "host_config": {
- "wol": true,
- "hw_flags": "string"
}, - "vpp_config": {
- "name": "string"
}, - "container_config": {
- "ctn_id": "string"
}, - "vm_config": {
- "vm_id": "string"
}
}, - "device_config": {
- "device": "string",
- "bus_path": "string",
- "mac": "string",
- "parent_device": "string",
- "parent_path": "string",
- "iftype": "string",
- "members": [
- "string"
]
}, - "info": {
- "media": "string",
- "state": "string"
}
}{- "descriptors": {
- "gre": {
- "property1": "string",
- "property2": "string"
}, - "gif": {
- "property1": "string",
- "property2": "string"
}, - "lagg": {
- "property1": "string",
- "property2": "string"
}, - "qinq": {
- "property1": "string",
- "property2": "string"
}, - "ppp": {
- "property1": "string",
- "property2": "string"
}, - "bridges": {
- "property1": "string",
- "property2": "string"
}, - "vlan": {
- "property1": "string",
- "property2": "string"
}, - "vxlan": {
- "property1": "string",
- "property2": "string"
}, - "physical": {
- "property1": "string",
- "property2": "string"
}
}
}{- "interfaces": [
- {
- "if_identity": "string",
- "tunnel_local_addr": "string",
- "tunnel_remote_addr": "string",
- "tunnel_remote_net": 0,
- "remote_addr": "string",
- "descr": "string",
- "link1": true,
- "link2": true,
- "gifif": "string"
}
], - "gif_capable_ifs": [
- {
- "if_identity": "string",
- "if_assigned_name": "string"
}
]
}| if_identity required | string identity name of the parent interface |
| tunnel_local_addr | string local tunnel address |
| tunnel_remote_addr | string remote tunnel address |
| tunnel_remote_net | integer remote tunnel address subnet |
| remote_addr | string address of the remote peer |
| descr | string description |
| link1 | boolean explicit congestion notification (ecn) friendly behavior |
| link2 | boolean disable automatic filtering of the outer gif source |
| gifif | string generated by system when create gif |
{- "if_identity": "string",
- "tunnel_local_addr": "string",
- "tunnel_remote_addr": "string",
- "tunnel_remote_net": 0,
- "remote_addr": "string",
- "descr": "string",
- "link1": true,
- "link2": true,
- "gifif": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| name required | string |
| if_identity required | string identity name of the parent interface |
| tunnel_local_addr | string local tunnel address |
| tunnel_remote_addr | string remote tunnel address |
| tunnel_remote_net | integer remote tunnel address subnet |
| remote_addr | string address of the remote peer |
| descr | string description |
| link1 | boolean explicit congestion notification (ecn) friendly behavior |
| link2 | boolean disable automatic filtering of the outer gif source |
| gifif | string generated by system when create gif |
{- "if_identity": "string",
- "tunnel_local_addr": "string",
- "tunnel_remote_addr": "string",
- "tunnel_remote_net": 0,
- "remote_addr": "string",
- "descr": "string",
- "link1": true,
- "link2": true,
- "gifif": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "interfaces": [
- {
- "if_identity": "string",
- "tunnel_local_addr": "string",
- "tunnel_remote_addr": "string",
- "tunnel_local_addr6": "string",
- "tunnel_remote_addr6": "string",
- "tunnel_remote_net": 0,
- "tunnel_remote_net6": 0,
- "remote_addr": "string",
- "descr": "string",
- "link1": true,
- "greif": "string"
}
], - "gre_capable_ifs": [
- {
- "if_identity": "string",
- "if_assigned_name": "string"
}
]
}| if_identity required | string identity name of the parent interface |
| tunnel_local_addr | string local ipv4 tunnel address |
| tunnel_remote_addr | string remote ipv4 tunnel address |
| tunnel_local_addr6 | string local ipv6 tunnel address |
| tunnel_remote_addr6 | string remote ipv6 tunnel address |
| tunnel_remote_net | integer remote ipv4 tunnel address subnet |
| tunnel_remote_net6 | integer remote ipv6 tunnel address subnet |
| remote_addr | string address of the remote peer |
| descr | string description |
| link1 | boolean add an explicit static route for the remote inner tunnel |
| greif | string generated by system when create gre |
{- "if_identity": "string",
- "tunnel_local_addr": "string",
- "tunnel_remote_addr": "string",
- "tunnel_local_addr6": "string",
- "tunnel_remote_addr6": "string",
- "tunnel_remote_net": 0,
- "tunnel_remote_net6": 0,
- "remote_addr": "string",
- "descr": "string",
- "link1": true,
- "greif": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| name required | string |
| if_identity required | string identity name of the parent interface |
| tunnel_local_addr | string local ipv4 tunnel address |
| tunnel_remote_addr | string remote ipv4 tunnel address |
| tunnel_local_addr6 | string local ipv6 tunnel address |
| tunnel_remote_addr6 | string remote ipv6 tunnel address |
| tunnel_remote_net | integer remote ipv4 tunnel address subnet |
| tunnel_remote_net6 | integer remote ipv6 tunnel address subnet |
| remote_addr | string address of the remote peer |
| descr | string description |
| link1 | boolean add an explicit static route for the remote inner tunnel |
| greif | string generated by system when create gre |
{- "if_identity": "string",
- "tunnel_local_addr": "string",
- "tunnel_remote_addr": "string",
- "tunnel_local_addr6": "string",
- "tunnel_remote_addr6": "string",
- "tunnel_remote_net": 0,
- "tunnel_remote_net6": 0,
- "remote_addr": "string",
- "descr": "string",
- "link1": true,
- "greif": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| members | Array of strings |
| descr | string |
| ifname | string interface group name |
{- "members": [
- "string"
], - "descr": "string",
- "ifname": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| name required | string |
| members | Array of strings |
| descr | string |
| ifname | string interface group name |
{- "members": [
- "string"
], - "descr": "string",
- "ifname": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "interfaces": [
- {
- "members": [
- "string"
], - "descr": "string",
- "laggif_device": "string",
- "proto": "none",
- "failovermaster": "string",
- "lacptimeout": "slow",
- "lagghash": "string"
}
], - "lagg_capable_ifs": {
- "capable_ifs": [
- {
- "if_device": "string",
- "mac": "string"
}
], - "lagg_members": [
- {
- "if_device": "string",
- "mac": "string"
}
]
}
}| members required | Array of strings |
| descr | string description |
| laggif_device | string generated by system when create lagg |
| proto | string Enum: "none" "lacp" "failover" "loadbalance" "roundrobin" lagg protocol valid value = none, lacp, failover, loadbalance, roundrobin |
| failovermaster | string (for proto=failover only) failover master interface |
| lacptimeout | string Enum: "slow" "fast" (for proto=lacp only) LACP Timeout Mode valid value = slow, fast |
| lagghash | string (for proto=lacp or loadbalance) hash algorithms for the packet layers valid value = "l2,l3,l4", "l2", "l3", "l4", "l2,l3", "l3,l4", "l2,l4" |
{- "members": [
- "string"
], - "descr": "string",
- "laggif_device": "string",
- "proto": "none",
- "failovermaster": "string",
- "lacptimeout": "slow",
- "lagghash": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| name required | string |
| members required | Array of strings |
| descr | string description |
| laggif_device | string generated by system when create lagg |
| proto | string Enum: "none" "lacp" "failover" "loadbalance" "roundrobin" lagg protocol valid value = none, lacp, failover, loadbalance, roundrobin |
| failovermaster | string (for proto=failover only) failover master interface |
| lacptimeout | string Enum: "slow" "fast" (for proto=lacp only) LACP Timeout Mode valid value = slow, fast |
| lagghash | string (for proto=lacp or loadbalance) hash algorithms for the packet layers valid value = "l2,l3,l4", "l2", "l3", "l4", "l2,l3", "l3,l4", "l2,l4" |
{- "members": [
- "string"
], - "descr": "string",
- "laggif_device": "string",
- "proto": "none",
- "failovermaster": "string",
- "lacptimeout": "slow",
- "lagghash": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "name": "string",
- "if": "string",
- "assigned_name": "string",
- "device_name": "string",
- "identity": "string",
- "enable": true,
- "blockbogons": true,
- "pseudo": true,
- "blockpriv": true,
- "slaacusev4iface": true,
- "descr": "string",
- "type": "string",
- "type6": "string",
- "mtu": 0,
- "mss": 0,
- "pcp": 0,
- "promisc": true,
- "ipaddr": "string",
- "member": "string",
- "media": "string",
- "mac": "string",
- "mediaopt": "string",
- "spoofmac": "string",
- "tag": 0,
- "gateway": "string",
- "ipaddrv6": "string",
- "ipv6usev4iface": true,
- "gatewayv6": "string",
- "alias_address": "string",
- "dhcphostname": "string",
- "dhcprejectfrom": "string",
- "dhcprejectfromarray": [
- "string"
], - "dhcpvlanenable": true,
- "dhcp6usev4iface": true,
- "dhcp6prefixonly": true,
- "dhcp6_ia_pd_send_hint": true,
- "dhcp6debug": true,
- "dhcp6withoutra": true,
- "dhcp6norelease": true,
- "dhcpcvpt": "string",
- "dhcp6cvpt": "string",
- "prefix_6rd": "string",
- "gateway_6rd": "string",
- "dhcp6_ia_pd_len": "string",
- "prefix_6rd_v4plen": "string",
- "track6_interface": "string",
- "track6_prefix_id": "string",
- "adv_dhcp_config_advanced": true,
- "adv_dhcp_config_file_override": true,
- "adv_dhcp_pt_timeout": "string",
- "adv_dhcp_pt_retry": "string",
- "adv_dhcp_pt_select_timeout": "string",
- "adv_dhcp_pt_reboot": "string",
- "adv_dhcp_pt_backoff_cutoff": "string",
- "adv_dhcp_pt_initial_interval": "string",
- "adv_dhcp_pt_values": "string",
- "adv_dhcp_config_file_override_path": "string",
- "adv_dhcp_send_options": "string",
- "adv_dhcp_request_options": "string",
- "adv_dhcp_required_options": "string",
- "adv_dhcp_option_modifiers": "string",
- "adv_dhcp6_config_advanced": true,
- "adv_dhcp6_config_file_override": true,
- "adv_dhcp6_prefix_selected_interface": "string",
- "adv_dhcp6_config_file_override_path": "string",
- "adv_dhcp6_interface_statement_information_only_enable": true,
- "adv_dhcp6_interface_statement_send_options": "string",
- "adv_dhcp6_interface_statement_request_options": "string",
- "adv_dhcp6_interface_statement_script": "string",
- "adv_dhcp6_id_assoc_statement_address_enable": true,
- "adv_dhcp6_id_assoc_statement_address_id": "string",
- "adv_dhcp6_id_assoc_statement_address": "string",
- "adv_dhcp6_id_assoc_statement_address_pltime": "string",
- "adv_dhcp6_id_assoc_statement_address_vltime": "string",
- "adv_dhcp6_id_assoc_statement_prefix_enable": true,
- "adv_dhcp6_id_assoc_statement_prefix_id": "string",
- "adv_dhcp6_id_assoc_statement_prefix": "string",
- "adv_dhcp6_id_assoc_statement_prefix_pltime": "string",
- "adv_dhcp6_id_assoc_statement_prefix_vltime": "string",
- "adv_dhcp6_prefix_interface_statement_sla_id": "string",
- "adv_dhcp6_prefix_interface_statement_sla_len": "string",
- "adv_dhcp6_authentication_statement_authname": "string",
- "adv_dhcp6_authentication_statement_protocol": "string",
- "adv_dhcp6_authentication_statement_algorithm": "string",
- "adv_dhcp6_authentication_statement_rdm": "string",
- "adv_dhcp6_key_info_statement_keyname": "string",
- "adv_dhcp6_key_info_statement_realm": "string",
- "adv_dhcp6_key_info_statement_keyid": "string",
- "adv_dhcp6_key_info_statement_secret": "string",
- "adv_dhcp6_key_info_statement_expire": "string"
}| name | string alias to assigned name |
| if | string alias to device_name |
| assigned_name | string user assigned name, e.g. MYLAN |
| device_name | string host device name, e.g. ix1 |
| identity | string unique identity of device, e.g. opt1 |
| enable | boolean |
| blockbogons | boolean |
| pseudo | boolean |
| blockpriv | boolean |
| slaacusev4iface | boolean |
| descr | string |
| type | string |
| type6 | string |
| mtu | integer |
| mss | integer |
| pcp | integer |
| promisc | boolean |
| ipaddr | string |
| member | string |
| media | string |
| mac | string |
| mediaopt | string |
| spoofmac | string |
| tag | integer |
| gateway | string |
| ipaddrv6 | string |
| ipv6usev4iface | boolean |
| gatewayv6 | string |
| alias_address | string |
| dhcphostname | string |
| dhcprejectfrom | string |
| dhcprejectfromarray | Array of strings |
| dhcpvlanenable | boolean |
| dhcp6usev4iface | boolean |
| dhcp6prefixonly | boolean |
| dhcp6_ia_pd_send_hint | boolean |
| dhcp6debug | boolean |
| dhcp6withoutra | boolean |
| dhcp6norelease | boolean |
| dhcpcvpt | string |
| dhcp6cvpt | string |
| prefix_6rd | string |
| gateway_6rd | string |
| dhcp6_ia_pd_len | string |
| prefix_6rd_v4plen | string |
| track6_interface | string |
| track6_prefix_id | string |
| adv_dhcp_config_advanced | boolean |
| adv_dhcp_config_file_override | boolean |
| adv_dhcp_pt_timeout | string |
| adv_dhcp_pt_retry | string |
| adv_dhcp_pt_select_timeout | string |
| adv_dhcp_pt_reboot | string |
| adv_dhcp_pt_backoff_cutoff | string |
| adv_dhcp_pt_initial_interval | string |
| adv_dhcp_pt_values | string |
| adv_dhcp_config_file_override_path | string |
| adv_dhcp_send_options | string |
| adv_dhcp_request_options | string |
| adv_dhcp_required_options | string |
| adv_dhcp_option_modifiers | string |
| adv_dhcp6_config_advanced | boolean |
| adv_dhcp6_config_file_override | boolean |
| adv_dhcp6_prefix_selected_interface | string |
| adv_dhcp6_config_file_override_path | string |
| adv_dhcp6_interface_statement_information_only_enable | boolean |
| adv_dhcp6_interface_statement_send_options | string |
| adv_dhcp6_interface_statement_request_options | string |
| adv_dhcp6_interface_statement_script | string |
| adv_dhcp6_id_assoc_statement_address_enable | boolean |
| adv_dhcp6_id_assoc_statement_address_id | string |
| adv_dhcp6_id_assoc_statement_address | string |
| adv_dhcp6_id_assoc_statement_address_pltime | string |
| adv_dhcp6_id_assoc_statement_address_vltime | string |
| adv_dhcp6_id_assoc_statement_prefix_enable | boolean |
| adv_dhcp6_id_assoc_statement_prefix_id | string |
| adv_dhcp6_id_assoc_statement_prefix | string |
| adv_dhcp6_id_assoc_statement_prefix_pltime | string |
| adv_dhcp6_id_assoc_statement_prefix_vltime | string |
| adv_dhcp6_prefix_interface_statement_sla_id | string |
| adv_dhcp6_prefix_interface_statement_sla_len | string |
| adv_dhcp6_authentication_statement_authname | string |
| adv_dhcp6_authentication_statement_protocol | string |
| adv_dhcp6_authentication_statement_algorithm | string |
| adv_dhcp6_authentication_statement_rdm | string |
| adv_dhcp6_key_info_statement_keyname | string |
| adv_dhcp6_key_info_statement_realm | string |
| adv_dhcp6_key_info_statement_keyid | string |
| adv_dhcp6_key_info_statement_secret | string |
| adv_dhcp6_key_info_statement_expire | string |
{- "name": "string",
- "if": "string",
- "assigned_name": "string",
- "device_name": "string",
- "identity": "string",
- "enable": true,
- "blockbogons": true,
- "pseudo": true,
- "blockpriv": true,
- "slaacusev4iface": true,
- "descr": "string",
- "type": "string",
- "type6": "string",
- "mtu": 0,
- "mss": 0,
- "pcp": 0,
- "promisc": true,
- "ipaddr": "string",
- "member": "string",
- "media": "string",
- "mac": "string",
- "mediaopt": "string",
- "spoofmac": "string",
- "tag": 0,
- "gateway": "string",
- "ipaddrv6": "string",
- "ipv6usev4iface": true,
- "gatewayv6": "string",
- "alias_address": "string",
- "dhcphostname": "string",
- "dhcprejectfrom": "string",
- "dhcprejectfromarray": [
- "string"
], - "dhcpvlanenable": true,
- "dhcp6usev4iface": true,
- "dhcp6prefixonly": true,
- "dhcp6_ia_pd_send_hint": true,
- "dhcp6debug": true,
- "dhcp6withoutra": true,
- "dhcp6norelease": true,
- "dhcpcvpt": "string",
- "dhcp6cvpt": "string",
- "prefix_6rd": "string",
- "gateway_6rd": "string",
- "dhcp6_ia_pd_len": "string",
- "prefix_6rd_v4plen": "string",
- "track6_interface": "string",
- "track6_prefix_id": "string",
- "adv_dhcp_config_advanced": true,
- "adv_dhcp_config_file_override": true,
- "adv_dhcp_pt_timeout": "string",
- "adv_dhcp_pt_retry": "string",
- "adv_dhcp_pt_select_timeout": "string",
- "adv_dhcp_pt_reboot": "string",
- "adv_dhcp_pt_backoff_cutoff": "string",
- "adv_dhcp_pt_initial_interval": "string",
- "adv_dhcp_pt_values": "string",
- "adv_dhcp_config_file_override_path": "string",
- "adv_dhcp_send_options": "string",
- "adv_dhcp_request_options": "string",
- "adv_dhcp_required_options": "string",
- "adv_dhcp_option_modifiers": "string",
- "adv_dhcp6_config_advanced": true,
- "adv_dhcp6_config_file_override": true,
- "adv_dhcp6_prefix_selected_interface": "string",
- "adv_dhcp6_config_file_override_path": "string",
- "adv_dhcp6_interface_statement_information_only_enable": true,
- "adv_dhcp6_interface_statement_send_options": "string",
- "adv_dhcp6_interface_statement_request_options": "string",
- "adv_dhcp6_interface_statement_script": "string",
- "adv_dhcp6_id_assoc_statement_address_enable": true,
- "adv_dhcp6_id_assoc_statement_address_id": "string",
- "adv_dhcp6_id_assoc_statement_address": "string",
- "adv_dhcp6_id_assoc_statement_address_pltime": "string",
- "adv_dhcp6_id_assoc_statement_address_vltime": "string",
- "adv_dhcp6_id_assoc_statement_prefix_enable": true,
- "adv_dhcp6_id_assoc_statement_prefix_id": "string",
- "adv_dhcp6_id_assoc_statement_prefix": "string",
- "adv_dhcp6_id_assoc_statement_prefix_pltime": "string",
- "adv_dhcp6_id_assoc_statement_prefix_vltime": "string",
- "adv_dhcp6_prefix_interface_statement_sla_id": "string",
- "adv_dhcp6_prefix_interface_statement_sla_len": "string",
- "adv_dhcp6_authentication_statement_authname": "string",
- "adv_dhcp6_authentication_statement_protocol": "string",
- "adv_dhcp6_authentication_statement_algorithm": "string",
- "adv_dhcp6_authentication_statement_rdm": "string",
- "adv_dhcp6_key_info_statement_keyname": "string",
- "adv_dhcp6_key_info_statement_realm": "string",
- "adv_dhcp6_key_info_statement_keyid": "string",
- "adv_dhcp6_key_info_statement_secret": "string",
- "adv_dhcp6_key_info_statement_expire": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}Get interface ports as a map of port-type (e.g. wans, gres) to a list of its corresponding datastructure.
{- "ports": {
- "gres": [
- {
- "if_identity": "string",
- "tunnel_local_addr": "string",
- "tunnel_remote_addr": "string",
- "tunnel_local_addr6": "string",
- "tunnel_remote_addr6": "string",
- "tunnel_remote_net": 0,
- "tunnel_remote_net6": 0,
- "remote_addr": "string",
- "descr": "string",
- "link1": true,
- "greif": "string"
}
], - "gifs": [
- {
- "if_identity": "string",
- "tunnel_local_addr": "string",
- "tunnel_remote_addr": "string",
- "tunnel_remote_net": 0,
- "remote_addr": "string",
- "descr": "string",
- "link1": true,
- "link2": true,
- "gifif": "string"
}
], - "bridges": [
- {
- "members": [
- "string"
], - "enablestp": true,
- "descr": "string",
- "maxaddr": 0,
- "timeout": 0,
- "maxage": 0,
- "fwdelay": 0,
- "hellotime": 0,
- "priority": 0,
- "proto": "string",
- "holdcnt": 0,
- "ip6linklocal": true,
- "ifpriority": {
- "property1": 0,
- "property2": 0
}, - "ifpathcost": {
- "property1": 0,
- "property2": 0
}, - "static": [
- "string"
], - "private": [
- "string"
], - "stp": [
- "string"
], - "span": [
- "string"
], - "edge": [
- "string"
], - "autoedge": [
- "string"
], - "ptp": [
- "string"
], - "autoptp": [
- "string"
], - "bridgeif_device": "string"
}
], - "vlans": [
- {
- "if_device": "string",
- "tag": 1,
- "tag_type": "string",
- "pcp": 7,
- "descr": "string",
- "vlanif": "string"
}
], - "ppps": [
- {
- "ptpid": "string",
- "if_device": "string",
- "type": "ppp",
- "link_interfaces": [
- {
- "if_device": "string",
- "bandwidth": 0,
- "mtu": 0,
- "mru": 0,
- "mrru": 0,
- "localip": "string",
- "subnet": 0,
- "gateway": "string"
}
], - "descr": "string",
- "username": "string",
- "password": "string",
- "phone": "string",
- "apn": "string",
- "apnum": "string",
- "simpin": "string",
- "pin_wait": "string",
- "initstr": "string",
- "connect_timeout": "string",
- "uptime": true,
- "country": "string",
- "providerplan": "string",
- "provider": "string",
- "null_service": true,
- "pppoe_reset_type": "custom",
- "pppoe_pr_preset_val": "monthly",
- "pppoe_resethour": "string",
- "pppoe_resetminute": "string",
- "pppoe_resetdate": "string",
- "pppoe_multilink_over_singlelink": true,
- "pppoe_mtu_override": true,
- "l2tp_secret": "string",
- "ondemand": true,
- "idletimeout": 0,
- "vjcomp": true,
- "tcpmssfix": true,
- "shortseq": true,
- "acfcomp": true,
- "protocomp": true
}
], - "qinqs": [
- {
- "if_device": "string",
- "tag": 1,
- "tag_type": "string",
- "autogroup": true,
- "members": [
- "string"
], - "descr": "string",
- "vlanif": "string"
}
], - "laggs": [
- {
- "members": [
- "string"
], - "descr": "string",
- "laggif_device": "string",
- "proto": "none",
- "failovermaster": "string",
- "lacptimeout": "slow",
- "lagghash": "string"
}
], - "wan": {
- "name": "string",
- "if": "string",
- "assigned_name": "string",
- "device_name": "string",
- "identity": "string",
- "enable": true,
- "blockbogons": true,
- "pseudo": true,
- "blockpriv": true,
- "slaacusev4iface": true,
- "descr": "string",
- "type": "string",
- "type6": "string",
- "mtu": 0,
- "mss": 0,
- "pcp": 0,
- "promisc": true,
- "ipaddr": "string",
- "member": "string",
- "media": "string",
- "mac": "string",
- "mediaopt": "string",
- "spoofmac": "string",
- "tag": 0,
- "gateway": "string",
- "ipaddrv6": "string",
- "ipv6usev4iface": true,
- "gatewayv6": "string",
- "alias_address": "string",
- "dhcphostname": "string",
- "dhcprejectfrom": "string",
- "dhcprejectfromarray": [
- "string"
], - "dhcpvlanenable": true,
- "dhcp6usev4iface": true,
- "dhcp6prefixonly": true,
- "dhcp6_ia_pd_send_hint": true,
- "dhcp6debug": true,
- "dhcp6withoutra": true,
- "dhcp6norelease": true,
- "dhcpcvpt": "string",
- "dhcp6cvpt": "string",
- "prefix_6rd": "string",
- "gateway_6rd": "string",
- "dhcp6_ia_pd_len": "string",
- "prefix_6rd_v4plen": "string",
- "track6_interface": "string",
- "track6_prefix_id": "string",
- "adv_dhcp_config_advanced": true,
- "adv_dhcp_config_file_override": true,
- "adv_dhcp_pt_timeout": "string",
- "adv_dhcp_pt_retry": "string",
- "adv_dhcp_pt_select_timeout": "string",
- "adv_dhcp_pt_reboot": "string",
- "adv_dhcp_pt_backoff_cutoff": "string",
- "adv_dhcp_pt_initial_interval": "string",
- "adv_dhcp_pt_values": "string",
- "adv_dhcp_config_file_override_path": "string",
- "adv_dhcp_send_options": "string",
- "adv_dhcp_request_options": "string",
- "adv_dhcp_required_options": "string",
- "adv_dhcp_option_modifiers": "string",
- "adv_dhcp6_config_advanced": true,
- "adv_dhcp6_config_file_override": true,
- "adv_dhcp6_prefix_selected_interface": "string",
- "adv_dhcp6_config_file_override_path": "string",
- "adv_dhcp6_interface_statement_information_only_enable": true,
- "adv_dhcp6_interface_statement_send_options": "string",
- "adv_dhcp6_interface_statement_request_options": "string",
- "adv_dhcp6_interface_statement_script": "string",
- "adv_dhcp6_id_assoc_statement_address_enable": true,
- "adv_dhcp6_id_assoc_statement_address_id": "string",
- "adv_dhcp6_id_assoc_statement_address": "string",
- "adv_dhcp6_id_assoc_statement_address_pltime": "string",
- "adv_dhcp6_id_assoc_statement_address_vltime": "string",
- "adv_dhcp6_id_assoc_statement_prefix_enable": true,
- "adv_dhcp6_id_assoc_statement_prefix_id": "string",
- "adv_dhcp6_id_assoc_statement_prefix": "string",
- "adv_dhcp6_id_assoc_statement_prefix_pltime": "string",
- "adv_dhcp6_id_assoc_statement_prefix_vltime": "string",
- "adv_dhcp6_prefix_interface_statement_sla_id": "string",
- "adv_dhcp6_prefix_interface_statement_sla_len": "string",
- "adv_dhcp6_authentication_statement_authname": "string",
- "adv_dhcp6_authentication_statement_protocol": "string",
- "adv_dhcp6_authentication_statement_algorithm": "string",
- "adv_dhcp6_authentication_statement_rdm": "string",
- "adv_dhcp6_key_info_statement_keyname": "string",
- "adv_dhcp6_key_info_statement_realm": "string",
- "adv_dhcp6_key_info_statement_keyid": "string",
- "adv_dhcp6_key_info_statement_secret": "string",
- "adv_dhcp6_key_info_statement_expire": "string"
}, - "lan": {
- "name": "string",
- "if": "string",
- "assigned_name": "string",
- "device_name": "string",
- "identity": "string",
- "enable": true,
- "blockbogons": true,
- "pseudo": true,
- "blockpriv": true,
- "slaacusev4iface": true,
- "descr": "string",
- "type": "string",
- "type6": "string",
- "mtu": 0,
- "mss": 0,
- "pcp": 0,
- "promisc": true,
- "ipaddr": "string",
- "member": "string",
- "media": "string",
- "mac": "string",
- "mediaopt": "string",
- "spoofmac": "string",
- "tag": 0,
- "gateway": "string",
- "ipaddrv6": "string",
- "ipv6usev4iface": true,
- "gatewayv6": "string",
- "alias_address": "string",
- "dhcphostname": "string",
- "dhcprejectfrom": "string",
- "dhcprejectfromarray": [
- "string"
], - "dhcpvlanenable": true,
- "dhcp6usev4iface": true,
- "dhcp6prefixonly": true,
- "dhcp6_ia_pd_send_hint": true,
- "dhcp6debug": true,
- "dhcp6withoutra": true,
- "dhcp6norelease": true,
- "dhcpcvpt": "string",
- "dhcp6cvpt": "string",
- "prefix_6rd": "string",
- "gateway_6rd": "string",
- "dhcp6_ia_pd_len": "string",
- "prefix_6rd_v4plen": "string",
- "track6_interface": "string",
- "track6_prefix_id": "string",
- "adv_dhcp_config_advanced": true,
- "adv_dhcp_config_file_override": true,
- "adv_dhcp_pt_timeout": "string",
- "adv_dhcp_pt_retry": "string",
- "adv_dhcp_pt_select_timeout": "string",
- "adv_dhcp_pt_reboot": "string",
- "adv_dhcp_pt_backoff_cutoff": "string",
- "adv_dhcp_pt_initial_interval": "string",
- "adv_dhcp_pt_values": "string",
- "adv_dhcp_config_file_override_path": "string",
- "adv_dhcp_send_options": "string",
- "adv_dhcp_request_options": "string",
- "adv_dhcp_required_options": "string",
- "adv_dhcp_option_modifiers": "string",
- "adv_dhcp6_config_advanced": true,
- "adv_dhcp6_config_file_override": true,
- "adv_dhcp6_prefix_selected_interface": "string",
- "adv_dhcp6_config_file_override_path": "string",
- "adv_dhcp6_interface_statement_information_only_enable": true,
- "adv_dhcp6_interface_statement_send_options": "string",
- "adv_dhcp6_interface_statement_request_options": "string",
- "adv_dhcp6_interface_statement_script": "string",
- "adv_dhcp6_id_assoc_statement_address_enable": true,
- "adv_dhcp6_id_assoc_statement_address_id": "string",
- "adv_dhcp6_id_assoc_statement_address": "string",
- "adv_dhcp6_id_assoc_statement_address_pltime": "string",
- "adv_dhcp6_id_assoc_statement_address_vltime": "string",
- "adv_dhcp6_id_assoc_statement_prefix_enable": true,
- "adv_dhcp6_id_assoc_statement_prefix_id": "string",
- "adv_dhcp6_id_assoc_statement_prefix": "string",
- "adv_dhcp6_id_assoc_statement_prefix_pltime": "string",
- "adv_dhcp6_id_assoc_statement_prefix_vltime": "string",
- "adv_dhcp6_prefix_interface_statement_sla_id": "string",
- "adv_dhcp6_prefix_interface_statement_sla_len": "string",
- "adv_dhcp6_authentication_statement_authname": "string",
- "adv_dhcp6_authentication_statement_protocol": "string",
- "adv_dhcp6_authentication_statement_algorithm": "string",
- "adv_dhcp6_authentication_statement_rdm": "string",
- "adv_dhcp6_key_info_statement_keyname": "string",
- "adv_dhcp6_key_info_statement_realm": "string",
- "adv_dhcp6_key_info_statement_keyid": "string",
- "adv_dhcp6_key_info_statement_secret": "string",
- "adv_dhcp6_key_info_statement_expire": "string"
}, - "physical": [
- {
- "name": "string",
- "mac": "string",
- "up": true,
- "ipaddr": "string",
- "friendly": "string",
- "dmesg": "string"
}
]
}, - "modems": [
- "string"
]
}{- "interfaces": [
- {
- "ptpid": "string",
- "if_device": "string",
- "type": "ppp",
- "link_interfaces": [
- {
- "if_device": "string",
- "bandwidth": 0,
- "mtu": 0,
- "mru": 0,
- "mrru": 0,
- "localip": "string",
- "subnet": 0,
- "gateway": "string"
}
], - "descr": "string",
- "username": "string",
- "password": "string",
- "phone": "string",
- "apn": "string",
- "apnum": "string",
- "simpin": "string",
- "pin_wait": "string",
- "initstr": "string",
- "connect_timeout": "string",
- "uptime": true,
- "country": "string",
- "providerplan": "string",
- "provider": "string",
- "null_service": true,
- "pppoe_reset_type": "custom",
- "pppoe_pr_preset_val": "monthly",
- "pppoe_resethour": "string",
- "pppoe_resetminute": "string",
- "pppoe_resetdate": "string",
- "pppoe_multilink_over_singlelink": true,
- "pppoe_mtu_override": true,
- "l2tp_secret": "string",
- "ondemand": true,
- "idletimeout": 0,
- "vjcomp": true,
- "tcpmssfix": true,
- "shortseq": true,
- "acfcomp": true,
- "protocomp": true
}
], - "ppp_capable_ifs": {
- "serials": [
- {
- "if_device": "string",
- "desc": "string"
}
], - "interfaces": [
- {
- "if_device": "string",
- "desc": "string"
}
]
}
}| ptpid | string generated by system when a PPP is created |
| if_device | string generated by system when a PPP is created |
| type | string Enum: "ppp" "pppoe" "pptp" "l2tp" link type valid value = ppp, pppoe, pptp, l2tp |
Array of objects (PPPLinkInterface) | |
| descr | string description |
| username | string |
| password | string GET request will return ******** to protect previously entered password POST and PUT request need to send password encoded in base64 |
| phone | string (type ppp only) phone number to ISP |
| apn | string (type ppp only) access point name |
| apnum | string (type ppp only) apn number, default to 1 if apn is set |
| simpin | string (type ppp only) security code on the SIM |
| pin_wait | string (type ppp only) seconds to wait for the SIM to discover network after the PIN is sent |
| initstr | string (type ppp only and base64 encoded) modem initialization string, if necessary |
| connect_timeout | string (type ppp only) time to wait for a connection attempt to succeed |
| uptime | boolean (type ppp only) tracks the uptime for the connection |
| country | string (type ppp only) country in which the modem resides |
| providerplan | string (type ppp only) type of cellular service this modem uses from provider |
| provider | string (for type ppp) cellular service provider for the modem (for type pppoe) service name of the ISP, leave blank for most ISPs |
| null_service | boolean (type pppoe only) some ISPs require to send a NULL value instead of a blank service name |
| pppoe_reset_type | string Enum: "custom" "preset" (type pppoe only) configures a preset time to reset the connection valid value = custom, preset |
| pppoe_pr_preset_val | string Enum: "monthly" "weekly" "daily" "hourly" (type pppoe only and pppoe_pr_preset_val = "preset") connection reset frequency valid value = monthly, weekly, daily, hourly |
| pppoe_resethour | string (type pppoe only and pppoe_pr_preset_val = "custom") hour of the reset date/time |
| pppoe_resetminute | string (type pppoe only and pppoe_pr_preset_val = "custom") minute of the reset date/time |
| pppoe_resetdate | string (type pppoe only and pppoe_pr_preset_val = "custom") date of the reset date/time |
| pppoe_multilink_over_singlelink | boolean (type pppoe only) use LCP multi-link extensions over a single link |
| pppoe_mtu_override | boolean (type pppoe only) overrides the MTU negotiated with the ISP |
| l2tp_secret | string (type l2tp only and base64 encoded) l2tp tunnel shared secret, optional |
| ondemand | boolean dial On demand mode |
| idletimeout | integer number of idle seconds to disconnect the connection |
| vjcomp | boolean disable Van Jacobson TCP header compression, auto-negotiated by default |
| tcpmssfix | boolean disable TCP maximum segment size fix, enabled by default |
| shortseq | boolean for multi-link PPP, disable shorter multi-link fragment headers, auto-negotiated by default |
| acfcomp | boolean disable address and control field compression, auto-negotiated by default |
| protocomp | boolean disable protocol field compression, auto-negotiated by default |
{- "ptpid": "string",
- "if_device": "string",
- "type": "ppp",
- "link_interfaces": [
- {
- "if_device": "string",
- "bandwidth": 0,
- "mtu": 0,
- "mru": 0,
- "mrru": 0,
- "localip": "string",
- "subnet": 0,
- "gateway": "string"
}
], - "descr": "string",
- "username": "string",
- "password": "string",
- "phone": "string",
- "apn": "string",
- "apnum": "string",
- "simpin": "string",
- "pin_wait": "string",
- "initstr": "string",
- "connect_timeout": "string",
- "uptime": true,
- "country": "string",
- "providerplan": "string",
- "provider": "string",
- "null_service": true,
- "pppoe_reset_type": "custom",
- "pppoe_pr_preset_val": "monthly",
- "pppoe_resethour": "string",
- "pppoe_resetminute": "string",
- "pppoe_resetdate": "string",
- "pppoe_multilink_over_singlelink": true,
- "pppoe_mtu_override": true,
- "l2tp_secret": "string",
- "ondemand": true,
- "idletimeout": 0,
- "vjcomp": true,
- "tcpmssfix": true,
- "shortseq": true,
- "acfcomp": true,
- "protocomp": true
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| name required | string |
| ptpid | string generated by system when a PPP is created |
| if_device | string generated by system when a PPP is created |
| type | string Enum: "ppp" "pppoe" "pptp" "l2tp" link type valid value = ppp, pppoe, pptp, l2tp |
Array of objects (PPPLinkInterface) | |
| descr | string description |
| username | string |
| password | string GET request will return ******** to protect previously entered password POST and PUT request need to send password encoded in base64 |
| phone | string (type ppp only) phone number to ISP |
| apn | string (type ppp only) access point name |
| apnum | string (type ppp only) apn number, default to 1 if apn is set |
| simpin | string (type ppp only) security code on the SIM |
| pin_wait | string (type ppp only) seconds to wait for the SIM to discover network after the PIN is sent |
| initstr | string (type ppp only and base64 encoded) modem initialization string, if necessary |
| connect_timeout | string (type ppp only) time to wait for a connection attempt to succeed |
| uptime | boolean (type ppp only) tracks the uptime for the connection |
| country | string (type ppp only) country in which the modem resides |
| providerplan | string (type ppp only) type of cellular service this modem uses from provider |
| provider | string (for type ppp) cellular service provider for the modem (for type pppoe) service name of the ISP, leave blank for most ISPs |
| null_service | boolean (type pppoe only) some ISPs require to send a NULL value instead of a blank service name |
| pppoe_reset_type | string Enum: "custom" "preset" (type pppoe only) configures a preset time to reset the connection valid value = custom, preset |
| pppoe_pr_preset_val | string Enum: "monthly" "weekly" "daily" "hourly" (type pppoe only and pppoe_pr_preset_val = "preset") connection reset frequency valid value = monthly, weekly, daily, hourly |
| pppoe_resethour | string (type pppoe only and pppoe_pr_preset_val = "custom") hour of the reset date/time |
| pppoe_resetminute | string (type pppoe only and pppoe_pr_preset_val = "custom") minute of the reset date/time |
| pppoe_resetdate | string (type pppoe only and pppoe_pr_preset_val = "custom") date of the reset date/time |
| pppoe_multilink_over_singlelink | boolean (type pppoe only) use LCP multi-link extensions over a single link |
| pppoe_mtu_override | boolean (type pppoe only) overrides the MTU negotiated with the ISP |
| l2tp_secret | string (type l2tp only and base64 encoded) l2tp tunnel shared secret, optional |
| ondemand | boolean dial On demand mode |
| idletimeout | integer number of idle seconds to disconnect the connection |
| vjcomp | boolean disable Van Jacobson TCP header compression, auto-negotiated by default |
| tcpmssfix | boolean disable TCP maximum segment size fix, enabled by default |
| shortseq | boolean for multi-link PPP, disable shorter multi-link fragment headers, auto-negotiated by default |
| acfcomp | boolean disable address and control field compression, auto-negotiated by default |
| protocomp | boolean disable protocol field compression, auto-negotiated by default |
{- "ptpid": "string",
- "if_device": "string",
- "type": "ppp",
- "link_interfaces": [
- {
- "if_device": "string",
- "bandwidth": 0,
- "mtu": 0,
- "mru": 0,
- "mrru": 0,
- "localip": "string",
- "subnet": 0,
- "gateway": "string"
}
], - "descr": "string",
- "username": "string",
- "password": "string",
- "phone": "string",
- "apn": "string",
- "apnum": "string",
- "simpin": "string",
- "pin_wait": "string",
- "initstr": "string",
- "connect_timeout": "string",
- "uptime": true,
- "country": "string",
- "providerplan": "string",
- "provider": "string",
- "null_service": true,
- "pppoe_reset_type": "custom",
- "pppoe_pr_preset_val": "monthly",
- "pppoe_resethour": "string",
- "pppoe_resetminute": "string",
- "pppoe_resetdate": "string",
- "pppoe_multilink_over_singlelink": true,
- "pppoe_mtu_override": true,
- "l2tp_secret": "string",
- "ondemand": true,
- "idletimeout": 0,
- "vjcomp": true,
- "tcpmssfix": true,
- "shortseq": true,
- "acfcomp": true,
- "protocomp": true
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "interfaces": [
- {
- "if_device": "string",
- "tag": 1,
- "tag_type": "string",
- "autogroup": true,
- "members": [
- "string"
], - "descr": "string",
- "vlanif": "string"
}
], - "vlan_capable_ifs": [
- {
- "if_device": "string",
- "if_assigned_name": "string",
- "mac": "string",
- "up": true,
- "ipaddr": "string",
- "dmesg": "string"
}
]
}| if_device required | string parent interface |
| tag required | integer [ 1 .. 4094 ] first level VLAN tag |
| tag_type | string |
| autogroup | boolean adds interface to QinQ interface groups |
| members | Array of strings |
| descr | string description |
| vlanif | string generated by system when a QinQ is created |
{- "if_device": "string",
- "tag": 1,
- "tag_type": "string",
- "autogroup": true,
- "members": [
- "string"
], - "descr": "string",
- "vlanif": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| name required | string |
| if_device required | string parent interface |
| tag required | integer [ 1 .. 4094 ] first level VLAN tag |
| tag_type | string |
| autogroup | boolean adds interface to QinQ interface groups |
| members | Array of strings |
| descr | string description |
| vlanif | string generated by system when a QinQ is created |
{- "if_device": "string",
- "tag": 1,
- "tag_type": "string",
- "autogroup": true,
- "members": [
- "string"
], - "descr": "string",
- "vlanif": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "interfaces": [
- {
- "if_device": "string",
- "tag": 1,
- "tag_type": "string",
- "pcp": 7,
- "descr": "string",
- "vlanif": "string"
}
], - "vlan_capable_ifs": [
- {
- "if_device": "string",
- "if_assigned_name": "string",
- "mac": "string",
- "up": true,
- "ipaddr": "string",
- "dmesg": "string"
}
]
}| if_device required | string parent interface of the VLAN |
| tag | integer [ 1 .. 4094 ] 802.1Q VLAN tag (between 1 and 4094) |
| tag_type | string ctag or stag |
| pcp | integer [ 0 .. 7 ] 802.1Q VLAN Priority (between 0 and 7) |
| descr | string description |
| vlanif | string generated by system when a VLAN is created |
{- "if_device": "string",
- "tag": 1,
- "tag_type": "string",
- "pcp": 7,
- "descr": "string",
- "vlanif": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| name required | string |
| if_device required | string parent interface of the VLAN |
| tag | integer [ 1 .. 4094 ] 802.1Q VLAN tag (between 1 and 4094) |
| tag_type | string ctag or stag |
| pcp | integer [ 0 .. 7 ] 802.1Q VLAN Priority (between 0 and 7) |
| descr | string description |
| vlanif | string generated by system when a VLAN is created |
{- "if_device": "string",
- "tag": 1,
- "tag_type": "string",
- "pcp": 7,
- "descr": "string",
- "vlanif": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "interfaces": [
- {
- "if_device": "string",
- "remote_addr": "string",
- "ttl": 0,
- "id": 1,
- "local_port": 0,
- "remote_port": 0,
- "learn": true,
- "descr": "string",
- "vxlanif": "string"
}
], - "vxlan_capable_ifs": [
- {
- "if_device": "string",
- "if_assigned_name": "string"
}
]
}| if_device required | string |
| remote_addr | string |
| ttl | integer |
| id | integer [ 1 .. 16777215 ] |
| local_port | integer |
| remote_port | integer |
| learn | boolean |
| descr | string |
| vxlanif | string |
{- "if_device": "string",
- "remote_addr": "string",
- "ttl": 0,
- "id": 1,
- "local_port": 0,
- "remote_port": 0,
- "learn": true,
- "descr": "string",
- "vxlanif": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| name required | string |
| if_device required | string |
| remote_addr | string |
| ttl | integer |
| id | integer [ 1 .. 16777215 ] |
| local_port | integer |
| remote_port | integer |
| learn | boolean |
| descr | string |
| vxlanif | string |
{- "if_device": "string",
- "remote_addr": "string",
- "ttl": 0,
- "id": 1,
- "local_port": 0,
- "remote_port": 0,
- "learn": true,
- "descr": "string",
- "vxlanif": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "name": "string",
- "if": "string",
- "assigned_name": "string",
- "device_name": "string",
- "identity": "string",
- "enable": true,
- "blockbogons": true,
- "pseudo": true,
- "blockpriv": true,
- "slaacusev4iface": true,
- "descr": "string",
- "type": "string",
- "type6": "string",
- "mtu": 0,
- "mss": 0,
- "pcp": 0,
- "promisc": true,
- "ipaddr": "string",
- "member": "string",
- "media": "string",
- "mac": "string",
- "mediaopt": "string",
- "spoofmac": "string",
- "tag": 0,
- "gateway": "string",
- "ipaddrv6": "string",
- "ipv6usev4iface": true,
- "gatewayv6": "string",
- "alias_address": "string",
- "dhcphostname": "string",
- "dhcprejectfrom": "string",
- "dhcprejectfromarray": [
- "string"
], - "dhcpvlanenable": true,
- "dhcp6usev4iface": true,
- "dhcp6prefixonly": true,
- "dhcp6_ia_pd_send_hint": true,
- "dhcp6debug": true,
- "dhcp6withoutra": true,
- "dhcp6norelease": true,
- "dhcpcvpt": "string",
- "dhcp6cvpt": "string",
- "prefix_6rd": "string",
- "gateway_6rd": "string",
- "dhcp6_ia_pd_len": "string",
- "prefix_6rd_v4plen": "string",
- "track6_interface": "string",
- "track6_prefix_id": "string",
- "adv_dhcp_config_advanced": true,
- "adv_dhcp_config_file_override": true,
- "adv_dhcp_pt_timeout": "string",
- "adv_dhcp_pt_retry": "string",
- "adv_dhcp_pt_select_timeout": "string",
- "adv_dhcp_pt_reboot": "string",
- "adv_dhcp_pt_backoff_cutoff": "string",
- "adv_dhcp_pt_initial_interval": "string",
- "adv_dhcp_pt_values": "string",
- "adv_dhcp_config_file_override_path": "string",
- "adv_dhcp_send_options": "string",
- "adv_dhcp_request_options": "string",
- "adv_dhcp_required_options": "string",
- "adv_dhcp_option_modifiers": "string",
- "adv_dhcp6_config_advanced": true,
- "adv_dhcp6_config_file_override": true,
- "adv_dhcp6_prefix_selected_interface": "string",
- "adv_dhcp6_config_file_override_path": "string",
- "adv_dhcp6_interface_statement_information_only_enable": true,
- "adv_dhcp6_interface_statement_send_options": "string",
- "adv_dhcp6_interface_statement_request_options": "string",
- "adv_dhcp6_interface_statement_script": "string",
- "adv_dhcp6_id_assoc_statement_address_enable": true,
- "adv_dhcp6_id_assoc_statement_address_id": "string",
- "adv_dhcp6_id_assoc_statement_address": "string",
- "adv_dhcp6_id_assoc_statement_address_pltime": "string",
- "adv_dhcp6_id_assoc_statement_address_vltime": "string",
- "adv_dhcp6_id_assoc_statement_prefix_enable": true,
- "adv_dhcp6_id_assoc_statement_prefix_id": "string",
- "adv_dhcp6_id_assoc_statement_prefix": "string",
- "adv_dhcp6_id_assoc_statement_prefix_pltime": "string",
- "adv_dhcp6_id_assoc_statement_prefix_vltime": "string",
- "adv_dhcp6_prefix_interface_statement_sla_id": "string",
- "adv_dhcp6_prefix_interface_statement_sla_len": "string",
- "adv_dhcp6_authentication_statement_authname": "string",
- "adv_dhcp6_authentication_statement_protocol": "string",
- "adv_dhcp6_authentication_statement_algorithm": "string",
- "adv_dhcp6_authentication_statement_rdm": "string",
- "adv_dhcp6_key_info_statement_keyname": "string",
- "adv_dhcp6_key_info_statement_realm": "string",
- "adv_dhcp6_key_info_statement_keyid": "string",
- "adv_dhcp6_key_info_statement_secret": "string",
- "adv_dhcp6_key_info_statement_expire": "string"
}| name | string alias to assigned name |
| if | string alias to device_name |
| assigned_name | string user assigned name, e.g. MYLAN |
| device_name | string host device name, e.g. ix1 |
| identity | string unique identity of device, e.g. opt1 |
| enable | boolean |
| blockbogons | boolean |
| pseudo | boolean |
| blockpriv | boolean |
| slaacusev4iface | boolean |
| descr | string |
| type | string |
| type6 | string |
| mtu | integer |
| mss | integer |
| pcp | integer |
| promisc | boolean |
| ipaddr | string |
| member | string |
| media | string |
| mac | string |
| mediaopt | string |
| spoofmac | string |
| tag | integer |
| gateway | string |
| ipaddrv6 | string |
| ipv6usev4iface | boolean |
| gatewayv6 | string |
| alias_address | string |
| dhcphostname | string |
| dhcprejectfrom | string |
| dhcprejectfromarray | Array of strings |
| dhcpvlanenable | boolean |
| dhcp6usev4iface | boolean |
| dhcp6prefixonly | boolean |
| dhcp6_ia_pd_send_hint | boolean |
| dhcp6debug | boolean |
| dhcp6withoutra | boolean |
| dhcp6norelease | boolean |
| dhcpcvpt | string |
| dhcp6cvpt | string |
| prefix_6rd | string |
| gateway_6rd | string |
| dhcp6_ia_pd_len | string |
| prefix_6rd_v4plen | string |
| track6_interface | string |
| track6_prefix_id | string |
| adv_dhcp_config_advanced | boolean |
| adv_dhcp_config_file_override | boolean |
| adv_dhcp_pt_timeout | string |
| adv_dhcp_pt_retry | string |
| adv_dhcp_pt_select_timeout | string |
| adv_dhcp_pt_reboot | string |
| adv_dhcp_pt_backoff_cutoff | string |
| adv_dhcp_pt_initial_interval | string |
| adv_dhcp_pt_values | string |
| adv_dhcp_config_file_override_path | string |
| adv_dhcp_send_options | string |
| adv_dhcp_request_options | string |
| adv_dhcp_required_options | string |
| adv_dhcp_option_modifiers | string |
| adv_dhcp6_config_advanced | boolean |
| adv_dhcp6_config_file_override | boolean |
| adv_dhcp6_prefix_selected_interface | string |
| adv_dhcp6_config_file_override_path | string |
| adv_dhcp6_interface_statement_information_only_enable | boolean |
| adv_dhcp6_interface_statement_send_options | string |
| adv_dhcp6_interface_statement_request_options | string |
| adv_dhcp6_interface_statement_script | string |
| adv_dhcp6_id_assoc_statement_address_enable | boolean |
| adv_dhcp6_id_assoc_statement_address_id | string |
| adv_dhcp6_id_assoc_statement_address | string |
| adv_dhcp6_id_assoc_statement_address_pltime | string |
| adv_dhcp6_id_assoc_statement_address_vltime | string |
| adv_dhcp6_id_assoc_statement_prefix_enable | boolean |
| adv_dhcp6_id_assoc_statement_prefix_id | string |
| adv_dhcp6_id_assoc_statement_prefix | string |
| adv_dhcp6_id_assoc_statement_prefix_pltime | string |
| adv_dhcp6_id_assoc_statement_prefix_vltime | string |
| adv_dhcp6_prefix_interface_statement_sla_id | string |
| adv_dhcp6_prefix_interface_statement_sla_len | string |
| adv_dhcp6_authentication_statement_authname | string |
| adv_dhcp6_authentication_statement_protocol | string |
| adv_dhcp6_authentication_statement_algorithm | string |
| adv_dhcp6_authentication_statement_rdm | string |
| adv_dhcp6_key_info_statement_keyname | string |
| adv_dhcp6_key_info_statement_realm | string |
| adv_dhcp6_key_info_statement_keyid | string |
| adv_dhcp6_key_info_statement_secret | string |
| adv_dhcp6_key_info_statement_expire | string |
{- "name": "string",
- "if": "string",
- "assigned_name": "string",
- "device_name": "string",
- "identity": "string",
- "enable": true,
- "blockbogons": true,
- "pseudo": true,
- "blockpriv": true,
- "slaacusev4iface": true,
- "descr": "string",
- "type": "string",
- "type6": "string",
- "mtu": 0,
- "mss": 0,
- "pcp": 0,
- "promisc": true,
- "ipaddr": "string",
- "member": "string",
- "media": "string",
- "mac": "string",
- "mediaopt": "string",
- "spoofmac": "string",
- "tag": 0,
- "gateway": "string",
- "ipaddrv6": "string",
- "ipv6usev4iface": true,
- "gatewayv6": "string",
- "alias_address": "string",
- "dhcphostname": "string",
- "dhcprejectfrom": "string",
- "dhcprejectfromarray": [
- "string"
], - "dhcpvlanenable": true,
- "dhcp6usev4iface": true,
- "dhcp6prefixonly": true,
- "dhcp6_ia_pd_send_hint": true,
- "dhcp6debug": true,
- "dhcp6withoutra": true,
- "dhcp6norelease": true,
- "dhcpcvpt": "string",
- "dhcp6cvpt": "string",
- "prefix_6rd": "string",
- "gateway_6rd": "string",
- "dhcp6_ia_pd_len": "string",
- "prefix_6rd_v4plen": "string",
- "track6_interface": "string",
- "track6_prefix_id": "string",
- "adv_dhcp_config_advanced": true,
- "adv_dhcp_config_file_override": true,
- "adv_dhcp_pt_timeout": "string",
- "adv_dhcp_pt_retry": "string",
- "adv_dhcp_pt_select_timeout": "string",
- "adv_dhcp_pt_reboot": "string",
- "adv_dhcp_pt_backoff_cutoff": "string",
- "adv_dhcp_pt_initial_interval": "string",
- "adv_dhcp_pt_values": "string",
- "adv_dhcp_config_file_override_path": "string",
- "adv_dhcp_send_options": "string",
- "adv_dhcp_request_options": "string",
- "adv_dhcp_required_options": "string",
- "adv_dhcp_option_modifiers": "string",
- "adv_dhcp6_config_advanced": true,
- "adv_dhcp6_config_file_override": true,
- "adv_dhcp6_prefix_selected_interface": "string",
- "adv_dhcp6_config_file_override_path": "string",
- "adv_dhcp6_interface_statement_information_only_enable": true,
- "adv_dhcp6_interface_statement_send_options": "string",
- "adv_dhcp6_interface_statement_request_options": "string",
- "adv_dhcp6_interface_statement_script": "string",
- "adv_dhcp6_id_assoc_statement_address_enable": true,
- "adv_dhcp6_id_assoc_statement_address_id": "string",
- "adv_dhcp6_id_assoc_statement_address": "string",
- "adv_dhcp6_id_assoc_statement_address_pltime": "string",
- "adv_dhcp6_id_assoc_statement_address_vltime": "string",
- "adv_dhcp6_id_assoc_statement_prefix_enable": true,
- "adv_dhcp6_id_assoc_statement_prefix_id": "string",
- "adv_dhcp6_id_assoc_statement_prefix": "string",
- "adv_dhcp6_id_assoc_statement_prefix_pltime": "string",
- "adv_dhcp6_id_assoc_statement_prefix_vltime": "string",
- "adv_dhcp6_prefix_interface_statement_sla_id": "string",
- "adv_dhcp6_prefix_interface_statement_sla_len": "string",
- "adv_dhcp6_authentication_statement_authname": "string",
- "adv_dhcp6_authentication_statement_protocol": "string",
- "adv_dhcp6_authentication_statement_algorithm": "string",
- "adv_dhcp6_authentication_statement_rdm": "string",
- "adv_dhcp6_key_info_statement_keyname": "string",
- "adv_dhcp6_key_info_statement_realm": "string",
- "adv_dhcp6_key_info_statement_keyid": "string",
- "adv_dhcp6_key_info_statement_secret": "string",
- "adv_dhcp6_key_info_statement_expire": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "interfaces": [
- {
- "mode": "string",
- "standard": "string",
- "protmode": "string",
- "ssid": "string",
- "channel": "string",
- "authmode": "string",
- "txpower": "string",
- "distance": "string",
- "regdomain": "string",
- "regcountry": "string",
- "reglocation": "string",
- "wpa": {
- "macaddr_acl": "string",
- "wpa_mode": "string",
- "wpa_key_mgmt": "string",
- "wpa_pairwise": "string",
- "wpa_group_rekey": "string",
- "wpa_gmk_rekey": "string",
- "passphrase": "string",
- "ext_wpa_sw": "string"
}, - "auth_server_addr": "string",
- "auth_server_port": "string",
- "auth_server_shared_secret": "string",
- "auth_server_addr2": "string",
- "auth_server_port2": "string",
- "auth_server_shared_secret2": "string",
- "wme": {
- "enable": true
}, - "channel_width": "string"
}
], - "interfacesClone": [
- {
- "clone": {
- "if": "string",
- "mode": "string",
- "descr": "string",
- "cloneif": "string"
}
}
]
}| mode | string |
| standard | string |
| protmode | string |
| ssid | string |
| channel | string |
| authmode | string |
| txpower | string |
| distance | string |
| regdomain | string |
| regcountry | string |
| reglocation | string |
object (WPASetting) | |
| auth_server_addr | string |
| auth_server_port | string |
| auth_server_shared_secret | string |
| auth_server_addr2 | string |
| auth_server_port2 | string |
| auth_server_shared_secret2 | string |
object (WMESetting) | |
| channel_width | string |
{- "mode": "string",
- "standard": "string",
- "protmode": "string",
- "ssid": "string",
- "channel": "string",
- "authmode": "string",
- "txpower": "string",
- "distance": "string",
- "regdomain": "string",
- "regcountry": "string",
- "reglocation": "string",
- "wpa": {
- "macaddr_acl": "string",
- "wpa_mode": "string",
- "wpa_key_mgmt": "string",
- "wpa_pairwise": "string",
- "wpa_group_rekey": "string",
- "wpa_gmk_rekey": "string",
- "passphrase": "string",
- "ext_wpa_sw": "string"
}, - "auth_server_addr": "string",
- "auth_server_port": "string",
- "auth_server_shared_secret": "string",
- "auth_server_addr2": "string",
- "auth_server_port2": "string",
- "auth_server_shared_secret2": "string",
- "wme": {
- "enable": true
}, - "channel_width": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| id required | string |
| mode | string |
| standard | string |
| protmode | string |
| ssid | string |
| channel | string |
| authmode | string |
| txpower | string |
| distance | string |
| regdomain | string |
| regcountry | string |
| reglocation | string |
object (WPASetting) | |
| auth_server_addr | string |
| auth_server_port | string |
| auth_server_shared_secret | string |
| auth_server_addr2 | string |
| auth_server_port2 | string |
| auth_server_shared_secret2 | string |
object (WMESetting) | |
| channel_width | string |
{- "mode": "string",
- "standard": "string",
- "protmode": "string",
- "ssid": "string",
- "channel": "string",
- "authmode": "string",
- "txpower": "string",
- "distance": "string",
- "regdomain": "string",
- "regcountry": "string",
- "reglocation": "string",
- "wpa": {
- "macaddr_acl": "string",
- "wpa_mode": "string",
- "wpa_key_mgmt": "string",
- "wpa_pairwise": "string",
- "wpa_group_rekey": "string",
- "wpa_gmk_rekey": "string",
- "passphrase": "string",
- "ext_wpa_sw": "string"
}, - "auth_server_addr": "string",
- "auth_server_port": "string",
- "auth_server_shared_secret": "string",
- "auth_server_addr2": "string",
- "auth_server_port2": "string",
- "auth_server_shared_secret2": "string",
- "wme": {
- "enable": true
}, - "channel_width": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "name": "string",
- "if": "string",
- "assigned_name": "string",
- "device_name": "string",
- "identity": "string",
- "enable": true,
- "blockbogons": true,
- "pseudo": true,
- "blockpriv": true,
- "slaacusev4iface": true,
- "descr": "string",
- "type": "string",
- "type6": "string",
- "mtu": 0,
- "mss": 0,
- "pcp": 0,
- "promisc": true,
- "ipaddr": "string",
- "member": "string",
- "media": "string",
- "mac": "string",
- "mediaopt": "string",
- "spoofmac": "string",
- "tag": 0,
- "gateway": "string",
- "ipaddrv6": "string",
- "ipv6usev4iface": true,
- "gatewayv6": "string",
- "alias_address": "string",
- "dhcphostname": "string",
- "dhcprejectfrom": "string",
- "dhcprejectfromarray": [
- "string"
], - "dhcpvlanenable": true,
- "dhcp6usev4iface": true,
- "dhcp6prefixonly": true,
- "dhcp6_ia_pd_send_hint": true,
- "dhcp6debug": true,
- "dhcp6withoutra": true,
- "dhcp6norelease": true,
- "dhcpcvpt": "string",
- "dhcp6cvpt": "string",
- "prefix_6rd": "string",
- "gateway_6rd": "string",
- "dhcp6_ia_pd_len": "string",
- "prefix_6rd_v4plen": "string",
- "track6_interface": "string",
- "track6_prefix_id": "string",
- "adv_dhcp_config_advanced": true,
- "adv_dhcp_config_file_override": true,
- "adv_dhcp_pt_timeout": "string",
- "adv_dhcp_pt_retry": "string",
- "adv_dhcp_pt_select_timeout": "string",
- "adv_dhcp_pt_reboot": "string",
- "adv_dhcp_pt_backoff_cutoff": "string",
- "adv_dhcp_pt_initial_interval": "string",
- "adv_dhcp_pt_values": "string",
- "adv_dhcp_config_file_override_path": "string",
- "adv_dhcp_send_options": "string",
- "adv_dhcp_request_options": "string",
- "adv_dhcp_required_options": "string",
- "adv_dhcp_option_modifiers": "string",
- "adv_dhcp6_config_advanced": true,
- "adv_dhcp6_config_file_override": true,
- "adv_dhcp6_prefix_selected_interface": "string",
- "adv_dhcp6_config_file_override_path": "string",
- "adv_dhcp6_interface_statement_information_only_enable": true,
- "adv_dhcp6_interface_statement_send_options": "string",
- "adv_dhcp6_interface_statement_request_options": "string",
- "adv_dhcp6_interface_statement_script": "string",
- "adv_dhcp6_id_assoc_statement_address_enable": true,
- "adv_dhcp6_id_assoc_statement_address_id": "string",
- "adv_dhcp6_id_assoc_statement_address": "string",
- "adv_dhcp6_id_assoc_statement_address_pltime": "string",
- "adv_dhcp6_id_assoc_statement_address_vltime": "string",
- "adv_dhcp6_id_assoc_statement_prefix_enable": true,
- "adv_dhcp6_id_assoc_statement_prefix_id": "string",
- "adv_dhcp6_id_assoc_statement_prefix": "string",
- "adv_dhcp6_id_assoc_statement_prefix_pltime": "string",
- "adv_dhcp6_id_assoc_statement_prefix_vltime": "string",
- "adv_dhcp6_prefix_interface_statement_sla_id": "string",
- "adv_dhcp6_prefix_interface_statement_sla_len": "string",
- "adv_dhcp6_authentication_statement_authname": "string",
- "adv_dhcp6_authentication_statement_protocol": "string",
- "adv_dhcp6_authentication_statement_algorithm": "string",
- "adv_dhcp6_authentication_statement_rdm": "string",
- "adv_dhcp6_key_info_statement_keyname": "string",
- "adv_dhcp6_key_info_statement_realm": "string",
- "adv_dhcp6_key_info_statement_keyid": "string",
- "adv_dhcp6_key_info_statement_secret": "string",
- "adv_dhcp6_key_info_statement_expire": "string"
}| name required | string |
| name | string alias to assigned name |
| if | string alias to device_name |
| assigned_name | string user assigned name, e.g. MYLAN |
| device_name | string host device name, e.g. ix1 |
| identity | string unique identity of device, e.g. opt1 |
| enable | boolean |
| blockbogons | boolean |
| pseudo | boolean |
| blockpriv | boolean |
| slaacusev4iface | boolean |
| descr | string |
| type | string |
| type6 | string |
| mtu | integer |
| mss | integer |
| pcp | integer |
| promisc | boolean |
| ipaddr | string |
| member | string |
| media | string |
| mac | string |
| mediaopt | string |
| spoofmac | string |
| tag | integer |
| gateway | string |
| ipaddrv6 | string |
| ipv6usev4iface | boolean |
| gatewayv6 | string |
| alias_address | string |
| dhcphostname | string |
| dhcprejectfrom | string |
| dhcprejectfromarray | Array of strings |
| dhcpvlanenable | boolean |
| dhcp6usev4iface | boolean |
| dhcp6prefixonly | boolean |
| dhcp6_ia_pd_send_hint | boolean |
| dhcp6debug | boolean |
| dhcp6withoutra | boolean |
| dhcp6norelease | boolean |
| dhcpcvpt | string |
| dhcp6cvpt | string |
| prefix_6rd | string |
| gateway_6rd | string |
| dhcp6_ia_pd_len | string |
| prefix_6rd_v4plen | string |
| track6_interface | string |
| track6_prefix_id | string |
| adv_dhcp_config_advanced | boolean |
| adv_dhcp_config_file_override | boolean |
| adv_dhcp_pt_timeout | string |
| adv_dhcp_pt_retry | string |
| adv_dhcp_pt_select_timeout | string |
| adv_dhcp_pt_reboot | string |
| adv_dhcp_pt_backoff_cutoff | string |
| adv_dhcp_pt_initial_interval | string |
| adv_dhcp_pt_values | string |
| adv_dhcp_config_file_override_path | string |
| adv_dhcp_send_options | string |
| adv_dhcp_request_options | string |
| adv_dhcp_required_options | string |
| adv_dhcp_option_modifiers | string |
| adv_dhcp6_config_advanced | boolean |
| adv_dhcp6_config_file_override | boolean |
| adv_dhcp6_prefix_selected_interface | string |
| adv_dhcp6_config_file_override_path | string |
| adv_dhcp6_interface_statement_information_only_enable | boolean |
| adv_dhcp6_interface_statement_send_options | string |
| adv_dhcp6_interface_statement_request_options | string |
| adv_dhcp6_interface_statement_script | string |
| adv_dhcp6_id_assoc_statement_address_enable | boolean |
| adv_dhcp6_id_assoc_statement_address_id | string |
| adv_dhcp6_id_assoc_statement_address | string |
| adv_dhcp6_id_assoc_statement_address_pltime | string |
| adv_dhcp6_id_assoc_statement_address_vltime | string |
| adv_dhcp6_id_assoc_statement_prefix_enable | boolean |
| adv_dhcp6_id_assoc_statement_prefix_id | string |
| adv_dhcp6_id_assoc_statement_prefix | string |
| adv_dhcp6_id_assoc_statement_prefix_pltime | string |
| adv_dhcp6_id_assoc_statement_prefix_vltime | string |
| adv_dhcp6_prefix_interface_statement_sla_id | string |
| adv_dhcp6_prefix_interface_statement_sla_len | string |
| adv_dhcp6_authentication_statement_authname | string |
| adv_dhcp6_authentication_statement_protocol | string |
| adv_dhcp6_authentication_statement_algorithm | string |
| adv_dhcp6_authentication_statement_rdm | string |
| adv_dhcp6_key_info_statement_keyname | string |
| adv_dhcp6_key_info_statement_realm | string |
| adv_dhcp6_key_info_statement_keyid | string |
| adv_dhcp6_key_info_statement_secret | string |
| adv_dhcp6_key_info_statement_expire | string |
{- "name": "string",
- "if": "string",
- "assigned_name": "string",
- "device_name": "string",
- "identity": "string",
- "enable": true,
- "blockbogons": true,
- "pseudo": true,
- "blockpriv": true,
- "slaacusev4iface": true,
- "descr": "string",
- "type": "string",
- "type6": "string",
- "mtu": 0,
- "mss": 0,
- "pcp": 0,
- "promisc": true,
- "ipaddr": "string",
- "member": "string",
- "media": "string",
- "mac": "string",
- "mediaopt": "string",
- "spoofmac": "string",
- "tag": 0,
- "gateway": "string",
- "ipaddrv6": "string",
- "ipv6usev4iface": true,
- "gatewayv6": "string",
- "alias_address": "string",
- "dhcphostname": "string",
- "dhcprejectfrom": "string",
- "dhcprejectfromarray": [
- "string"
], - "dhcpvlanenable": true,
- "dhcp6usev4iface": true,
- "dhcp6prefixonly": true,
- "dhcp6_ia_pd_send_hint": true,
- "dhcp6debug": true,
- "dhcp6withoutra": true,
- "dhcp6norelease": true,
- "dhcpcvpt": "string",
- "dhcp6cvpt": "string",
- "prefix_6rd": "string",
- "gateway_6rd": "string",
- "dhcp6_ia_pd_len": "string",
- "prefix_6rd_v4plen": "string",
- "track6_interface": "string",
- "track6_prefix_id": "string",
- "adv_dhcp_config_advanced": true,
- "adv_dhcp_config_file_override": true,
- "adv_dhcp_pt_timeout": "string",
- "adv_dhcp_pt_retry": "string",
- "adv_dhcp_pt_select_timeout": "string",
- "adv_dhcp_pt_reboot": "string",
- "adv_dhcp_pt_backoff_cutoff": "string",
- "adv_dhcp_pt_initial_interval": "string",
- "adv_dhcp_pt_values": "string",
- "adv_dhcp_config_file_override_path": "string",
- "adv_dhcp_send_options": "string",
- "adv_dhcp_request_options": "string",
- "adv_dhcp_required_options": "string",
- "adv_dhcp_option_modifiers": "string",
- "adv_dhcp6_config_advanced": true,
- "adv_dhcp6_config_file_override": true,
- "adv_dhcp6_prefix_selected_interface": "string",
- "adv_dhcp6_config_file_override_path": "string",
- "adv_dhcp6_interface_statement_information_only_enable": true,
- "adv_dhcp6_interface_statement_send_options": "string",
- "adv_dhcp6_interface_statement_request_options": "string",
- "adv_dhcp6_interface_statement_script": "string",
- "adv_dhcp6_id_assoc_statement_address_enable": true,
- "adv_dhcp6_id_assoc_statement_address_id": "string",
- "adv_dhcp6_id_assoc_statement_address": "string",
- "adv_dhcp6_id_assoc_statement_address_pltime": "string",
- "adv_dhcp6_id_assoc_statement_address_vltime": "string",
- "adv_dhcp6_id_assoc_statement_prefix_enable": true,
- "adv_dhcp6_id_assoc_statement_prefix_id": "string",
- "adv_dhcp6_id_assoc_statement_prefix": "string",
- "adv_dhcp6_id_assoc_statement_prefix_pltime": "string",
- "adv_dhcp6_id_assoc_statement_prefix_vltime": "string",
- "adv_dhcp6_prefix_interface_statement_sla_id": "string",
- "adv_dhcp6_prefix_interface_statement_sla_len": "string",
- "adv_dhcp6_authentication_statement_authname": "string",
- "adv_dhcp6_authentication_statement_protocol": "string",
- "adv_dhcp6_authentication_statement_algorithm": "string",
- "adv_dhcp6_authentication_statement_rdm": "string",
- "adv_dhcp6_key_info_statement_keyname": "string",
- "adv_dhcp6_key_info_statement_realm": "string",
- "adv_dhcp6_key_info_statement_keyid": "string",
- "adv_dhcp6_key_info_statement_secret": "string",
- "adv_dhcp6_key_info_statement_expire": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}Update an interface's gateway(s). A gateway value which is not provided will not be modified. A gateway with an empty string is set to None. Otherwise, the gateway should already exist and the interface is updated with that value.
| name required | string |
| gateway | string name of IPv4 gateway |
| gatewayv6 | string name of IPv6 gateway |
{- "gateway": "string",
- "gatewayv6": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| authserver | string |
| username | string <byte> |
| password | string <byte> |
| debug | boolean |
{- "authserver": "string",
- "username": "string",
- "password": "string",
- "debug": true
}{- "authtype": "string",
- "groups": [
- "string"
], - "authenticated": true
}| area | string |
| nopkg | boolean |
| norrd | boolean |
| data | boolean |
| ssh | boolean |
| enc | boolean file is encrypted |
| pwd | string password to decrypt file |
| filename | string |
| contents | string |
| reboot | boolean reboot system on applying |
{- "area": "string",
- "nopkg": true,
- "norrd": true,
- "data": true,
- "ssh": true,
- "enc": true,
- "pwd": "string",
- "filename": "string",
- "contents": "string",
- "reboot": true
}{- "errcode": 0,
- "errlevel": "string",
- "errmsg": "string",
- "alerts": {
- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}
}The package manager could fail during the upgrade or restore process, leaving the system with a package-lock dirty state, and prevents other package functions from being usable. Use this function to clear out the lock so that it can be retried.
{- "result": "string"
}{- "errcode": 0,
- "errlevel": "string",
- "errmsg": "string",
- "alerts": {
- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}
}{- "errcode": 0,
- "errlevel": "string",
- "errmsg": "string",
- "alerts": {
- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}
}| cmd | string <byte> |
| timeout | integer number of seconds to wait for command before timing out, default 90, max 300 |
{- "cmd": "string",
- "timeout": 0
}{- "response": "string"
}| filename | string |
| contents | string <byte> |
{- "filename": "string",
- "contents": "string"
}{- "result": "string",
- "location": "string"
}| viewtype | string interpret captured traffic as specified type: default, aodv, carp, cnfp, lmp, pgm, pgm_zmtp1, resp, radius, rpc, rtp, rtcp snmp, tftp, vat, wb, vxlan, zmtp1 |
| detail | string level of detail - normal, medium, high, full |
{- "filename": "string",
- "capture": "string",
- "starttime": "string",
- "endtime": "string",
- "running": true,
- "command": "string",
- "interfaces": [
- {
- "if": "string",
- "name": "string"
}
]
}| action | string start, stop |
| interface | string assigned network interface name |
| promiscuous | boolean |
| count | integer how many packets to capture |
| snaplen | integer packet length |
| detail | string level of detail - normal, medium, high, full |
| viewtype | string interpret captured traffic as specified type: default, aodv, carp, cnfp, lmp, pgm, pgm_zmtp1, resp, radius, rpc, rtp, rtcp snmp, tftp, vat, wb, vxlan, zmtp1 |
| dnsquery | boolean reverse DNS lookup |
object (PacketCaptureFilter) Additional packet capture filter. These are common options for both tagged and untagged filters, with the exception of the vlan_* values which are only used by the tagged_filter. | |
object (PacketCaptureFilter) Additional packet capture filter. These are common options for both tagged and untagged filters, with the exception of the vlan_* values which are only used by the tagged_filter. |
{- "action": "string",
- "interface": "string",
- "promiscuous": true,
- "count": 0,
- "snaplen": 0,
- "detail": "string",
- "viewtype": "string",
- "dnsquery": true,
- "untagged_filter": {
- "exclude": true,
- "vlan_tag_op": "string",
- "vlan_tag": "string",
- "vlan_level": 0,
- "host_addr_op": "string",
- "host_addr": "string",
- "host_mac_op": "string",
- "host_mac": "string",
- "protocol_op": "string",
- "protocol": "string",
- "port_op": "string",
- "port": "string",
- "ether_op": "string",
- "ether": "string"
}, - "tagged_filter": {
- "exclude": true,
- "vlan_tag_op": "string",
- "vlan_tag": "string",
- "vlan_level": 0,
- "host_addr_op": "string",
- "host_addr": "string",
- "host_mac_op": "string",
- "host_mac": "string",
- "protocol_op": "string",
- "protocol": "string",
- "port_op": "string",
- "port": "string",
- "ether_op": "string",
- "ether": "string"
}
}{- "filename": "string",
- "capture": "string",
- "starttime": "string",
- "endtime": "string",
- "running": true,
- "command": "string",
- "interfaces": [
- {
- "if": "string",
- "name": "string"
}
]
}{- "errcode": 0,
- "errlevel": "string",
- "errmsg": "string",
- "alerts": {
- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}
}| host | string host name or address to ping |
| count | integer number of packets to send |
| wait_sec | integer number of seconds between ping packets |
| ipv6 | boolean if hostname is provided, use IPv6 instead of IPv4 |
| source_addr | string local IP address or name of interface to use, default "" (any) |
{- "host": "string",
- "count": 0,
- "wait_sec": 0,
- "ipv6": true,
- "source_addr": "string"
}{- "results": "string"
}{- "ipv4": [
- {
- "dest": "string",
- "gw": "string",
- "flags": "string",
- "uses": "string",
- "mtu": "string",
- "interface": "string",
- "exp": "string"
}
], - "ipv6": [
- {
- "dest": "string",
- "gw": "string",
- "flags": "string",
- "uses": "string",
- "mtu": "string",
- "interface": "string",
- "exp": "string"
}
]
}{- "sockets": {
- "ipv4": [
- {
- "user": "string",
- "command": "string",
- "fd": "string",
- "pid": "string",
- "proto": "string",
- "local": "string",
- "foreign": "string"
}
], - "ipv6": [
- {
- "user": "string",
- "command": "string",
- "fd": "string",
- "pid": "string",
- "proto": "string",
- "local": "string",
- "foreign": "string"
}
]
}
}| interface | string comma separated list of interfaces to retrieve states for |
| filter_str | string expression to use as a filter |
| rule_ids | string comma separated list of rule IDs |
{- "states": [
- {
- "interface": "string",
- "proto": "string",
- "src": "string",
- "dst": "string",
- "display": "string",
- "state": "string",
- "packet": "string",
- "bytes": "string"
}
], - "interfaces": [
- {
- "text": "string",
- "value": "string"
}
], - "msg": "string"
}| srcip | string delete matching source IP |
| dstip | string delete matching destination IP |
| filter_str | string delete states matching the filter, only used if srcip and dstip both not provided |
{- "result": "string"
}Retrieve the list of user-defined alias or system table.
Aliases become Tables when loaded into the active firewall ruleset. The contents displayed on this page reflect the current addresses inside tables used by the firewall.
{- "tables": [
- {
- "table_name": "string",
- "avail_action": "string",
- "action_descr": "string"
}
]
}| table_name required | string |
{- "table_name": "string",
- "last_update": "string",
- "avail_action": "string",
- "action_descr": "string",
- "action_prompt": "string",
- "entries": [
- "string"
], - "entries_removable": true
}| table_name required | string |
| action | string value from available action |
{- "action": "string"
}{- "table_name": "string",
- "last_update": "string",
- "avail_action": "string",
- "action_descr": "string",
- "action_prompt": "string",
- "entries": [
- "string"
], - "entries_removable": true
}| table_name required | string |
| entry required | string |
{- "table_name": "string",
- "last_update": "string",
- "avail_action": "string",
- "action_descr": "string",
- "action_prompt": "string",
- "entries": [
- "string"
], - "entries_removable": true
}| host | string |
| src_port | string |
| src_ip | string |
| port | integer |
| show_text | boolean |
| ip_proto | string |
{- "host": "string",
- "src_port": "string",
- "src_ip": "string",
- "port": 0,
- "show_text": true,
- "ip_proto": "string"
}{- "response": "string"
}| host | string destination host or IP |
| hops | integer maximum hops to trace |
| icmp | boolean use ICMP instead of UDP |
| proto | string IP protocol (ipv4 or ipv6) |
| rev | boolean reverse address lookup |
| src | string source IP, network interface or "any" |
{- "host": "string",
- "hops": 0,
- "icmp": true,
- "proto": "string",
- "rev": true,
- "src": "string"
}{- "results": "string"
}{- "interfacelist": [
- {
- "text": "string",
- "value": "string"
}
], - "rules": [
- {
- "descr": "string",
- "disabled": true,
- "destination": {
- "address": "string",
- "not": true,
- "type": "string"
}, - "id": "string",
- "interface": "string",
- "source": {
- "address": "string",
- "not": true,
- "type": "string"
}
}
]
}| descr | string |
| disabled | boolean |
object (NATNptAddr) | |
| id | string |
| interface | string |
object (NATNptAddr) |
{- "descr": "string",
- "disabled": true,
- "destination": {
- "address": "string",
- "not": true,
- "type": "string"
}, - "id": "string",
- "interface": "string",
- "source": {
- "address": "string",
- "not": true,
- "type": "string"
}
}{- "interfacelist": [
- {
- "text": "string",
- "value": "string"
}
], - "rules": [
- {
- "descr": "string",
- "disabled": true,
- "destination": {
- "address": "string",
- "not": true,
- "type": "string"
}, - "id": "string",
- "interface": "string",
- "source": {
- "address": "string",
- "not": true,
- "type": "string"
}
}
]
}{- "rule": [
- "string"
]
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "destlist": [
- {
- "text": "string",
- "value": "string"
}
], - "interfacelist": [
- {
- "text": "string",
- "value": "string"
}
], - "aliases": [
- {
- "tags": "string",
- "name": "string",
- "address": "string",
- "targets": [
- {
- "name": "string",
- "descr": "string",
- "updatefreq": "string"
}
], - "descr": "string",
- "type": "host",
- "detail": "string",
- "updatefreq": "string",
- "truncated": true,
- "display_values": [
- "string"
]
}
], - "sysaliases": [
- {
- "name": "string",
- "type": "string",
- "descr": "string",
- "address": "string",
- "url": "string",
- "table": "string",
- "if_ident": "string",
- "if_assigned_name": "string",
- "truncated": true,
- "display_values": [
- "string"
]
}
], - "rules": [
- {
- "id": "string",
- "descr": "string",
- "disabled": true,
- "destination": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "external": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "interface": "string",
- "ipprotocol": "string",
- "nobinat": true,
- "source": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}
}
], - "extlist": [
- {
- "text": "string",
- "value": "string"
}
], - "srclist": [
- {
- "text": "string",
- "value": "string"
}
]
}| id | string |
| descr | string |
| disabled | boolean |
object (NATAddrPort) | |
object (NATAddrPort) | |
| interface | string |
| ipprotocol | string |
| nobinat | boolean |
object (NATAddrPort) |
{- "id": "string",
- "descr": "string",
- "disabled": true,
- "destination": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "external": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "interface": "string",
- "ipprotocol": "string",
- "nobinat": true,
- "source": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}
}{- "destlist": [
- {
- "text": "string",
- "value": "string"
}
], - "interfacelist": [
- {
- "text": "string",
- "value": "string"
}
], - "aliases": [
- {
- "tags": "string",
- "name": "string",
- "address": "string",
- "targets": [
- {
- "name": "string",
- "descr": "string",
- "updatefreq": "string"
}
], - "descr": "string",
- "type": "host",
- "detail": "string",
- "updatefreq": "string",
- "truncated": true,
- "display_values": [
- "string"
]
}
], - "sysaliases": [
- {
- "name": "string",
- "type": "string",
- "descr": "string",
- "address": "string",
- "url": "string",
- "table": "string",
- "if_ident": "string",
- "if_assigned_name": "string",
- "truncated": true,
- "display_values": [
- "string"
]
}
], - "rules": [
- {
- "id": "string",
- "descr": "string",
- "disabled": true,
- "destination": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "external": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "interface": "string",
- "ipprotocol": "string",
- "nobinat": true,
- "source": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}
}
], - "extlist": [
- {
- "text": "string",
- "value": "string"
}
], - "srclist": [
- {
- "text": "string",
- "value": "string"
}
]
}{- "rule": [
- "string"
]
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| id required | string |
| rules | Array of strings |
| value | boolean true to disable |
{- "rules": [
- "string"
], - "value": true
}{- "status": {
- "disabled": true,
- "id": "string"
}
}{- "destlist": [
- {
- "text": "string",
- "value": "string"
}
], - "interfacelist": [
- {
- "text": "string",
- "value": "string"
}
], - "locallist": [
- {
- "text": "string",
- "value": "string"
}
], - "mode": "string",
- "aliases": [
- {
- "tags": "string",
- "name": "string",
- "address": "string",
- "targets": [
- {
- "name": "string",
- "descr": "string",
- "updatefreq": "string"
}
], - "descr": "string",
- "type": "host",
- "detail": "string",
- "updatefreq": "string",
- "truncated": true,
- "display_values": [
- "string"
]
}
], - "sysaliases": [
- {
- "name": "string",
- "type": "string",
- "descr": "string",
- "address": "string",
- "url": "string",
- "table": "string",
- "if_ident": "string",
- "if_assigned_name": "string",
- "truncated": true,
- "display_values": [
- "string"
]
}
], - "rules": [
- {
- "created": {
- "time": "string",
- "username": "string"
}, - "descr": "string",
- "disabled": true,
- "destination": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "id": "string",
- "interface": "string",
- "ipprotocol": "string",
- "nonat": true,
- "nosync": true,
- "eimnat": true,
- "protocol": "string",
- "poolopts": "string",
- "source": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "source-hash-key": "string",
- "staticnatport": true,
- "target": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "updated": {
- "time": "string",
- "username": "string"
}
}
], - "automatic_rules": [
- {
- "id": "string",
- "interface": "string",
- "dstport": "string",
- "target": "string",
- "destination": {
- "network": "string",
- "any": true
}, - "dstaddr": "string",
- "source": {
- "network": "string",
- "any": true
}, - "dstany": true,
- "srcany": true,
- "srcaddr": "string",
- "staticnatport": true,
- "descr": "string"
}
], - "srclist": [
- {
- "text": "string",
- "value": "string"
}
]
}object (FWUserTimestamp) | |
| descr | string |
| disabled | boolean |
object (NATAddrPort) | |
| id | string |
| interface | string |
| ipprotocol | string |
| nonat | boolean |
| nosync | boolean |
| eimnat | boolean |
| protocol | string |
| poolopts | string |
object (NATAddrPort) | |
| source-hash-key | string |
| staticnatport | boolean |
object (NATAddrPort) | |
object (FWUserTimestamp) |
{- "created": {
- "time": "string",
- "username": "string"
}, - "descr": "string",
- "disabled": true,
- "destination": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "id": "string",
- "interface": "string",
- "ipprotocol": "string",
- "nonat": true,
- "nosync": true,
- "eimnat": true,
- "protocol": "string",
- "poolopts": "string",
- "source": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "source-hash-key": "string",
- "staticnatport": true,
- "target": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "updated": {
- "time": "string",
- "username": "string"
}
}{- "destlist": [
- {
- "text": "string",
- "value": "string"
}
], - "interfacelist": [
- {
- "text": "string",
- "value": "string"
}
], - "locallist": [
- {
- "text": "string",
- "value": "string"
}
], - "mode": "string",
- "aliases": [
- {
- "tags": "string",
- "name": "string",
- "address": "string",
- "targets": [
- {
- "name": "string",
- "descr": "string",
- "updatefreq": "string"
}
], - "descr": "string",
- "type": "host",
- "detail": "string",
- "updatefreq": "string",
- "truncated": true,
- "display_values": [
- "string"
]
}
], - "sysaliases": [
- {
- "name": "string",
- "type": "string",
- "descr": "string",
- "address": "string",
- "url": "string",
- "table": "string",
- "if_ident": "string",
- "if_assigned_name": "string",
- "truncated": true,
- "display_values": [
- "string"
]
}
], - "rules": [
- {
- "created": {
- "time": "string",
- "username": "string"
}, - "descr": "string",
- "disabled": true,
- "destination": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "id": "string",
- "interface": "string",
- "ipprotocol": "string",
- "nonat": true,
- "nosync": true,
- "eimnat": true,
- "protocol": "string",
- "poolopts": "string",
- "source": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "source-hash-key": "string",
- "staticnatport": true,
- "target": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "updated": {
- "time": "string",
- "username": "string"
}
}
], - "automatic_rules": [
- {
- "id": "string",
- "interface": "string",
- "dstport": "string",
- "target": "string",
- "destination": {
- "network": "string",
- "any": true
}, - "dstaddr": "string",
- "source": {
- "network": "string",
- "any": true
}, - "dstany": true,
- "srcany": true,
- "srcaddr": "string",
- "staticnatport": true,
- "descr": "string"
}
], - "srclist": [
- {
- "text": "string",
- "value": "string"
}
]
}| rule | Array of strings |
{- "rule": [
- "string"
]
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| id required | string |
object (FWUserTimestamp) | |
| descr | string |
| disabled | boolean |
object (NATAddrPort) | |
| id | string |
| interface | string |
| ipprotocol | string |
| nonat | boolean |
| nosync | boolean |
| eimnat | boolean |
| protocol | string |
| poolopts | string |
object (NATAddrPort) | |
| source-hash-key | string |
| staticnatport | boolean |
object (NATAddrPort) | |
object (FWUserTimestamp) |
{- "created": {
- "time": "string",
- "username": "string"
}, - "descr": "string",
- "disabled": true,
- "destination": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "id": "string",
- "interface": "string",
- "ipprotocol": "string",
- "nonat": true,
- "nosync": true,
- "eimnat": true,
- "protocol": "string",
- "poolopts": "string",
- "source": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "source-hash-key": "string",
- "staticnatport": true,
- "target": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "updated": {
- "time": "string",
- "username": "string"
}
}{- "rule": {
- "created": {
- "time": "string",
- "username": "string"
}, - "descr": "string",
- "disabled": true,
- "destination": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "id": "string",
- "interface": "string",
- "ipprotocol": "string",
- "nonat": true,
- "nosync": true,
- "eimnat": true,
- "protocol": "string",
- "poolopts": "string",
- "source": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "source-hash-key": "string",
- "staticnatport": true,
- "target": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "updated": {
- "time": "string",
- "username": "string"
}
}
}{- "destlist": [
- {
- "text": "string",
- "value": "string"
}
], - "interfacelist": [
- {
- "text": "string",
- "value": "string"
}
], - "locallist": [
- {
- "text": "string",
- "value": "string"
}
], - "aliases": [
- {
- "tags": "string",
- "name": "string",
- "address": "string",
- "targets": [
- {
- "name": "string",
- "descr": "string",
- "updatefreq": "string"
}
], - "descr": "string",
- "type": "host",
- "detail": "string",
- "updatefreq": "string",
- "truncated": true,
- "display_values": [
- "string"
]
}
], - "sysaliases": [
- {
- "name": "string",
- "type": "string",
- "descr": "string",
- "address": "string",
- "url": "string",
- "table": "string",
- "if_ident": "string",
- "if_assigned_name": "string",
- "truncated": true,
- "display_values": [
- "string"
]
}
], - "rules": [
- {
- "rule": {
- "id": "string",
- "associated_rule_id": "string",
- "created": {
- "time": "string",
- "username": "string"
}, - "descr": "string",
- "disabled": true,
- "destination": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "filter_rule_association": "string",
- "interface": "string",
- "target": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "natreflection": "string",
- "nordr": true,
- "protocol": "string",
- "ipprotocol": "string",
- "source": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "updated": {
- "time": "string",
- "username": "string"
}, - "nosync": true
}, - "separator": {
- "id": "string",
- "row": "string",
- "text": "string",
- "color": "string",
- "if": "string"
}
}
], - "srclist": [
- {
- "text": "string",
- "value": "string"
}
]
}| id | string |
| associated_rule_id | string |
object (FWUserTimestamp) | |
| descr | string |
| disabled | boolean |
object (NATAddrPort) | |
| filter_rule_association | string |
| interface | string |
object (NATAddrPort) | |
| natreflection | string |
| nordr | boolean |
| protocol | string |
| ipprotocol | string |
object (NATAddrPort) | |
object (FWUserTimestamp) | |
| nosync | boolean |
{- "id": "string",
- "associated_rule_id": "string",
- "created": {
- "time": "string",
- "username": "string"
}, - "descr": "string",
- "disabled": true,
- "destination": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "filter_rule_association": "string",
- "interface": "string",
- "target": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "natreflection": "string",
- "nordr": true,
- "protocol": "string",
- "ipprotocol": "string",
- "source": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "updated": {
- "time": "string",
- "username": "string"
}, - "nosync": true
}{- "destlist": [
- {
- "text": "string",
- "value": "string"
}
], - "interfacelist": [
- {
- "text": "string",
- "value": "string"
}
], - "locallist": [
- {
- "text": "string",
- "value": "string"
}
], - "aliases": [
- {
- "tags": "string",
- "name": "string",
- "address": "string",
- "targets": [
- {
- "name": "string",
- "descr": "string",
- "updatefreq": "string"
}
], - "descr": "string",
- "type": "host",
- "detail": "string",
- "updatefreq": "string",
- "truncated": true,
- "display_values": [
- "string"
]
}
], - "sysaliases": [
- {
- "name": "string",
- "type": "string",
- "descr": "string",
- "address": "string",
- "url": "string",
- "table": "string",
- "if_ident": "string",
- "if_assigned_name": "string",
- "truncated": true,
- "display_values": [
- "string"
]
}
], - "rules": [
- {
- "rule": {
- "id": "string",
- "associated_rule_id": "string",
- "created": {
- "time": "string",
- "username": "string"
}, - "descr": "string",
- "disabled": true,
- "destination": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "filter_rule_association": "string",
- "interface": "string",
- "target": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "natreflection": "string",
- "nordr": true,
- "protocol": "string",
- "ipprotocol": "string",
- "source": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "updated": {
- "time": "string",
- "username": "string"
}, - "nosync": true
}, - "separator": {
- "id": "string",
- "row": "string",
- "text": "string",
- "color": "string",
- "if": "string"
}
}
], - "srclist": [
- {
- "text": "string",
- "value": "string"
}
]
}Array of objects (FWRuleItemOrder) |
{- "entries": [
- {
- "id": "string",
- "rule": true
}
]
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| after | boolean |
| color | string |
| rule | string |
| text | string |
{- "after": true,
- "color": "string",
- "rule": "string",
- "text": "string"
}{- "id": "string",
- "row": "string",
- "text": "string",
- "color": "string",
- "if": "string"
}| id required | string |
| id | string |
| associated_rule_id | string |
object (FWUserTimestamp) | |
| descr | string |
| disabled | boolean |
object (NATAddrPort) | |
| filter_rule_association | string |
| interface | string |
object (NATAddrPort) | |
| natreflection | string |
| nordr | boolean |
| protocol | string |
| ipprotocol | string |
object (NATAddrPort) | |
object (FWUserTimestamp) | |
| nosync | boolean |
{- "id": "string",
- "associated_rule_id": "string",
- "created": {
- "time": "string",
- "username": "string"
}, - "descr": "string",
- "disabled": true,
- "destination": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "filter_rule_association": "string",
- "interface": "string",
- "target": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "natreflection": "string",
- "nordr": true,
- "protocol": "string",
- "ipprotocol": "string",
- "source": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "updated": {
- "time": "string",
- "username": "string"
}, - "nosync": true
}{- "rule": {
- "id": "string",
- "associated_rule_id": "string",
- "created": {
- "time": "string",
- "username": "string"
}, - "descr": "string",
- "disabled": true,
- "destination": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "filter_rule_association": "string",
- "interface": "string",
- "target": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "natreflection": "string",
- "nordr": true,
- "protocol": "string",
- "ipprotocol": "string",
- "source": {
- "address": "string",
- "type": "string",
- "port": "string",
- "not": true
}, - "updated": {
- "time": "string",
- "username": "string"
}, - "nosync": true
}
}{- "options": {
- "enable": true,
- "default": true
}, - "exporters": [
- {
- "id": "string",
- "descr": "string",
- "enable": true,
- "src": "string",
- "srcport": 0,
- "dst": "string",
- "dstport": 0,
- "proto": "string",
- "domain": 0
}
], - "src_ip_address": {
- "property1": "string",
- "property2": "string"
}
}| enable | boolean |
| default | boolean |
{- "enable": true,
- "default": true
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| id | string |
| descr | string |
| enable | boolean |
| src | string |
| srcport | integer |
| dst | string |
| dstport | integer |
| proto | string |
| domain | integer |
{- "id": "string",
- "descr": "string",
- "enable": true,
- "src": "string",
- "srcport": 0,
- "dst": "string",
- "dstport": 0,
- "proto": "string",
- "domain": 0
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| id required | string |
| id | string |
| descr | string |
| enable | boolean |
| src | string |
| srcport | integer |
| dst | string |
| dstport | integer |
| proto | string |
| domain | integer |
{- "id": "string",
- "descr": "string",
- "enable": true,
- "src": "string",
- "srcport": 0,
- "dst": "string",
- "dstport": 0,
- "proto": "string",
- "domain": 0
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "interfaces": [
- "string"
], - "wan": "string",
- "lan": "string",
- "ethernet": true,
- "interface_mappings": {
- "property1": {
- "ident": "string",
- "device": "string",
- "assigned": "string",
- "type": "string"
}, - "property2": {
- "ident": "string",
- "device": "string",
- "assigned": "string",
- "type": "string"
}
}, - "traffic_sources": {
- "property1": "string",
- "property2": "string"
}
}{- "aliases": {
- "property1": {
- "alias_type": "string",
- "label": "string",
- "descr": "string",
- "table": "string",
- "values": [
- "string"
], - "truncated": true
}, - "property2": {
- "alias_type": "string",
- "label": "string",
- "descr": "string",
- "table": "string",
- "values": [
- "string"
], - "truncated": true
}
}, - "nat_interfaces": [
- "string"
], - "entries": [
- {
- "rule": {
- "id": "string",
- "fwids": "string",
- "disabled": true,
- "readonly": true,
- "floating": true,
- "ethernet": true,
- "gateway": "string",
- "tracker": "string",
- "type": "string",
- "interface": "string",
- "ipprotocol": "string",
- "tag": "string",
- "tagged": "string",
- "max": "string",
- "max_src_nodes": "string",
- "max_src_conn": "string",
- "max_src_states": "string",
- "statetimeout": "string",
- "statepolicy": "string",
- "statetype": "string",
- "state": {
- "id": "string",
- "tracker": "string",
- "label": "string",
- "evaluations": 0,
- "packets": 0,
- "bytes": 0,
- "states": 0,
- "pid": 0,
- "state_creations": 0
}, - "os": "string",
- "protocol": "string",
- "direction": "string",
- "quick": true,
- "log": true,
- "dscp": "string",
- "allowopts": true,
- "disablereplyto": true,
- "nottagged": true,
- "pflow": "string",
- "max_src_conn_rate": "string",
- "max_src_conn_rates": "string",
- "tcpflags1": "string",
- "tcpflags2": "string",
- "tcpflags1_struct": {
- "fin": true,
- "syn": true,
- "rst": true,
- "psh": true,
- "ack": true,
- "urg": true,
- "ece": true,
- "cwr": true
}, - "tcpflags2_struct": {
- "fin": true,
- "syn": true,
- "rst": true,
- "psh": true,
- "ack": true,
- "urg": true,
- "ece": true,
- "cwr": true
}, - "tcpflags_any": true,
- "icmptype": "string",
- "nopfsync": true,
- "nosync": true,
- "vlanprio": "string",
- "vlanprioset": "string",
- "dnpipe": "string",
- "pdnpipe": "string",
- "ackqueue": "string",
- "defaultqueue": "string",
- "bridgeto": "string",
- "source": {
- "label": "string",
- "address": "string",
- "network": "string",
- "port": "string",
- "not": true,
- "any": true,
- "alias_id": "string"
}, - "sched": "string",
- "destination": {
- "label": "string",
- "address": "string",
- "network": "string",
- "port": "string",
- "not": true,
- "any": true,
- "alias_id": "string"
}, - "descr": "string",
- "srcmac": "string",
- "dstmac": "string",
- "nat": {
- "enabled": true,
- "source": "string",
- "type": "string"
}, - "updated": {
- "time": "string",
- "username": "string"
}, - "created": {
- "time": "string",
- "username": "string"
}, - "associated_rule_id": "string"
}, - "separator": {
- "id": "string",
- "row": "string",
- "text": "string",
- "color": "string",
- "if": "string"
}
}
], - "schedules": [
- {
- "name": "string",
- "descr": "string"
}
], - "gateways4": [
- {
- "name": "string",
- "descr": "string"
}
], - "gateways6": [
- {
- "name": "string",
- "descr": "string"
}
], - "queues": [
- "string"
], - "limiters": [
- "string"
]
}| interface required | string |
| id | string unique identifier for the rule |
| fwids | string system's identifier(s) for rule in its firewall |
| disabled | boolean |
| readonly | boolean |
| floating | boolean floating rule |
| ethernet | boolean ethernet rule |
| gateway | string |
| tracker | string |
| type | string pass, block, reject (non-ethernet), match (floating) |
| interface | string |
| ipprotocol | string |
| tag | string |
| tagged | string |
| max | string |
| max_src_nodes | string |
| max_src_conn | string |
| max_src_states | string |
| statetimeout | string |
| statepolicy | string "" (global default), if-bound, floating |
| statetype | string |
object (FWRuleState) | |
| os | string |
| protocol | string |
| direction | string |
| quick | boolean |
| log | boolean |
| dscp | string |
| allowopts | boolean |
| disablereplyto | boolean |
| nottagged | boolean |
| pflow | string "" (global default), "enabled", "disabled" |
| max_src_conn_rate | string |
| max_src_conn_rates | string |
| tcpflags1 | string |
| tcpflags2 | string |
object (TCPFlags) | |
object (TCPFlags) | |
| tcpflags_any | boolean |
| icmptype | string |
| nopfsync | boolean |
| nosync | boolean |
| vlanprio | string |
| vlanprioset | string |
| dnpipe | string inbound pipe limiter |
| pdnpipe | string outbound pipe limiter |
| ackqueue | string acknowledgement shaper queue |
| defaultqueue | string default shaper queue |
| bridgeto | string ethernet rule, bridge to interface |
object (FWAddrPort) | |
| sched | string |
object (FWAddrPort) | |
| descr | string |
| srcmac | string source MAC address for ethernet rule |
| dstmac | string destination MAC address for ethernet rule |
object (FWFilterRuleNAT) | |
object (FWUserTimestamp) | |
object (FWUserTimestamp) | |
| associated_rule_id | string |
{- "id": "string",
- "fwids": "string",
- "disabled": true,
- "readonly": true,
- "floating": true,
- "ethernet": true,
- "gateway": "string",
- "tracker": "string",
- "type": "string",
- "interface": "string",
- "ipprotocol": "string",
- "tag": "string",
- "tagged": "string",
- "max": "string",
- "max_src_nodes": "string",
- "max_src_conn": "string",
- "max_src_states": "string",
- "statetimeout": "string",
- "statepolicy": "string",
- "statetype": "string",
- "state": {
- "id": "string",
- "tracker": "string",
- "label": "string",
- "evaluations": 0,
- "packets": 0,
- "bytes": 0,
- "states": 0,
- "pid": 0,
- "state_creations": 0
}, - "os": "string",
- "protocol": "string",
- "direction": "string",
- "quick": true,
- "log": true,
- "dscp": "string",
- "allowopts": true,
- "disablereplyto": true,
- "nottagged": true,
- "pflow": "string",
- "max_src_conn_rate": "string",
- "max_src_conn_rates": "string",
- "tcpflags1": "string",
- "tcpflags2": "string",
- "tcpflags1_struct": {
- "fin": true,
- "syn": true,
- "rst": true,
- "psh": true,
- "ack": true,
- "urg": true,
- "ece": true,
- "cwr": true
}, - "tcpflags2_struct": {
- "fin": true,
- "syn": true,
- "rst": true,
- "psh": true,
- "ack": true,
- "urg": true,
- "ece": true,
- "cwr": true
}, - "tcpflags_any": true,
- "icmptype": "string",
- "nopfsync": true,
- "nosync": true,
- "vlanprio": "string",
- "vlanprioset": "string",
- "dnpipe": "string",
- "pdnpipe": "string",
- "ackqueue": "string",
- "defaultqueue": "string",
- "bridgeto": "string",
- "source": {
- "label": "string",
- "address": "string",
- "network": "string",
- "port": "string",
- "not": true,
- "any": true,
- "alias_id": "string"
}, - "sched": "string",
- "destination": {
- "label": "string",
- "address": "string",
- "network": "string",
- "port": "string",
- "not": true,
- "any": true,
- "alias_id": "string"
}, - "descr": "string",
- "srcmac": "string",
- "dstmac": "string",
- "nat": {
- "enabled": true,
- "source": "string",
- "type": "string"
}, - "updated": {
- "time": "string",
- "username": "string"
}, - "created": {
- "time": "string",
- "username": "string"
}, - "associated_rule_id": "string"
}{- "id": "string",
- "fwids": "string",
- "disabled": true,
- "readonly": true,
- "floating": true,
- "ethernet": true,
- "gateway": "string",
- "tracker": "string",
- "type": "string",
- "interface": "string",
- "ipprotocol": "string",
- "tag": "string",
- "tagged": "string",
- "max": "string",
- "max_src_nodes": "string",
- "max_src_conn": "string",
- "max_src_states": "string",
- "statetimeout": "string",
- "statepolicy": "string",
- "statetype": "string",
- "state": {
- "id": "string",
- "tracker": "string",
- "label": "string",
- "evaluations": 0,
- "packets": 0,
- "bytes": 0,
- "states": 0,
- "pid": 0,
- "state_creations": 0
}, - "os": "string",
- "protocol": "string",
- "direction": "string",
- "quick": true,
- "log": true,
- "dscp": "string",
- "allowopts": true,
- "disablereplyto": true,
- "nottagged": true,
- "pflow": "string",
- "max_src_conn_rate": "string",
- "max_src_conn_rates": "string",
- "tcpflags1": "string",
- "tcpflags2": "string",
- "tcpflags1_struct": {
- "fin": true,
- "syn": true,
- "rst": true,
- "psh": true,
- "ack": true,
- "urg": true,
- "ece": true,
- "cwr": true
}, - "tcpflags2_struct": {
- "fin": true,
- "syn": true,
- "rst": true,
- "psh": true,
- "ack": true,
- "urg": true,
- "ece": true,
- "cwr": true
}, - "tcpflags_any": true,
- "icmptype": "string",
- "nopfsync": true,
- "nosync": true,
- "vlanprio": "string",
- "vlanprioset": "string",
- "dnpipe": "string",
- "pdnpipe": "string",
- "ackqueue": "string",
- "defaultqueue": "string",
- "bridgeto": "string",
- "source": {
- "label": "string",
- "address": "string",
- "network": "string",
- "port": "string",
- "not": true,
- "any": true,
- "alias_id": "string"
}, - "sched": "string",
- "destination": {
- "label": "string",
- "address": "string",
- "network": "string",
- "port": "string",
- "not": true,
- "any": true,
- "alias_id": "string"
}, - "descr": "string",
- "srcmac": "string",
- "dstmac": "string",
- "nat": {
- "enabled": true,
- "source": "string",
- "type": "string"
}, - "updated": {
- "time": "string",
- "username": "string"
}, - "created": {
- "time": "string",
- "username": "string"
}, - "associated_rule_id": "string"
}| interface required | string |
| iface | string |
| rules | Array of strings |
{- "iface": "string",
- "rules": [
- "string"
]
}{- "result": "string"
}| interface required | string |
Array of objects (FWRuleItemOrder) |
{- "entries": [
- {
- "id": "string",
- "rule": true
}
]
}{- "result": "string"
}| interface required | string |
| after | boolean |
| color | string |
| rule | string |
| text | string |
{- "after": true,
- "color": "string",
- "rule": "string",
- "text": "string"
}{- "id": "string",
- "row": "string",
- "text": "string",
- "color": "string",
- "if": "string"
}| interface required | string |
| rules | Array of strings |
| value | boolean true to disable |
{- "rules": [
- "string"
], - "value": true
}{- "result": "string"
}| interface required | string |
| id required | string |
| id | string unique identifier for the rule |
| fwids | string system's identifier(s) for rule in its firewall |
| disabled | boolean |
| readonly | boolean |
| floating | boolean floating rule |
| ethernet | boolean ethernet rule |
| gateway | string |
| tracker | string |
| type | string pass, block, reject (non-ethernet), match (floating) |
| interface | string |
| ipprotocol | string |
| tag | string |
| tagged | string |
| max | string |
| max_src_nodes | string |
| max_src_conn | string |
| max_src_states | string |
| statetimeout | string |
| statepolicy | string "" (global default), if-bound, floating |
| statetype | string |
object (FWRuleState) | |
| os | string |
| protocol | string |
| direction | string |
| quick | boolean |
| log | boolean |
| dscp | string |
| allowopts | boolean |
| disablereplyto | boolean |
| nottagged | boolean |
| pflow | string "" (global default), "enabled", "disabled" |
| max_src_conn_rate | string |
| max_src_conn_rates | string |
| tcpflags1 | string |
| tcpflags2 | string |
object (TCPFlags) | |
object (TCPFlags) | |
| tcpflags_any | boolean |
| icmptype | string |
| nopfsync | boolean |
| nosync | boolean |
| vlanprio | string |
| vlanprioset | string |
| dnpipe | string inbound pipe limiter |
| pdnpipe | string outbound pipe limiter |
| ackqueue | string acknowledgement shaper queue |
| defaultqueue | string default shaper queue |
| bridgeto | string ethernet rule, bridge to interface |
object (FWAddrPort) | |
| sched | string |
object (FWAddrPort) | |
| descr | string |
| srcmac | string source MAC address for ethernet rule |
| dstmac | string destination MAC address for ethernet rule |
object (FWFilterRuleNAT) | |
object (FWUserTimestamp) | |
object (FWUserTimestamp) | |
| associated_rule_id | string |
{- "id": "string",
- "fwids": "string",
- "disabled": true,
- "readonly": true,
- "floating": true,
- "ethernet": true,
- "gateway": "string",
- "tracker": "string",
- "type": "string",
- "interface": "string",
- "ipprotocol": "string",
- "tag": "string",
- "tagged": "string",
- "max": "string",
- "max_src_nodes": "string",
- "max_src_conn": "string",
- "max_src_states": "string",
- "statetimeout": "string",
- "statepolicy": "string",
- "statetype": "string",
- "state": {
- "id": "string",
- "tracker": "string",
- "label": "string",
- "evaluations": 0,
- "packets": 0,
- "bytes": 0,
- "states": 0,
- "pid": 0,
- "state_creations": 0
}, - "os": "string",
- "protocol": "string",
- "direction": "string",
- "quick": true,
- "log": true,
- "dscp": "string",
- "allowopts": true,
- "disablereplyto": true,
- "nottagged": true,
- "pflow": "string",
- "max_src_conn_rate": "string",
- "max_src_conn_rates": "string",
- "tcpflags1": "string",
- "tcpflags2": "string",
- "tcpflags1_struct": {
- "fin": true,
- "syn": true,
- "rst": true,
- "psh": true,
- "ack": true,
- "urg": true,
- "ece": true,
- "cwr": true
}, - "tcpflags2_struct": {
- "fin": true,
- "syn": true,
- "rst": true,
- "psh": true,
- "ack": true,
- "urg": true,
- "ece": true,
- "cwr": true
}, - "tcpflags_any": true,
- "icmptype": "string",
- "nopfsync": true,
- "nosync": true,
- "vlanprio": "string",
- "vlanprioset": "string",
- "dnpipe": "string",
- "pdnpipe": "string",
- "ackqueue": "string",
- "defaultqueue": "string",
- "bridgeto": "string",
- "source": {
- "label": "string",
- "address": "string",
- "network": "string",
- "port": "string",
- "not": true,
- "any": true,
- "alias_id": "string"
}, - "sched": "string",
- "destination": {
- "label": "string",
- "address": "string",
- "network": "string",
- "port": "string",
- "not": true,
- "any": true,
- "alias_id": "string"
}, - "descr": "string",
- "srcmac": "string",
- "dstmac": "string",
- "nat": {
- "enabled": true,
- "source": "string",
- "type": "string"
}, - "updated": {
- "time": "string",
- "username": "string"
}, - "created": {
- "time": "string",
- "username": "string"
}, - "associated_rule_id": "string"
}{- "id": "string",
- "fwids": "string",
- "disabled": true,
- "readonly": true,
- "floating": true,
- "ethernet": true,
- "gateway": "string",
- "tracker": "string",
- "type": "string",
- "interface": "string",
- "ipprotocol": "string",
- "tag": "string",
- "tagged": "string",
- "max": "string",
- "max_src_nodes": "string",
- "max_src_conn": "string",
- "max_src_states": "string",
- "statetimeout": "string",
- "statepolicy": "string",
- "statetype": "string",
- "state": {
- "id": "string",
- "tracker": "string",
- "label": "string",
- "evaluations": 0,
- "packets": 0,
- "bytes": 0,
- "states": 0,
- "pid": 0,
- "state_creations": 0
}, - "os": "string",
- "protocol": "string",
- "direction": "string",
- "quick": true,
- "log": true,
- "dscp": "string",
- "allowopts": true,
- "disablereplyto": true,
- "nottagged": true,
- "pflow": "string",
- "max_src_conn_rate": "string",
- "max_src_conn_rates": "string",
- "tcpflags1": "string",
- "tcpflags2": "string",
- "tcpflags1_struct": {
- "fin": true,
- "syn": true,
- "rst": true,
- "psh": true,
- "ack": true,
- "urg": true,
- "ece": true,
- "cwr": true
}, - "tcpflags2_struct": {
- "fin": true,
- "syn": true,
- "rst": true,
- "psh": true,
- "ack": true,
- "urg": true,
- "ece": true,
- "cwr": true
}, - "tcpflags_any": true,
- "icmptype": "string",
- "nopfsync": true,
- "nosync": true,
- "vlanprio": "string",
- "vlanprioset": "string",
- "dnpipe": "string",
- "pdnpipe": "string",
- "ackqueue": "string",
- "defaultqueue": "string",
- "bridgeto": "string",
- "source": {
- "label": "string",
- "address": "string",
- "network": "string",
- "port": "string",
- "not": true,
- "any": true,
- "alias_id": "string"
}, - "sched": "string",
- "destination": {
- "label": "string",
- "address": "string",
- "network": "string",
- "port": "string",
- "not": true,
- "any": true,
- "alias_id": "string"
}, - "descr": "string",
- "srcmac": "string",
- "dstmac": "string",
- "nat": {
- "enabled": true,
- "source": "string",
- "type": "string"
}, - "updated": {
- "time": "string",
- "username": "string"
}, - "created": {
- "time": "string",
- "username": "string"
}, - "associated_rule_id": "string"
}| interface required | string |
| id required | string |
| after | boolean |
object (FWFilterRule) |
{- "after": true,
- "rule": {
- "id": "string",
- "fwids": "string",
- "disabled": true,
- "readonly": true,
- "floating": true,
- "ethernet": true,
- "gateway": "string",
- "tracker": "string",
- "type": "string",
- "interface": "string",
- "ipprotocol": "string",
- "tag": "string",
- "tagged": "string",
- "max": "string",
- "max_src_nodes": "string",
- "max_src_conn": "string",
- "max_src_states": "string",
- "statetimeout": "string",
- "statepolicy": "string",
- "statetype": "string",
- "state": {
- "id": "string",
- "tracker": "string",
- "label": "string",
- "evaluations": 0,
- "packets": 0,
- "bytes": 0,
- "states": 0,
- "pid": 0,
- "state_creations": 0
}, - "os": "string",
- "protocol": "string",
- "direction": "string",
- "quick": true,
- "log": true,
- "dscp": "string",
- "allowopts": true,
- "disablereplyto": true,
- "nottagged": true,
- "pflow": "string",
- "max_src_conn_rate": "string",
- "max_src_conn_rates": "string",
- "tcpflags1": "string",
- "tcpflags2": "string",
- "tcpflags1_struct": {
- "fin": true,
- "syn": true,
- "rst": true,
- "psh": true,
- "ack": true,
- "urg": true,
- "ece": true,
- "cwr": true
}, - "tcpflags2_struct": {
- "fin": true,
- "syn": true,
- "rst": true,
- "psh": true,
- "ack": true,
- "urg": true,
- "ece": true,
- "cwr": true
}, - "tcpflags_any": true,
- "icmptype": "string",
- "nopfsync": true,
- "nosync": true,
- "vlanprio": "string",
- "vlanprioset": "string",
- "dnpipe": "string",
- "pdnpipe": "string",
- "ackqueue": "string",
- "defaultqueue": "string",
- "bridgeto": "string",
- "source": {
- "label": "string",
- "address": "string",
- "network": "string",
- "port": "string",
- "not": true,
- "any": true,
- "alias_id": "string"
}, - "sched": "string",
- "destination": {
- "label": "string",
- "address": "string",
- "network": "string",
- "port": "string",
- "not": true,
- "any": true,
- "alias_id": "string"
}, - "descr": "string",
- "srcmac": "string",
- "dstmac": "string",
- "nat": {
- "enabled": true,
- "source": "string",
- "type": "string"
}, - "updated": {
- "time": "string",
- "username": "string"
}, - "created": {
- "time": "string",
- "username": "string"
}, - "associated_rule_id": "string"
}
}{- "id": "string",
- "fwids": "string",
- "disabled": true,
- "readonly": true,
- "floating": true,
- "ethernet": true,
- "gateway": "string",
- "tracker": "string",
- "type": "string",
- "interface": "string",
- "ipprotocol": "string",
- "tag": "string",
- "tagged": "string",
- "max": "string",
- "max_src_nodes": "string",
- "max_src_conn": "string",
- "max_src_states": "string",
- "statetimeout": "string",
- "statepolicy": "string",
- "statetype": "string",
- "state": {
- "id": "string",
- "tracker": "string",
- "label": "string",
- "evaluations": 0,
- "packets": 0,
- "bytes": 0,
- "states": 0,
- "pid": 0,
- "state_creations": 0
}, - "os": "string",
- "protocol": "string",
- "direction": "string",
- "quick": true,
- "log": true,
- "dscp": "string",
- "allowopts": true,
- "disablereplyto": true,
- "nottagged": true,
- "pflow": "string",
- "max_src_conn_rate": "string",
- "max_src_conn_rates": "string",
- "tcpflags1": "string",
- "tcpflags2": "string",
- "tcpflags1_struct": {
- "fin": true,
- "syn": true,
- "rst": true,
- "psh": true,
- "ack": true,
- "urg": true,
- "ece": true,
- "cwr": true
}, - "tcpflags2_struct": {
- "fin": true,
- "syn": true,
- "rst": true,
- "psh": true,
- "ack": true,
- "urg": true,
- "ece": true,
- "cwr": true
}, - "tcpflags_any": true,
- "icmptype": "string",
- "nopfsync": true,
- "nosync": true,
- "vlanprio": "string",
- "vlanprioset": "string",
- "dnpipe": "string",
- "pdnpipe": "string",
- "ackqueue": "string",
- "defaultqueue": "string",
- "bridgeto": "string",
- "source": {
- "label": "string",
- "address": "string",
- "network": "string",
- "port": "string",
- "not": true,
- "any": true,
- "alias_id": "string"
}, - "sched": "string",
- "destination": {
- "label": "string",
- "address": "string",
- "network": "string",
- "port": "string",
- "not": true,
- "any": true,
- "alias_id": "string"
}, - "descr": "string",
- "srcmac": "string",
- "dstmac": "string",
- "nat": {
- "enabled": true,
- "source": "string",
- "type": "string"
}, - "updated": {
- "time": "string",
- "username": "string"
}, - "created": {
- "time": "string",
- "username": "string"
}, - "associated_rule_id": "string"
}| id | string |
| name | string |
| descr | string |
Array of objects (FWScheduleRange) | |
| schedlabel | string |
{- "id": "string",
- "name": "string",
- "descr": "string",
- "timerange": [
- {
- "position": "string",
- "month": "string",
- "day": "string",
- "hour": "string",
- "rangedescr": "string"
}
], - "schedlabel": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| id required | string |
| id | string |
| name | string |
| descr | string |
Array of objects (FWScheduleRange) | |
| schedlabel | string |
{- "id": "string",
- "name": "string",
- "descr": "string",
- "timerange": [
- {
- "position": "string",
- "month": "string",
- "day": "string",
- "hour": "string",
- "rangedescr": "string"
}
], - "schedlabel": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "altq": [
- {
- "enabled": true,
- "if_ident": "string",
- "name": "string",
- "scheduler": "HFSC",
- "bandwidth": "string",
- "bandwidthtype": "Kb",
- "if_assigned_name": "string",
- "qlimit": 0,
- "tbrsize": 0,
- "queue": [
- {
- "enabled": true,
- "name": "string",
- "if_ident": "string",
- "priority": 0,
- "qlimit": 0,
- "description": "string",
- "default": true,
- "red": true,
- "rio": true,
- "ecn": true,
- "codel": true,
- "bandwidth": "string",
- "bandwidthtype": "Kb",
- "upperlimit": true,
- "upperlimit_m1": "string",
- "upperlimit_d": "string",
- "upperlimit_m2": "string",
- "realtime": true,
- "realtime_m1": "string",
- "realtime_d": "string",
- "realtime_m2": "string",
- "linkshare": true,
- "linkshare_m1": "string",
- "linkshare_d": "string",
- "linkshare_m2": "string",
- "borrow": true,
- "buckets": 0,
- "hogs": "string",
- "queue": [
- { }
]
}
]
}
], - "altq_capable_ifs": [
- {
- "if_ident": "string",
- "if_device": "string",
- "if_assigned_name": "string"
}
], - "limiter": [
- {
- "enabled": true,
- "name": "string",
- "number": 0,
- "bandwidth": [
- {
- "bw": 0,
- "bwscale": "string",
- "bwsched": "string"
}
], - "mask": "none",
- "maskbits": 1,
- "maskbitsv6": 1,
- "description": "string",
- "aqm": "droptail",
- "param_codel_target": "string",
- "param_codel_interval": "string",
- "param_pie_target": "string",
- "param_pie_tupdate": "string",
- "param_pie_alpha": "string",
- "param_pie_beta": "string",
- "param_pie_max_burst": "string",
- "param_pie_max_ecnth": "string",
- "param_red_w_q": "string",
- "param_red_min_th": "string",
- "param_red_max_th": "string",
- "param_red_max_p": "string",
- "param_gred_w_q": "string",
- "param_gred_min_th": "string",
- "param_gred_max_th": "string",
- "param_gred_max_p": "string",
- "sched": "wf2q+",
- "param_fq_codel_target": "string",
- "param_fq_codel_interval": "string",
- "param_fq_codel_quantum": "string",
- "param_fq_codel_limit": "string",
- "param_fq_codel_flows": "string",
- "param_fq_pie_target": "string",
- "param_fq_pie_tupdate": "string",
- "param_fq_pie_alpha": "string",
- "param_fq_pie_beta": "string",
- "param_fq_pie_max_burst": "string",
- "param_fq_pie_max_ecnth": "string",
- "param_fq_pie_quantum": "string",
- "param_fq_pie_limit": "string",
- "param_fq_pie_flows": "string",
- "ecn": true,
- "pie_onoff": true,
- "pie_capdrop": true,
- "pie_qdelay": true,
- "pie_pderand": true,
- "qlimit": 0,
- "delay": 0,
- "plr": 0.1,
- "buckets": 0,
- "queue": [
- {
- "enabled": true,
- "name": "string",
- "number": 0,
- "mask": "none",
- "maskbits": 1,
- "maskbitsv6": 1,
- "description": "string",
- "aqm": "droptail",
- "param_codel_target": "string",
- "param_codel_interval": "string",
- "param_pie_target": "string",
- "param_pie_tupdate": "string",
- "param_pie_alpha": "string",
- "param_pie_beta": "string",
- "param_pie_max_burst": "string",
- "param_pie_max_ecnth": "string",
- "param_red_w_q": "string",
- "param_red_min_th": "string",
- "param_red_max_th": "string",
- "param_red_max_p": "string",
- "param_gred_w_q": "string",
- "param_gred_min_th": "string",
- "param_gred_max_th": "string",
- "param_gred_max_p": "string",
- "ecn": true,
- "pie_onoff": true,
- "pie_capdrop": true,
- "pie_qdelay": true,
- "pie_pderand": true,
- "qlimit": 0,
- "weight": 0,
- "plr": 0.1,
- "buckets": 0
}
]
}
]
}{- "altq": [
- {
- "enabled": true,
- "if_ident": "string",
- "name": "string",
- "scheduler": "HFSC",
- "bandwidth": "string",
- "bandwidthtype": "Kb",
- "if_assigned_name": "string",
- "qlimit": 0,
- "tbrsize": 0,
- "queue": [
- {
- "enabled": true,
- "name": "string",
- "if_ident": "string",
- "priority": 0,
- "qlimit": 0,
- "description": "string",
- "default": true,
- "red": true,
- "rio": true,
- "ecn": true,
- "codel": true,
- "bandwidth": "string",
- "bandwidthtype": "Kb",
- "upperlimit": true,
- "upperlimit_m1": "string",
- "upperlimit_d": "string",
- "upperlimit_m2": "string",
- "realtime": true,
- "realtime_m1": "string",
- "realtime_d": "string",
- "realtime_m2": "string",
- "linkshare": true,
- "linkshare_m1": "string",
- "linkshare_d": "string",
- "linkshare_m2": "string",
- "borrow": true,
- "buckets": 0,
- "hogs": "string",
- "queue": [
- { }
]
}
]
}
]
}| enabled | boolean |
| if_ident required | string identity of the interface for this traffic shaper (root queue) |
| name | string generated by system when create altq root queue |
| scheduler required | string Enum: "HFSC" "CBQ" "FAIRQ" "CODELQ" "PRIQ" scheduler type valid values = HFSC, CBQ, FAIRQ, CODELQ, PRIQ |
| bandwidth required | string the amount of bandwidth available on this interface in the outbound direction |
| bandwidthtype required | string Enum: "Kb" "Mb" "Gb" "b" "%" units for the bandwidth valid value = Kb, Mb, Gb, b, % |
| if_assigned_name | string human-readable display name of the interface (from interface description) |
| qlimit | integer the number of packets that can be held in a queue waiting to be transmitted by the shaper, default size is 50 |
| tbrsize | integer adjusts the size, in bytes, of the token bucket regulator |
Array of objects (ALTQChildQueue) |
{- "enabled": true,
- "if_ident": "string",
- "name": "string",
- "scheduler": "HFSC",
- "bandwidth": "string",
- "bandwidthtype": "Kb",
- "if_assigned_name": "string",
- "qlimit": 0,
- "tbrsize": 0,
- "queue": [
- {
- "enabled": true,
- "name": "string",
- "if_ident": "string",
- "priority": 0,
- "qlimit": 0,
- "description": "string",
- "default": true,
- "red": true,
- "rio": true,
- "ecn": true,
- "codel": true,
- "bandwidth": "string",
- "bandwidthtype": "Kb",
- "upperlimit": true,
- "upperlimit_m1": "string",
- "upperlimit_d": "string",
- "upperlimit_m2": "string",
- "realtime": true,
- "realtime_m1": "string",
- "realtime_d": "string",
- "realtime_m2": "string",
- "linkshare": true,
- "linkshare_m1": "string",
- "linkshare_d": "string",
- "linkshare_m2": "string",
- "borrow": true,
- "buckets": 0,
- "hogs": "string",
- "queue": [
- { }
]
}
]
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| name required | string |
| enabled | boolean |
| if_ident required | string identity of the interface for this traffic shaper (root queue) |
| name | string generated by system when create altq root queue |
| scheduler required | string Enum: "HFSC" "CBQ" "FAIRQ" "CODELQ" "PRIQ" scheduler type valid values = HFSC, CBQ, FAIRQ, CODELQ, PRIQ |
| bandwidth required | string the amount of bandwidth available on this interface in the outbound direction |
| bandwidthtype required | string Enum: "Kb" "Mb" "Gb" "b" "%" units for the bandwidth valid value = Kb, Mb, Gb, b, % |
| if_assigned_name | string human-readable display name of the interface (from interface description) |
| qlimit | integer the number of packets that can be held in a queue waiting to be transmitted by the shaper, default size is 50 |
| tbrsize | integer adjusts the size, in bytes, of the token bucket regulator |
Array of objects (ALTQChildQueue) |
{- "enabled": true,
- "if_ident": "string",
- "name": "string",
- "scheduler": "HFSC",
- "bandwidth": "string",
- "bandwidthtype": "Kb",
- "if_assigned_name": "string",
- "qlimit": 0,
- "tbrsize": 0,
- "queue": [
- {
- "enabled": true,
- "name": "string",
- "if_ident": "string",
- "priority": 0,
- "qlimit": 0,
- "description": "string",
- "default": true,
- "red": true,
- "rio": true,
- "ecn": true,
- "codel": true,
- "bandwidth": "string",
- "bandwidthtype": "Kb",
- "upperlimit": true,
- "upperlimit_m1": "string",
- "upperlimit_d": "string",
- "upperlimit_m2": "string",
- "realtime": true,
- "realtime_m1": "string",
- "realtime_d": "string",
- "realtime_m2": "string",
- "linkshare": true,
- "linkshare_m1": "string",
- "linkshare_d": "string",
- "linkshare_m2": "string",
- "borrow": true,
- "buckets": 0,
- "hogs": "string",
- "queue": [
- { }
]
}
]
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| name required | string |
| parentname required | string |
| enabled | boolean |
| name required | string name of the queue, do not use spaces and limit the size to 15 characters |
| if_ident | string generated by system when create altq child queue |
| priority | integer (for CBQ, FAIRQ, and PRIQ scheduler only) CBQ and FAIRQ 0-7 (default is 1), PRIQ 0-15 queues with a higher priority are preferred in the case of overload |
| qlimit | integer queue limit in packets |
| description | string |
| default | boolean set this queue as the default |
| red | boolean random early detection, a method to avoid congestion on a link |
| rio | boolean random early detection in and out, enables red with in/out |
| ecn | boolean explicit congestion notification, it allows sending of control messages that will throttle connections if both ends support ecn |
| codel | boolean a flag to mark this queue as being the active queue for the codel shaper discipline |
| bandwidth | string (for HFSC, CBQ, and FAIRQ scheduler only) the amount of bandwidth for this queue |
| bandwidthtype | string Enum: "Kb" "Mb" "Gb" "b" "%" (for HFSC, CBQ, and FAIRQ scheduler only) units for the bandwidth valid value = Kb, Mb, Gb, b, % |
| upperlimit | boolean (for HFSC scheduler only) max bandwidth for queue |
| upperlimit_m1 | string (for HFSC scheduler only) burstable bandwidth limit |
| upperlimit_d | string (for HFSC scheduler only) time limit for bandwidth burst, in milliseconds |
| upperlimit_m2 | string (for HFSC scheduler only) normal bandwidth limit |
| realtime | boolean (for HFSC scheduler only) min bandwidth for queue |
| realtime_m1 | string (for HFSC scheduler only) burstable bandwidth limit |
| realtime_d | string (for HFSC scheduler only) time limit for bandwidth burst, in milliseconds |
| realtime_m2 | string (for HFSC scheduler only) normal bandwidth limit |
| linkshare | boolean (for HFSC scheduler only) bandwidth share of a backlogged queue |
| linkshare_m1 | string (for HFSC scheduler only) burstable bandwidth limit |
| linkshare_d | string (for HFSC scheduler only) time limit for bandwidth burst, in milliseconds |
| linkshare_m2 | string (for HFSC scheduler only) normal bandwidth limit |
| borrow | boolean (for CBQ scheduler CBQ only) borrow from other queues when available |
| buckets | integer (for FAIRQ scheduler only) number of buckets available |
| hogs | string (for FAIRQ scheduler only) bandwidth limit for hosts to not saturate link |
| queue | Array of objects (ALTQChildQueue) |
{- "enabled": true,
- "name": "string",
- "if_ident": "string",
- "priority": 0,
- "qlimit": 0,
- "description": "string",
- "default": true,
- "red": true,
- "rio": true,
- "ecn": true,
- "codel": true,
- "bandwidth": "string",
- "bandwidthtype": "Kb",
- "upperlimit": true,
- "upperlimit_m1": "string",
- "upperlimit_d": "string",
- "upperlimit_m2": "string",
- "realtime": true,
- "realtime_m1": "string",
- "realtime_d": "string",
- "realtime_m2": "string",
- "linkshare": true,
- "linkshare_m1": "string",
- "linkshare_d": "string",
- "linkshare_m2": "string",
- "borrow": true,
- "buckets": 0,
- "hogs": "string",
- "queue": [
- { }
]
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| name required | string |
| parentname required | string |
| qname required | string |
| enabled | boolean |
| name required | string name of the queue, do not use spaces and limit the size to 15 characters |
| if_ident | string generated by system when create altq child queue |
| priority | integer (for CBQ, FAIRQ, and PRIQ scheduler only) CBQ and FAIRQ 0-7 (default is 1), PRIQ 0-15 queues with a higher priority are preferred in the case of overload |
| qlimit | integer queue limit in packets |
| description | string |
| default | boolean set this queue as the default |
| red | boolean random early detection, a method to avoid congestion on a link |
| rio | boolean random early detection in and out, enables red with in/out |
| ecn | boolean explicit congestion notification, it allows sending of control messages that will throttle connections if both ends support ecn |
| codel | boolean a flag to mark this queue as being the active queue for the codel shaper discipline |
| bandwidth | string (for HFSC, CBQ, and FAIRQ scheduler only) the amount of bandwidth for this queue |
| bandwidthtype | string Enum: "Kb" "Mb" "Gb" "b" "%" (for HFSC, CBQ, and FAIRQ scheduler only) units for the bandwidth valid value = Kb, Mb, Gb, b, % |
| upperlimit | boolean (for HFSC scheduler only) max bandwidth for queue |
| upperlimit_m1 | string (for HFSC scheduler only) burstable bandwidth limit |
| upperlimit_d | string (for HFSC scheduler only) time limit for bandwidth burst, in milliseconds |
| upperlimit_m2 | string (for HFSC scheduler only) normal bandwidth limit |
| realtime | boolean (for HFSC scheduler only) min bandwidth for queue |
| realtime_m1 | string (for HFSC scheduler only) burstable bandwidth limit |
| realtime_d | string (for HFSC scheduler only) time limit for bandwidth burst, in milliseconds |
| realtime_m2 | string (for HFSC scheduler only) normal bandwidth limit |
| linkshare | boolean (for HFSC scheduler only) bandwidth share of a backlogged queue |
| linkshare_m1 | string (for HFSC scheduler only) burstable bandwidth limit |
| linkshare_d | string (for HFSC scheduler only) time limit for bandwidth burst, in milliseconds |
| linkshare_m2 | string (for HFSC scheduler only) normal bandwidth limit |
| borrow | boolean (for CBQ scheduler CBQ only) borrow from other queues when available |
| buckets | integer (for FAIRQ scheduler only) number of buckets available |
| hogs | string (for FAIRQ scheduler only) bandwidth limit for hosts to not saturate link |
| queue | Array of objects (ALTQChildQueue) |
{- "enabled": true,
- "name": "string",
- "if_ident": "string",
- "priority": 0,
- "qlimit": 0,
- "description": "string",
- "default": true,
- "red": true,
- "rio": true,
- "ecn": true,
- "codel": true,
- "bandwidth": "string",
- "bandwidthtype": "Kb",
- "upperlimit": true,
- "upperlimit_m1": "string",
- "upperlimit_d": "string",
- "upperlimit_m2": "string",
- "realtime": true,
- "realtime_m1": "string",
- "realtime_d": "string",
- "realtime_m2": "string",
- "linkshare": true,
- "linkshare_m1": "string",
- "linkshare_d": "string",
- "linkshare_m2": "string",
- "borrow": true,
- "buckets": 0,
- "hogs": "string",
- "queue": [
- { }
]
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| name required | string |
| parentname required | string |
| qname required | string |
{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "limiter": [
- {
- "enabled": true,
- "name": "string",
- "number": 0,
- "bandwidth": [
- {
- "bw": 0,
- "bwscale": "string",
- "bwsched": "string"
}
], - "mask": "none",
- "maskbits": 1,
- "maskbitsv6": 1,
- "description": "string",
- "aqm": "droptail",
- "param_codel_target": "string",
- "param_codel_interval": "string",
- "param_pie_target": "string",
- "param_pie_tupdate": "string",
- "param_pie_alpha": "string",
- "param_pie_beta": "string",
- "param_pie_max_burst": "string",
- "param_pie_max_ecnth": "string",
- "param_red_w_q": "string",
- "param_red_min_th": "string",
- "param_red_max_th": "string",
- "param_red_max_p": "string",
- "param_gred_w_q": "string",
- "param_gred_min_th": "string",
- "param_gred_max_th": "string",
- "param_gred_max_p": "string",
- "sched": "wf2q+",
- "param_fq_codel_target": "string",
- "param_fq_codel_interval": "string",
- "param_fq_codel_quantum": "string",
- "param_fq_codel_limit": "string",
- "param_fq_codel_flows": "string",
- "param_fq_pie_target": "string",
- "param_fq_pie_tupdate": "string",
- "param_fq_pie_alpha": "string",
- "param_fq_pie_beta": "string",
- "param_fq_pie_max_burst": "string",
- "param_fq_pie_max_ecnth": "string",
- "param_fq_pie_quantum": "string",
- "param_fq_pie_limit": "string",
- "param_fq_pie_flows": "string",
- "ecn": true,
- "pie_onoff": true,
- "pie_capdrop": true,
- "pie_qdelay": true,
- "pie_pderand": true,
- "qlimit": 0,
- "delay": 0,
- "plr": 0.1,
- "buckets": 0,
- "queue": [
- {
- "enabled": true,
- "name": "string",
- "number": 0,
- "mask": "none",
- "maskbits": 1,
- "maskbitsv6": 1,
- "description": "string",
- "aqm": "droptail",
- "param_codel_target": "string",
- "param_codel_interval": "string",
- "param_pie_target": "string",
- "param_pie_tupdate": "string",
- "param_pie_alpha": "string",
- "param_pie_beta": "string",
- "param_pie_max_burst": "string",
- "param_pie_max_ecnth": "string",
- "param_red_w_q": "string",
- "param_red_min_th": "string",
- "param_red_max_th": "string",
- "param_red_max_p": "string",
- "param_gred_w_q": "string",
- "param_gred_min_th": "string",
- "param_gred_max_th": "string",
- "param_gred_max_p": "string",
- "ecn": true,
- "pie_onoff": true,
- "pie_capdrop": true,
- "pie_qdelay": true,
- "pie_pderand": true,
- "qlimit": 0,
- "weight": 0,
- "plr": 0.1,
- "buckets": 0
}
]
}
]
}| enabled | boolean |
| name required | string name of the limiter, it will appear for selection on firewall rules |
| number | integer generated by system when create limiter |
Array of objects (LimiterBandwidth) | |
| mask | string Enum: "none" "srcaddress" "dstaddress" controls how the limiter will mask addresses in the limiter valid values = none, srcaddress, dstaddress |
| maskbits | integer [ 1 .. 32 ] address masking for ipv4 |
| maskbitsv6 | integer [ 1 .. 128 ] address masking for ipv6 |
| description | string |
| aqm | string Enum: "droptail" "codel" "pie" "red" "gred" active queue management (AQM) algorithm valid values = droptail, codel, pie, red, gred |
| param_codel_target | string (for aqm=codel only) codel target delay in ms (set to "" to use default value) |
| param_codel_interval | string (for aqm=codel only) codel interval in ms (set to "" to use default value) |
| param_pie_target | string (for aqm=pie only) target delay in ms (set to "" to use default value) |
| param_pie_tupdate | string (for aqm=pie only) interval in ms (set to "" to use default value) |
| param_pie_alpha | string (for aqm=pie only) alpha (set to "" to use default value) |
| param_pie_beta | string (for aqm=pie only) beta (set to "" to use default value) |
| param_pie_max_burst | string (for aqm=pie only) max burst (set to "" to use default value) |
| param_pie_max_ecnth | string (for aqm=pie only) max ecnth (set to "" to use default value) |
| param_red_w_q | string (for aqm=red only) w_q (set to "" to use default value) |
| param_red_min_th | string (for aqm=red only) min_th (set to "" to use default value) |
| param_red_max_th | string (for aqm=red only) max_th (set to "" to use default value) |
| param_red_max_p | string (for aqm=red only) max_p (set to "" to use default value) |
| param_gred_w_q | string (for aqm=gred only) w_q (set to "" to use default value) |
| param_gred_min_th | string (for aqm=gred only) min_th (set to "" to use default value) |
| param_gred_max_th | string (for aqm=gred only) max_th (set to "" to use default value) |
| param_gred_max_p | string (for aqm=gred only) max_p (set to "" to use default value) |
| sched | string Enum: "wf2q+" "fifo" "qfq" "rr" "prio" "fq_codel" "fq_pie" scheduler manages the sequence of network packets in the limiter's queue valid values = wf2q+, fifo, qfq, rr, prio, fq_codel, fq_pie |
| param_fq_codel_target | string (for sched=fq_codel only) target delay in ms (set to "" to use default value) |
| param_fq_codel_interval | string (for sched=fq_codel only) interval in ms (set to "" to use default value) |
| param_fq_codel_quantum | string (for sched=fq_codel only) quantum (set to "" to use default value) |
| param_fq_codel_limit | string (for sched=fq_codel only) limit (set to "" to use default value) |
| param_fq_codel_flows | string (for sched=fq_codel only) flows (set to "" to use default value) |
| param_fq_pie_target | string (for sched=fq_pie only) target delay in ms (set to "" to use default value) |
| param_fq_pie_tupdate | string (for sched=fq_pie only) interval in ms (set to "" to use default value) |
| param_fq_pie_alpha | string (for sched=fq_pie only) alpha (set to "" to use default value) |
| param_fq_pie_beta | string (for sched=fq_pie only) beta (set to "" to use default value) |
| param_fq_pie_max_burst | string (for sched=fq_pie only) max burst (set to "" to use default value) |
| param_fq_pie_max_ecnth | string (for sched=fq_pie only) max ecnth (set to "" to use default value) |
| param_fq_pie_quantum | string (for sched=fq_pie only) quantum (set to "" to use default value) |
| param_fq_pie_limit | string (for sched=fq_pie only) limit (set to "" to use default value) |
| param_fq_pie_flows | string (for sched=fq_pie only) flows (set to "" to use default value) |
| ecn | boolean (for sched=fq_codel or fq_pie only) explicit congestion notification |
| pie_onoff | boolean (for sched=fq_pie only) turning pie on and off depending on queue load |
| pie_capdrop | boolean (for sched=fq_pie only) cap drop adjustment |
| pie_qdelay | boolean (for sched=fq_pie only) set queue delay type to timestamps (true) or departure rate estimation (false) |
| pie_pderand | boolean (for sched=fq_pie only) drop probability de-randomisation |
| qlimit | integer specifies the length of the limiter's queue, which the scheduler and AQM are responsible for |
| delay | integer introduces an artificial delay (latency), specified in milliseconds |
| plr | number <float> packet loss rate can be configured to drop a certain fraction of packets that enter the limiter valid value between 0 and 1 a value of 0.001 means one packet in 1000 gets dropped |
| buckets | integer bucket Size, specified in slots, sets the size of the hash table used for queue storage |
Array of objects (LimiterQueue) |
{- "enabled": true,
- "name": "string",
- "number": 0,
- "bandwidth": [
- {
- "bw": 0,
- "bwscale": "string",
- "bwsched": "string"
}
], - "mask": "none",
- "maskbits": 1,
- "maskbitsv6": 1,
- "description": "string",
- "aqm": "droptail",
- "param_codel_target": "string",
- "param_codel_interval": "string",
- "param_pie_target": "string",
- "param_pie_tupdate": "string",
- "param_pie_alpha": "string",
- "param_pie_beta": "string",
- "param_pie_max_burst": "string",
- "param_pie_max_ecnth": "string",
- "param_red_w_q": "string",
- "param_red_min_th": "string",
- "param_red_max_th": "string",
- "param_red_max_p": "string",
- "param_gred_w_q": "string",
- "param_gred_min_th": "string",
- "param_gred_max_th": "string",
- "param_gred_max_p": "string",
- "sched": "wf2q+",
- "param_fq_codel_target": "string",
- "param_fq_codel_interval": "string",
- "param_fq_codel_quantum": "string",
- "param_fq_codel_limit": "string",
- "param_fq_codel_flows": "string",
- "param_fq_pie_target": "string",
- "param_fq_pie_tupdate": "string",
- "param_fq_pie_alpha": "string",
- "param_fq_pie_beta": "string",
- "param_fq_pie_max_burst": "string",
- "param_fq_pie_max_ecnth": "string",
- "param_fq_pie_quantum": "string",
- "param_fq_pie_limit": "string",
- "param_fq_pie_flows": "string",
- "ecn": true,
- "pie_onoff": true,
- "pie_capdrop": true,
- "pie_qdelay": true,
- "pie_pderand": true,
- "qlimit": 0,
- "delay": 0,
- "plr": 0.1,
- "buckets": 0,
- "queue": [
- {
- "enabled": true,
- "name": "string",
- "number": 0,
- "mask": "none",
- "maskbits": 1,
- "maskbitsv6": 1,
- "description": "string",
- "aqm": "droptail",
- "param_codel_target": "string",
- "param_codel_interval": "string",
- "param_pie_target": "string",
- "param_pie_tupdate": "string",
- "param_pie_alpha": "string",
- "param_pie_beta": "string",
- "param_pie_max_burst": "string",
- "param_pie_max_ecnth": "string",
- "param_red_w_q": "string",
- "param_red_min_th": "string",
- "param_red_max_th": "string",
- "param_red_max_p": "string",
- "param_gred_w_q": "string",
- "param_gred_min_th": "string",
- "param_gred_max_th": "string",
- "param_gred_max_p": "string",
- "ecn": true,
- "pie_onoff": true,
- "pie_capdrop": true,
- "pie_qdelay": true,
- "pie_pderand": true,
- "qlimit": 0,
- "weight": 0,
- "plr": 0.1,
- "buckets": 0
}
]
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| name required | string |
| enabled | boolean |
| name required | string name of the limiter, it will appear for selection on firewall rules |
| number | integer generated by system when create limiter |
Array of objects (LimiterBandwidth) | |
| mask | string Enum: "none" "srcaddress" "dstaddress" controls how the limiter will mask addresses in the limiter valid values = none, srcaddress, dstaddress |
| maskbits | integer [ 1 .. 32 ] address masking for ipv4 |
| maskbitsv6 | integer [ 1 .. 128 ] address masking for ipv6 |
| description | string |
| aqm | string Enum: "droptail" "codel" "pie" "red" "gred" active queue management (AQM) algorithm valid values = droptail, codel, pie, red, gred |
| param_codel_target | string (for aqm=codel only) codel target delay in ms (set to "" to use default value) |
| param_codel_interval | string (for aqm=codel only) codel interval in ms (set to "" to use default value) |
| param_pie_target | string (for aqm=pie only) target delay in ms (set to "" to use default value) |
| param_pie_tupdate | string (for aqm=pie only) interval in ms (set to "" to use default value) |
| param_pie_alpha | string (for aqm=pie only) alpha (set to "" to use default value) |
| param_pie_beta | string (for aqm=pie only) beta (set to "" to use default value) |
| param_pie_max_burst | string (for aqm=pie only) max burst (set to "" to use default value) |
| param_pie_max_ecnth | string (for aqm=pie only) max ecnth (set to "" to use default value) |
| param_red_w_q | string (for aqm=red only) w_q (set to "" to use default value) |
| param_red_min_th | string (for aqm=red only) min_th (set to "" to use default value) |
| param_red_max_th | string (for aqm=red only) max_th (set to "" to use default value) |
| param_red_max_p | string (for aqm=red only) max_p (set to "" to use default value) |
| param_gred_w_q | string (for aqm=gred only) w_q (set to "" to use default value) |
| param_gred_min_th | string (for aqm=gred only) min_th (set to "" to use default value) |
| param_gred_max_th | string (for aqm=gred only) max_th (set to "" to use default value) |
| param_gred_max_p | string (for aqm=gred only) max_p (set to "" to use default value) |
| sched | string Enum: "wf2q+" "fifo" "qfq" "rr" "prio" "fq_codel" "fq_pie" scheduler manages the sequence of network packets in the limiter's queue valid values = wf2q+, fifo, qfq, rr, prio, fq_codel, fq_pie |
| param_fq_codel_target | string (for sched=fq_codel only) target delay in ms (set to "" to use default value) |
| param_fq_codel_interval | string (for sched=fq_codel only) interval in ms (set to "" to use default value) |
| param_fq_codel_quantum | string (for sched=fq_codel only) quantum (set to "" to use default value) |
| param_fq_codel_limit | string (for sched=fq_codel only) limit (set to "" to use default value) |
| param_fq_codel_flows | string (for sched=fq_codel only) flows (set to "" to use default value) |
| param_fq_pie_target | string (for sched=fq_pie only) target delay in ms (set to "" to use default value) |
| param_fq_pie_tupdate | string (for sched=fq_pie only) interval in ms (set to "" to use default value) |
| param_fq_pie_alpha | string (for sched=fq_pie only) alpha (set to "" to use default value) |
| param_fq_pie_beta | string (for sched=fq_pie only) beta (set to "" to use default value) |
| param_fq_pie_max_burst | string (for sched=fq_pie only) max burst (set to "" to use default value) |
| param_fq_pie_max_ecnth | string (for sched=fq_pie only) max ecnth (set to "" to use default value) |
| param_fq_pie_quantum | string (for sched=fq_pie only) quantum (set to "" to use default value) |
| param_fq_pie_limit | string (for sched=fq_pie only) limit (set to "" to use default value) |
| param_fq_pie_flows | string (for sched=fq_pie only) flows (set to "" to use default value) |
| ecn | boolean (for sched=fq_codel or fq_pie only) explicit congestion notification |
| pie_onoff | boolean (for sched=fq_pie only) turning pie on and off depending on queue load |
| pie_capdrop | boolean (for sched=fq_pie only) cap drop adjustment |
| pie_qdelay | boolean (for sched=fq_pie only) set queue delay type to timestamps (true) or departure rate estimation (false) |
| pie_pderand | boolean (for sched=fq_pie only) drop probability de-randomisation |
| qlimit | integer specifies the length of the limiter's queue, which the scheduler and AQM are responsible for |
| delay | integer introduces an artificial delay (latency), specified in milliseconds |
| plr | number <float> packet loss rate can be configured to drop a certain fraction of packets that enter the limiter valid value between 0 and 1 a value of 0.001 means one packet in 1000 gets dropped |
| buckets | integer bucket Size, specified in slots, sets the size of the hash table used for queue storage |
Array of objects (LimiterQueue) |
{- "enabled": true,
- "name": "string",
- "number": 0,
- "bandwidth": [
- {
- "bw": 0,
- "bwscale": "string",
- "bwsched": "string"
}
], - "mask": "none",
- "maskbits": 1,
- "maskbitsv6": 1,
- "description": "string",
- "aqm": "droptail",
- "param_codel_target": "string",
- "param_codel_interval": "string",
- "param_pie_target": "string",
- "param_pie_tupdate": "string",
- "param_pie_alpha": "string",
- "param_pie_beta": "string",
- "param_pie_max_burst": "string",
- "param_pie_max_ecnth": "string",
- "param_red_w_q": "string",
- "param_red_min_th": "string",
- "param_red_max_th": "string",
- "param_red_max_p": "string",
- "param_gred_w_q": "string",
- "param_gred_min_th": "string",
- "param_gred_max_th": "string",
- "param_gred_max_p": "string",
- "sched": "wf2q+",
- "param_fq_codel_target": "string",
- "param_fq_codel_interval": "string",
- "param_fq_codel_quantum": "string",
- "param_fq_codel_limit": "string",
- "param_fq_codel_flows": "string",
- "param_fq_pie_target": "string",
- "param_fq_pie_tupdate": "string",
- "param_fq_pie_alpha": "string",
- "param_fq_pie_beta": "string",
- "param_fq_pie_max_burst": "string",
- "param_fq_pie_max_ecnth": "string",
- "param_fq_pie_quantum": "string",
- "param_fq_pie_limit": "string",
- "param_fq_pie_flows": "string",
- "ecn": true,
- "pie_onoff": true,
- "pie_capdrop": true,
- "pie_qdelay": true,
- "pie_pderand": true,
- "qlimit": 0,
- "delay": 0,
- "plr": 0.1,
- "buckets": 0,
- "queue": [
- {
- "enabled": true,
- "name": "string",
- "number": 0,
- "mask": "none",
- "maskbits": 1,
- "maskbitsv6": 1,
- "description": "string",
- "aqm": "droptail",
- "param_codel_target": "string",
- "param_codel_interval": "string",
- "param_pie_target": "string",
- "param_pie_tupdate": "string",
- "param_pie_alpha": "string",
- "param_pie_beta": "string",
- "param_pie_max_burst": "string",
- "param_pie_max_ecnth": "string",
- "param_red_w_q": "string",
- "param_red_min_th": "string",
- "param_red_max_th": "string",
- "param_red_max_p": "string",
- "param_gred_w_q": "string",
- "param_gred_min_th": "string",
- "param_gred_max_th": "string",
- "param_gred_max_p": "string",
- "ecn": true,
- "pie_onoff": true,
- "pie_capdrop": true,
- "pie_qdelay": true,
- "pie_pderand": true,
- "qlimit": 0,
- "weight": 0,
- "plr": 0.1,
- "buckets": 0
}
]
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| name required | string |
| enabled | boolean |
| name required | string name of the limiter, it will appear for selection on firewall rules |
| number | integer generated by system when create limiter queue |
| mask | string Enum: "none" "srcaddress" "dstaddress" controls how the limiter will mask addresses in the queue valid values = none, srcaddress, dstaddress |
| maskbits | integer [ 1 .. 32 ] address masking for ipv4 |
| maskbitsv6 | integer [ 1 .. 128 ] address masking for ipv6 |
| description | string |
| aqm | string Enum: "droptail" "codel" "pie" "red" "gred" active queue management (AQM) algorithm valid values = droptail, codel, pie, red, gred |
| param_codel_target | string (for aqm=codel only) codel target delay in ms (set to "" to use default value) |
| param_codel_interval | string (for aqm=codel only) codel interval in ms (set to "" to use default value) |
| param_pie_target | string (for aqm=pie only) target delay in ms (set to "" to use default value) |
| param_pie_tupdate | string (for aqm=pie only) interval in ms (set to "" to use default value) |
| param_pie_alpha | string (for aqm=pie only) alpha (set to "" to use default value) |
| param_pie_beta | string (for aqm=pie only) beta (set to "" to use default value) |
| param_pie_max_burst | string (for aqm=pie only) max burst (set to "" to use default value) |
| param_pie_max_ecnth | string (for aqm=pie only) max ecnth (set to "" to use default value) |
| param_red_w_q | string (for aqm=red only) w_q (set to "" to use default value) |
| param_red_min_th | string (for aqm=red only) min_th (set to "" to use default value) |
| param_red_max_th | string (for aqm=red only) max_th (set to "" to use default value) |
| param_red_max_p | string (for aqm=red only) max_p (set to "" to use default value) |
| param_gred_w_q | string (for aqm=gred only) w_q (set to "" to use default value) |
| param_gred_min_th | string (for aqm=gred only) min_th (set to "" to use default value) |
| param_gred_max_th | string (for aqm=gred only) max_th (set to "" to use default value) |
| param_gred_max_p | string (for aqm=gred only) max_p (set to "" to use default value) |
| ecn | boolean (for aqm=codel, pie, red, or gred only) explicit congestion notification |
| pie_onoff | boolean (for aqm=pie only) turning pie on and off depending on queue load |
| pie_capdrop | boolean (for aqm=pie only) cap drop adjustment |
| pie_qdelay | boolean (for aqm=pie only) set queue delay type to timestamps (true) or departure rate estimation (false) |
| pie_pderand | boolean (for aqm=pie only) drop probability de-randomisation |
| qlimit | integer specifies the length of this queue, which the AQM is responsible for |
| weight | integer this value can range from 1 to 100, higher values give more precedence to packets in a given queue |
| plr | number <float> packet loss rate can be configured to drop a certain fraction of packets that enter the limiter valid value between 0 and 1 a value of 0.001 means one packet in 1000 gets dropped |
| buckets | integer bucket Size, specified in slots, sets the size of the hash table used for queue storage |
{- "enabled": true,
- "name": "string",
- "number": 0,
- "mask": "none",
- "maskbits": 1,
- "maskbitsv6": 1,
- "description": "string",
- "aqm": "droptail",
- "param_codel_target": "string",
- "param_codel_interval": "string",
- "param_pie_target": "string",
- "param_pie_tupdate": "string",
- "param_pie_alpha": "string",
- "param_pie_beta": "string",
- "param_pie_max_burst": "string",
- "param_pie_max_ecnth": "string",
- "param_red_w_q": "string",
- "param_red_min_th": "string",
- "param_red_max_th": "string",
- "param_red_max_p": "string",
- "param_gred_w_q": "string",
- "param_gred_min_th": "string",
- "param_gred_max_th": "string",
- "param_gred_max_p": "string",
- "ecn": true,
- "pie_onoff": true,
- "pie_capdrop": true,
- "pie_qdelay": true,
- "pie_pderand": true,
- "qlimit": 0,
- "weight": 0,
- "plr": 0.1,
- "buckets": 0
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| name required | string |
| qname required | string |
| enabled | boolean |
| name required | string name of the limiter, it will appear for selection on firewall rules |
| number | integer generated by system when create limiter queue |
| mask | string Enum: "none" "srcaddress" "dstaddress" controls how the limiter will mask addresses in the queue valid values = none, srcaddress, dstaddress |
| maskbits | integer [ 1 .. 32 ] address masking for ipv4 |
| maskbitsv6 | integer [ 1 .. 128 ] address masking for ipv6 |
| description | string |
| aqm | string Enum: "droptail" "codel" "pie" "red" "gred" active queue management (AQM) algorithm valid values = droptail, codel, pie, red, gred |
| param_codel_target | string (for aqm=codel only) codel target delay in ms (set to "" to use default value) |
| param_codel_interval | string (for aqm=codel only) codel interval in ms (set to "" to use default value) |
| param_pie_target | string (for aqm=pie only) target delay in ms (set to "" to use default value) |
| param_pie_tupdate | string (for aqm=pie only) interval in ms (set to "" to use default value) |
| param_pie_alpha | string (for aqm=pie only) alpha (set to "" to use default value) |
| param_pie_beta | string (for aqm=pie only) beta (set to "" to use default value) |
| param_pie_max_burst | string (for aqm=pie only) max burst (set to "" to use default value) |
| param_pie_max_ecnth | string (for aqm=pie only) max ecnth (set to "" to use default value) |
| param_red_w_q | string (for aqm=red only) w_q (set to "" to use default value) |
| param_red_min_th | string (for aqm=red only) min_th (set to "" to use default value) |
| param_red_max_th | string (for aqm=red only) max_th (set to "" to use default value) |
| param_red_max_p | string (for aqm=red only) max_p (set to "" to use default value) |
| param_gred_w_q | string (for aqm=gred only) w_q (set to "" to use default value) |
| param_gred_min_th | string (for aqm=gred only) min_th (set to "" to use default value) |
| param_gred_max_th | string (for aqm=gred only) max_th (set to "" to use default value) |
| param_gred_max_p | string (for aqm=gred only) max_p (set to "" to use default value) |
| ecn | boolean (for aqm=codel, pie, red, or gred only) explicit congestion notification |
| pie_onoff | boolean (for aqm=pie only) turning pie on and off depending on queue load |
| pie_capdrop | boolean (for aqm=pie only) cap drop adjustment |
| pie_qdelay | boolean (for aqm=pie only) set queue delay type to timestamps (true) or departure rate estimation (false) |
| pie_pderand | boolean (for aqm=pie only) drop probability de-randomisation |
| qlimit | integer specifies the length of this queue, which the AQM is responsible for |
| weight | integer this value can range from 1 to 100, higher values give more precedence to packets in a given queue |
| plr | number <float> packet loss rate can be configured to drop a certain fraction of packets that enter the limiter valid value between 0 and 1 a value of 0.001 means one packet in 1000 gets dropped |
| buckets | integer bucket Size, specified in slots, sets the size of the hash table used for queue storage |
{- "enabled": true,
- "name": "string",
- "number": 0,
- "mask": "none",
- "maskbits": 1,
- "maskbitsv6": 1,
- "description": "string",
- "aqm": "droptail",
- "param_codel_target": "string",
- "param_codel_interval": "string",
- "param_pie_target": "string",
- "param_pie_tupdate": "string",
- "param_pie_alpha": "string",
- "param_pie_beta": "string",
- "param_pie_max_burst": "string",
- "param_pie_max_ecnth": "string",
- "param_red_w_q": "string",
- "param_red_min_th": "string",
- "param_red_max_th": "string",
- "param_red_max_p": "string",
- "param_gred_w_q": "string",
- "param_gred_min_th": "string",
- "param_gred_max_th": "string",
- "param_gred_max_p": "string",
- "ecn": true,
- "pie_onoff": true,
- "pie_capdrop": true,
- "pie_qdelay": true,
- "pie_pderand": true,
- "qlimit": 0,
- "weight": 0,
- "plr": 0.1,
- "buckets": 0
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "virtualips": [
- {
- "mode": "string",
- "interface": "string",
- "vhid": 0,
- "advskew": 0,
- "advbase": 0,
- "password": "string",
- "password_confirm": "string",
- "uniqid": "string",
- "descr": "string",
- "subnet": "string",
- "id": "string",
- "carp_mode": "string",
- "carp_peer": "string"
}
], - "interfaces": [
- {
- "text": "string",
- "value": "string"
}
]
}| mode | string |
| interface | string |
| vhid | integer |
| advskew | integer |
| advbase | integer |
| password | string |
| password_confirm | string |
| uniqid | string |
| descr | string |
| subnet | string |
| id | string |
| carp_mode | string |
| carp_peer | string |
{- "mode": "string",
- "interface": "string",
- "vhid": 0,
- "advskew": 0,
- "advbase": 0,
- "password": "string",
- "password_confirm": "string",
- "uniqid": "string",
- "descr": "string",
- "subnet": "string",
- "id": "string",
- "carp_mode": "string",
- "carp_peer": "string"
}{- "id": "string"
}| id required | string |
| mode | string |
| interface | string |
| vhid | integer |
| advskew | integer |
| advbase | integer |
| password | string |
| password_confirm | string |
| uniqid | string |
| descr | string |
| subnet | string |
| id | string |
| carp_mode | string |
| carp_peer | string |
{- "mode": "string",
- "interface": "string",
- "vhid": 0,
- "advskew": 0,
- "advbase": 0,
- "password": "string",
- "password_confirm": "string",
- "uniqid": "string",
- "descr": "string",
- "subnet": "string",
- "id": "string",
- "carp_mode": "string",
- "carp_peer": "string"
}{- "id": "string"
}The Controller Summary payload which is provided to a remote pfSense device to store in its configuration and is used for it establish a MIM VPN connection to the controller.
{- "mode_active": true,
- "name": "string",
- "key": "string",
- "vpn_pubkey": "string",
- "vpn_listenaddr": "string",
- "vpn_address": "string",
- "vpn_prefix": "string",
- "vpn_netkey": "string"
}| detailed | boolean |
{- "device_pubkey": "string",
- "controllers": [
- {
- "name": "string",
- "key": "string",
- "cert": "string",
- "vpn_listenaddr": "string",
- "vpn_address": "string",
- "vpn_pubkey": "string",
- "vpn_netkey": "string",
- "vpn_prefix": "string",
- "tag": "string",
- "noise_secret": "string",
- "device_pubkey": "string",
- "device_vpn": {
- "vpn_listenaddr": "string",
- "vpn_address": "string",
- "vpn_pubkey": "string",
- "vpn_netkey": "string",
- "vpn_prefix": "string",
- "vpn_state": "string",
- "vpn_conn_start": 0,
- "vpn_conn_stop": 0,
- "vpn_conn_attempt": 0
}
}
]
}Adding the controller will initiate a Netgard connection to it. The device will continue to issue a connection request every 10 seconds while the Controller has not added the device to its configuration.
| name | string |
| key | string |
| cert | string |
| vpn_listenaddr | string |
| vpn_address | string |
| vpn_pubkey | string |
| vpn_netkey | string |
| vpn_prefix | string |
| oldkey | string |
| regentokens | boolean |
{- "name": "string",
- "key": "string",
- "cert": "string",
- "vpn_listenaddr": "string",
- "vpn_address": "string",
- "vpn_pubkey": "string",
- "vpn_netkey": "string",
- "vpn_prefix": "string",
- "oldkey": "string",
- "regentokens": true
}{- "name": "string",
- "key": "string",
- "cert": "string",
- "vpn_listenaddr": "string",
- "vpn_address": "string",
- "vpn_pubkey": "string",
- "vpn_netkey": "string",
- "vpn_prefix": "string",
- "tag": "string",
- "noise_secret": "string",
- "device_pubkey": "string",
- "device_vpn": {
- "vpn_listenaddr": "string",
- "vpn_address": "string",
- "vpn_pubkey": "string",
- "vpn_netkey": "string",
- "vpn_prefix": "string",
- "vpn_state": "string",
- "vpn_conn_start": 0,
- "vpn_conn_stop": 0,
- "vpn_conn_attempt": 0
}
}{- "name": "string",
- "key": "string",
- "cert": "string",
- "vpn_listenaddr": "string",
- "vpn_address": "string",
- "vpn_pubkey": "string",
- "vpn_netkey": "string",
- "vpn_prefix": "string",
- "tag": "string",
- "noise_secret": "string",
- "device_pubkey": "string",
- "device_vpn": {
- "vpn_listenaddr": "string",
- "vpn_address": "string",
- "vpn_pubkey": "string",
- "vpn_netkey": "string",
- "vpn_prefix": "string",
- "vpn_state": "string",
- "vpn_conn_start": 0,
- "vpn_conn_stop": 0,
- "vpn_conn_attempt": 0
}
}Get the required information for the MiM controller to manage this device. It includes this device's public keys for API Noise handshaking and VPN connection.
{- "name": "string",
- "alias": "string",
- "device_type": "string",
- "type": "string",
- "pubkey": "string",
- "address": "string",
- "vpn_pubkey": "string",
- "vpn_address": "string",
- "vpn_prefix": "string",
- "vpn_netkey": "string",
- "vpn_listenaddr": "string",
- "tags": [
- "string"
], - "devinfo": {
- "hostname": "string",
- "uptime": 0,
- "network_ports": [
- {
- "name": "string",
- "identity": "string",
- "device": "string",
- "assigned": "string",
- "link_speed": 0,
- "phy_speed": 0,
- "state": "string",
- "vlan": 0,
- "device_info": "string",
- "is_physical": true,
- "is_switchport": true,
- "addresses": [
- "string"
], - "label": "string"
}
], - "services": [
- {
- "type": "string",
- "name": "string",
- "enabled": true
}
], - "product": "string",
- "product_version": "string",
- "product_build": "string",
- "os_name": "string",
- "os_version": "string",
- "cpu": "string",
- "cpu_usage": 0,
- "memory": 0,
- "memory_usage": 0,
- "disk_usage": 0,
- "model": "string",
- "vendor": "string",
- "serial": "string",
- "hw_uuid": "string",
- "gateways": [
- "string"
], - "license": {
- "id": "string",
- "expiration": "string",
- "expired": true,
- "features": [
- {
- "name": "string",
- "value": "string",
- "source": "string",
- "stop": 0
}
]
}
}, - "controller_add": "string"
}The ED25519 public key set to the device is used for secure Noise handshaking
between the controller and the device to ensure the establish trust. The public
key part is exported in the DeviceIdentity structure and is what should be
updated on the controller when this device's key is changed.
This function is intended to be used on the device to change its ED25519 public key.
| keytype | string |
| privkey | string |
| pubkey | string |
{- "keytype": "string",
- "privkey": "string",
- "pubkey": "string"
}{- "keytype": "string",
- "privkey": "string",
- "pubkey": "string"
}{- "devices": [
- {
- "name": "string",
- "alias": "string",
- "device_id": "string",
- "device_type": "string",
- "device_key": "string",
- "tags": [
- "string"
], - "address": "string",
- "address6": "string",
- "gateways": [
- "string"
], - "primary_auth": "string",
- "auth": {
- "vpn_pubkey": "string",
- "vpn_address": "string",
- "vpn_listenaddr": "string",
- "cert": "string"
}, - "controller": {
- "pubkey": "string",
- "vpn_ep_address": "string",
- "vpn_addr": "string"
}, - "mim_path": [
- "string"
], - "mim_depth": 0,
- "mim_devices": 0,
- "state": "string",
- "added_ts": 0,
- "added": "string",
- "device_cert": "string",
- "sys_info": {
- "hostname": "string",
- "uptime": 0,
- "network_ports": [
- {
- "name": "string",
- "identity": "string",
- "device": "string",
- "assigned": "string",
- "link_speed": 0,
- "phy_speed": 0,
- "state": "string",
- "vlan": 0,
- "device_info": "string",
- "is_physical": true,
- "is_switchport": true,
- "addresses": [
- "string"
], - "label": "string"
}
], - "services": [
- {
- "type": "string",
- "name": "string",
- "enabled": true
}
], - "product": "string",
- "product_version": "string",
- "product_build": "string",
- "os_name": "string",
- "os_version": "string",
- "cpu": "string",
- "cpu_usage": 0,
- "memory": 0,
- "memory_usage": 0,
- "disk_usage": 0,
- "model": "string",
- "vendor": "string",
- "serial": "string",
- "hw_uuid": "string",
- "gateways": [
- "string"
], - "license": {
- "id": "string",
- "expiration": "string",
- "expired": true,
- "features": [
- {
- "name": "string",
- "value": "string",
- "source": "string",
- "stop": 0
}
]
}
}
}
]
}| name | string name of device |
| alias | string another alias for the device |
| device_type | string device type, eg pfsense |
| type | string alias to device_type |
| pubkey | string public key identity of device |
| address | string device's API URL, e.g. https://0.0.0.0:8443 |
| vpn_pubkey | string VPN public key |
| vpn_address | string MIM VPN address |
| vpn_prefix | string MIM VPN address subnet |
| vpn_netkey | string MIM VPN netkey |
| vpn_listenaddr | string MIM listening address:port |
| tags | Array of strings |
object (ControlledDeviceInfo) Additional information about the device | |
| controller_add | string API command that can be used to add the device to the controller |
{- "name": "string",
- "alias": "string",
- "device_type": "string",
- "type": "string",
- "pubkey": "string",
- "address": "string",
- "vpn_pubkey": "string",
- "vpn_address": "string",
- "vpn_prefix": "string",
- "vpn_netkey": "string",
- "vpn_listenaddr": "string",
- "tags": [
- "string"
], - "devinfo": {
- "hostname": "string",
- "uptime": 0,
- "network_ports": [
- {
- "name": "string",
- "identity": "string",
- "device": "string",
- "assigned": "string",
- "link_speed": 0,
- "phy_speed": 0,
- "state": "string",
- "vlan": 0,
- "device_info": "string",
- "is_physical": true,
- "is_switchport": true,
- "addresses": [
- "string"
], - "label": "string"
}
], - "services": [
- {
- "type": "string",
- "name": "string",
- "enabled": true
}
], - "product": "string",
- "product_version": "string",
- "product_build": "string",
- "os_name": "string",
- "os_version": "string",
- "cpu": "string",
- "cpu_usage": 0,
- "memory": 0,
- "memory_usage": 0,
- "disk_usage": 0,
- "model": "string",
- "vendor": "string",
- "serial": "string",
- "hw_uuid": "string",
- "gateways": [
- "string"
], - "license": {
- "id": "string",
- "expiration": "string",
- "expired": true,
- "features": [
- {
- "name": "string",
- "value": "string",
- "source": "string",
- "stop": 0
}
]
}
}, - "controller_add": "string"
}{- "name": "string",
- "alias": "string",
- "device_id": "string",
- "device_type": "string",
- "tags": [
- "string"
], - "address": "string",
- "address6": "string",
- "primary_auth": "string",
- "auth": {
- "vpn_pubkey": "string",
- "vpn_address": "string",
- "vpn_listenaddr": "string",
- "cert": "string"
}, - "state": "string",
- "device_cert": "string",
- "device_key": "string",
- "device_info": {
- "hostname": "string",
- "uptime": 0,
- "network_ports": [
- {
- "name": "string",
- "identity": "string",
- "device": "string",
- "assigned": "string",
- "link_speed": 0,
- "phy_speed": 0,
- "state": "string",
- "vlan": 0,
- "device_info": "string",
- "is_physical": true,
- "is_switchport": true,
- "addresses": [
- "string"
], - "label": "string"
}
], - "services": [
- {
- "type": "string",
- "name": "string",
- "enabled": true
}
], - "product": "string",
- "product_version": "string",
- "product_build": "string",
- "os_name": "string",
- "os_version": "string",
- "cpu": "string",
- "cpu_usage": 0,
- "memory": 0,
- "memory_usage": 0,
- "disk_usage": 0,
- "model": "string",
- "vendor": "string",
- "serial": "string",
- "hw_uuid": "string",
- "gateways": [
- "string"
], - "license": {
- "id": "string",
- "expiration": "string",
- "expired": true,
- "features": [
- {
- "name": "string",
- "value": "string",
- "source": "string",
- "stop": 0
}
]
}
}
}| name | string |
| key | string |
| cert | string |
| ca_cert | string |
object (ControlledDeviceCertOptions) |
{- "name": "string",
- "key": "string",
- "cert": "string",
- "ca_cert": "string",
- "options": {
- "organization": "string",
- "country": "string",
- "province": "string",
- "locality": "string",
- "street_addr": "string",
- "postal_code": "string",
- "ip_addresses": [
- "string"
], - "expiry_days": 0
}
}{- "name": "string",
- "key": "string",
- "cert": "string",
- "ca_cert": "string"
}{- "name": "string",
- "alias": "string",
- "device_id": "string",
- "device_type": "string",
- "device_key": "string",
- "tags": [
- "string"
], - "address": "string",
- "address6": "string",
- "gateways": [
- "string"
], - "primary_auth": "string",
- "auth": {
- "vpn_pubkey": "string",
- "vpn_address": "string",
- "vpn_listenaddr": "string",
- "cert": "string"
}, - "controller": {
- "pubkey": "string",
- "vpn_ep_address": "string",
- "vpn_addr": "string"
}, - "mim_path": [
- "string"
], - "mim_depth": 0,
- "mim_devices": 0,
- "state": "string",
- "added_ts": 0,
- "added": "string",
- "device_cert": "string",
- "sys_info": {
- "hostname": "string",
- "uptime": 0,
- "network_ports": [
- {
- "name": "string",
- "identity": "string",
- "device": "string",
- "assigned": "string",
- "link_speed": 0,
- "phy_speed": 0,
- "state": "string",
- "vlan": 0,
- "device_info": "string",
- "is_physical": true,
- "is_switchport": true,
- "addresses": [
- "string"
], - "label": "string"
}
], - "services": [
- {
- "type": "string",
- "name": "string",
- "enabled": true
}
], - "product": "string",
- "product_version": "string",
- "product_build": "string",
- "os_name": "string",
- "os_version": "string",
- "cpu": "string",
- "cpu_usage": 0,
- "memory": 0,
- "memory_usage": 0,
- "disk_usage": 0,
- "model": "string",
- "vendor": "string",
- "serial": "string",
- "hw_uuid": "string",
- "gateways": [
- "string"
], - "license": {
- "id": "string",
- "expiration": "string",
- "expired": true,
- "features": [
- {
- "name": "string",
- "value": "string",
- "source": "string",
- "stop": 0
}
]
}
}
}| device_id required | string |
| name | string |
| alias | string |
| device_id | string |
| device_type | string |
| tags | Array of strings |
| address | string |
| address6 | string |
| primary_auth | string |
object (ControlledDeviceAuth) | |
| state | string current device state: active, error, offline, rebooting, pending (pending auth) |
| device_cert | string recorded value of device certificate |
| device_key | string public key of device |
object (ControlledDeviceInfo) Additional information about the device |
{- "name": "string",
- "alias": "string",
- "device_id": "string",
- "device_type": "string",
- "tags": [
- "string"
], - "address": "string",
- "address6": "string",
- "primary_auth": "string",
- "auth": {
- "vpn_pubkey": "string",
- "vpn_address": "string",
- "vpn_listenaddr": "string",
- "cert": "string"
}, - "state": "string",
- "device_cert": "string",
- "device_key": "string",
- "device_info": {
- "hostname": "string",
- "uptime": 0,
- "network_ports": [
- {
- "name": "string",
- "identity": "string",
- "device": "string",
- "assigned": "string",
- "link_speed": 0,
- "phy_speed": 0,
- "state": "string",
- "vlan": 0,
- "device_info": "string",
- "is_physical": true,
- "is_switchport": true,
- "addresses": [
- "string"
], - "label": "string"
}
], - "services": [
- {
- "type": "string",
- "name": "string",
- "enabled": true
}
], - "product": "string",
- "product_version": "string",
- "product_build": "string",
- "os_name": "string",
- "os_version": "string",
- "cpu": "string",
- "cpu_usage": 0,
- "memory": 0,
- "memory_usage": 0,
- "disk_usage": 0,
- "model": "string",
- "vendor": "string",
- "serial": "string",
- "hw_uuid": "string",
- "gateways": [
- "string"
], - "license": {
- "id": "string",
- "expiration": "string",
- "expired": true,
- "features": [
- {
- "name": "string",
- "value": "string",
- "source": "string",
- "stop": 0
}
]
}
}
}{- "name": "string",
- "alias": "string",
- "device_id": "string",
- "device_type": "string",
- "tags": [
- "string"
], - "address": "string",
- "address6": "string",
- "primary_auth": "string",
- "auth": {
- "vpn_pubkey": "string",
- "vpn_address": "string",
- "vpn_listenaddr": "string",
- "cert": "string"
}, - "state": "string",
- "device_cert": "string",
- "device_key": "string",
- "device_info": {
- "hostname": "string",
- "uptime": 0,
- "network_ports": [
- {
- "name": "string",
- "identity": "string",
- "device": "string",
- "assigned": "string",
- "link_speed": 0,
- "phy_speed": 0,
- "state": "string",
- "vlan": 0,
- "device_info": "string",
- "is_physical": true,
- "is_switchport": true,
- "addresses": [
- "string"
], - "label": "string"
}
], - "services": [
- {
- "type": "string",
- "name": "string",
- "enabled": true
}
], - "product": "string",
- "product_version": "string",
- "product_build": "string",
- "os_name": "string",
- "os_version": "string",
- "cpu": "string",
- "cpu_usage": 0,
- "memory": 0,
- "memory_usage": 0,
- "disk_usage": 0,
- "model": "string",
- "vendor": "string",
- "serial": "string",
- "hw_uuid": "string",
- "gateways": [
- "string"
], - "license": {
- "id": "string",
- "expiration": "string",
- "expired": true,
- "features": [
- {
- "name": "string",
- "value": "string",
- "source": "string",
- "stop": 0
}
]
}
}
}| device_id | string ID of device |
| duration | integer optional number of seconds to run each upload/download test for, default 10 |
| upload_mb | integer optional number of MB to send to device, default 100. Duration has priority. |
| download_mb | integer optional number of MB to receive from device, default 10. Duration has priority. |
{- "device_id": "string",
- "duration": 0,
- "upload_mb": 0,
- "download_mb": 0
}{- "errors": "string",
- "device_id": "string",
- "duration": 0,
- "upload_mps": 0.1,
- "download_mps": 0.1
}{- "tags": {
- "property1": [
- {
- "device_id": "string",
- "alias": "string",
- "name": "string",
- "addresses": [
- "string"
]
}
], - "property2": [
- {
- "device_id": "string",
- "alias": "string",
- "name": "string",
- "addresses": [
- "string"
]
}
]
}
}| tags | Array of strings |
| devices | Array of strings |
| action | string |
{- "tags": [
- "string"
], - "devices": [
- "string"
], - "action": "string"
}{- "result": "string"
}| tag required | string |
| device_id required | string |
{- "name": "string",
- "alias": "string",
- "device_id": "string",
- "device_type": "string",
- "tags": [
- "string"
], - "address": "string",
- "address6": "string",
- "primary_auth": "string",
- "auth": {
- "vpn_pubkey": "string",
- "vpn_address": "string",
- "vpn_listenaddr": "string",
- "cert": "string"
}, - "state": "string",
- "device_cert": "string",
- "device_key": "string",
- "device_info": {
- "hostname": "string",
- "uptime": 0,
- "network_ports": [
- {
- "name": "string",
- "identity": "string",
- "device": "string",
- "assigned": "string",
- "link_speed": 0,
- "phy_speed": 0,
- "state": "string",
- "vlan": 0,
- "device_info": "string",
- "is_physical": true,
- "is_switchport": true,
- "addresses": [
- "string"
], - "label": "string"
}
], - "services": [
- {
- "type": "string",
- "name": "string",
- "enabled": true
}
], - "product": "string",
- "product_version": "string",
- "product_build": "string",
- "os_name": "string",
- "os_version": "string",
- "cpu": "string",
- "cpu_usage": 0,
- "memory": 0,
- "memory_usage": 0,
- "disk_usage": 0,
- "model": "string",
- "vendor": "string",
- "serial": "string",
- "hw_uuid": "string",
- "gateways": [
- "string"
], - "license": {
- "id": "string",
- "expiration": "string",
- "expired": true,
- "features": [
- {
- "name": "string",
- "value": "string",
- "source": "string",
- "stop": 0
}
]
}
}
}| destination | string Address of the destination host |
| count | integer Number of pings to send and listen for |
| iface | string Interface friendly name |
{- "destination": "string",
- "count": 0,
- "iface": "string"
}{- "stdout": "string"
}{- "clients": [
- {
- "clientip": "string",
- "clientipversion": "string",
- "clientshortname": "string",
- "clientsharedsecret": "string",
- "clientproto": "string",
- "clientnastype": "string",
- "requiremessageauthenticator": "string",
- "clientmaxconnections": "string",
- "clientlogininput": "string",
- "clientpasswordinput": "string",
- "description": "string",
- "id": "string"
}
]
}| clientip | string (General Configuration) Client IP Address Enter the IP address or network of the RADIUS client(s) in CIDR notation. This is the IP of the NAS (switch, access point, firewall, router, etc.). |
| clientipversion | string (General Configuration) Client IP Version (ipaddr, ipv6addr) |
| clientshortname | string (General Configuration) Client Shortname Enter a short name for the client. This is generally the hostname of the NAS. |
| clientsharedsecret | string (General Configuration) Client Shared Secret Enter the shared secret of the RADIUS client here. This is the shared secret (password) which the NAS (switch, accesspoint, etc.) needs to communicate with the RADIUS server. FreeRADIUS is limited to 31 characters for the shared secret. Warning: Single quotes in shared secret must be escaped with a backslash ('). Backslash must be escaped by using two backslashes (\). |
| clientproto | string (Miscellaneous Configuration) Client Protocol (udp, tcp) Enter the protocol the client uses. (Default: UDP) |
| clientnastype | string (Miscellaneous Configuration) Client Type (cisco, cvx, computone, digitro, livingston, juniper, max40xx, mikrotik, mikrotik_snmp, multitech, netserver, pathras, pr3000, pr4000, patton, portslave, redback, tc, usrhiper, versanet, dot1x, other) Enter the NAS type of the client. This is used by checkrad.pl for simultaneous use checks. (Default: other) |
| requiremessageauthenticator | string (Miscellaneous Configuration) Require Message Authenticator (no, yes) RFC5080 requires Message-Authenticator in Access-Request. But older NAS (switches or accesspoints) do not include that. (Default: no) |
| clientmaxconnections | string (Miscellaneous Configuration) Max Connections Takes only effect if you use TCP as protocol. Limits the number of simultaneous TCP connections from a client. (Default 16) |
| clientlogininput | string (Miscellaneous Configuration) NAS Login If supported by your NAS, you can use SNMP or finger for simultaneous-use checks instead of (s)radutmp file and accounting. Leave empty to choose (s)radutmp. (Default: empty) |
| clientpasswordinput | string (Miscellaneous Configuration) NAS Password If supported by your NAS, you can use SNMP or finger for simultaneous-use checks instead of (s)radutmp file and accounting. Leave empty to choose (s)radutmp. (Default: empty) |
| description | string (Miscellaneous Configuration) Description Enter any description you like for this client. |
| id | string (readonly) ID assigned to this entry |
{- "clientip": "string",
- "clientipversion": "string",
- "clientshortname": "string",
- "clientsharedsecret": "string",
- "clientproto": "string",
- "clientnastype": "string",
- "requiremessageauthenticator": "string",
- "clientmaxconnections": "string",
- "clientlogininput": "string",
- "clientpasswordinput": "string",
- "description": "string",
- "id": "string"
}{- "clientip": "string",
- "clientipversion": "string",
- "clientshortname": "string",
- "clientsharedsecret": "string",
- "clientproto": "string",
- "clientnastype": "string",
- "requiremessageauthenticator": "string",
- "clientmaxconnections": "string",
- "clientlogininput": "string",
- "clientpasswordinput": "string",
- "description": "string",
- "id": "string"
}| id required | string |
| clientip | string (General Configuration) Client IP Address Enter the IP address or network of the RADIUS client(s) in CIDR notation. This is the IP of the NAS (switch, access point, firewall, router, etc.). |
| clientipversion | string (General Configuration) Client IP Version (ipaddr, ipv6addr) |
| clientshortname | string (General Configuration) Client Shortname Enter a short name for the client. This is generally the hostname of the NAS. |
| clientsharedsecret | string (General Configuration) Client Shared Secret Enter the shared secret of the RADIUS client here. This is the shared secret (password) which the NAS (switch, accesspoint, etc.) needs to communicate with the RADIUS server. FreeRADIUS is limited to 31 characters for the shared secret. Warning: Single quotes in shared secret must be escaped with a backslash ('). Backslash must be escaped by using two backslashes (\). |
| clientproto | string (Miscellaneous Configuration) Client Protocol (udp, tcp) Enter the protocol the client uses. (Default: UDP) |
| clientnastype | string (Miscellaneous Configuration) Client Type (cisco, cvx, computone, digitro, livingston, juniper, max40xx, mikrotik, mikrotik_snmp, multitech, netserver, pathras, pr3000, pr4000, patton, portslave, redback, tc, usrhiper, versanet, dot1x, other) Enter the NAS type of the client. This is used by checkrad.pl for simultaneous use checks. (Default: other) |
| requiremessageauthenticator | string (Miscellaneous Configuration) Require Message Authenticator (no, yes) RFC5080 requires Message-Authenticator in Access-Request. But older NAS (switches or accesspoints) do not include that. (Default: no) |
| clientmaxconnections | string (Miscellaneous Configuration) Max Connections Takes only effect if you use TCP as protocol. Limits the number of simultaneous TCP connections from a client. (Default 16) |
| clientlogininput | string (Miscellaneous Configuration) NAS Login If supported by your NAS, you can use SNMP or finger for simultaneous-use checks instead of (s)radutmp file and accounting. Leave empty to choose (s)radutmp. (Default: empty) |
| clientpasswordinput | string (Miscellaneous Configuration) NAS Password If supported by your NAS, you can use SNMP or finger for simultaneous-use checks instead of (s)radutmp file and accounting. Leave empty to choose (s)radutmp. (Default: empty) |
| description | string (Miscellaneous Configuration) Description Enter any description you like for this client. |
| id | string (readonly) ID assigned to this entry |
{- "clientip": "string",
- "clientipversion": "string",
- "clientshortname": "string",
- "clientsharedsecret": "string",
- "clientproto": "string",
- "clientnastype": "string",
- "requiremessageauthenticator": "string",
- "clientmaxconnections": "string",
- "clientlogininput": "string",
- "clientpasswordinput": "string",
- "description": "string",
- "id": "string"
}{- "clientip": "string",
- "clientipversion": "string",
- "clientshortname": "string",
- "clientsharedsecret": "string",
- "clientproto": "string",
- "clientnastype": "string",
- "requiremessageauthenticator": "string",
- "clientmaxconnections": "string",
- "clientlogininput": "string",
- "clientpasswordinput": "string",
- "description": "string",
- "id": "string"
}{- "eapconfdisableweakeaptypes": true,
- "eapconfdefaulteaptype": "string",
- "eapconftimerexpire": "string",
- "eapconfignoreunknowneaptypes": "string",
- "eapconfciscoaccountingusernamebug": "string",
- "eapconfmaxsessions": "string",
- "eapconftlsminversion": "string",
- "ssl_ca_cert": "string",
- "ssl_ca_crl": "string",
- "ssl_server_cert": "string",
- "eapconfincludelength": "string",
- "eapconffragmentsize": "string",
- "eapconfenablecheckcertissuer": true,
- "eapconfcasubject": "string",
- "eapconfenablecheckcertcn": true,
- "eapconfcacheenablecache": "string",
- "eapconfcachelifetime": "string",
- "eapconfcachemaxentries": "string",
- "eapconfocspenable": "string",
- "eapconfocspoverridecerturl": "string",
- "eapconfocspurl": "string",
- "eapconfttlsdefaulteaptype": "string",
- "eapconfttlscopyrequesttotunnel": "string",
- "eapconfttlsusetunneledreply": "string",
- "eapconfttlsincludelength": "string",
- "eapconfpeapdefaulteaptype": "string",
- "eapconfpeapcopyrequesttotunnel": "string",
- "eapconfpeapusetunneledreply": "string",
- "eapconfpeapsohenable": "string",
- "ssl_ca_cert_options": [
- {
- "value": "string",
- "text": "string"
}
], - "ssl_ca_crl_options": [
- {
- "value": "string",
- "text": "string"
}
], - "ssl_server_cert_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| eapconfdisableweakeaptypes | boolean (EAP) Disable Weak EAP Types When enabled, only stronger EAP types like TLS, TTLS, PEAP, and MSCHAPv2 are allowed. This option does not affect tunneled EAP sessions. Disables weak EAP types: MD5, and GTC |
| eapconfdefaulteaptype | string (EAP) Default EAP Type (md5, gtc, leap, tls, ttls, peap, mschapv2) Invoke the default supported EAP type when EAP-Identity response is received. Important: Do not select the weak types if 'Disable Weak EAP Types' is checked above; try PEAP instead. (Default: md5) |
| eapconftimerexpire | string (EAP) Expiration of EAP-Response / EAP-Request List A list is maintained to correlate EAP-Response packets with EAP-Request packets. Define the expire time of the list here. (Default: 60) |
| eapconfignoreunknowneaptypes | string (EAP) Ignore Unknown EAP Types (no, yes) If the RADIUS server does not know the EAP type, it rejects it. If set to "yes", a module must be configured to proxy the request to another RADIUS server. (Default: No) |
| eapconfciscoaccountingusernamebug | string (EAP) CISCO Accounting Username Bug (no, yes) CISCO AP1230B firmware 12.2(13)JA1 has a bug which can be workaround by setting this to "yes". (Default: No) |
| eapconfmaxsessions | string (EAP) Maximum Sessions Tracking Per Server Help to prevent DoS attacks by limiting the number of sessions that the server is tracking. (Default: 4096) |
| eapconftlsminversion | string (EAP) Minimum TLS version (1.0, 1.1, 1.2) Set minimum TLS version. Leave 1.0 if you have old clients. |
| ssl_ca_cert | string (Certificates for TLS) SSL CA Certificate Choose the SSL CA Certficate here which you created with 'System > Cert Manager'. IMPORTANT: Configuring a valid CA certificate here is required! |
| ssl_ca_crl | string (Certificates for TLS) SSL Revocation List Choose the SSL CA Certficate revocation list here which you created with 'System > Cert Manager'. Important: You need to restart FreeRADIUS service after adding a certificate to the CRL. Choose 'none' if you do not use any CRL. (Default: none) |
| ssl_server_cert | string (Certificates for TLS) SSL Server Certificate Choose the SSL Server Certficate here which you created with 'System > Cert Manager'. IMPORTANT: Configuring a valid server certificate here is required! |
| eapconfincludelength | string (EAP-TLS) Include Length (yes, no) If set to 'Yes', Total Length of the message is included in every packet we send. If set to 'No' Total Length of the message is included only in the first packet of a fragment series. (Default: Yes) |
| eapconffragmentsize | string (EAP-TLS) Fragment Size 'Fragment Size' can never exceed the size of a RADIUS packet (4096 bytes), and is preferably half of that, to accomodate other attributes in RADIUS packet. On most APs, the max. packet length is configured between 1500 - 1600. In these cases, fragment size should be 1024 or less. (Default: 1024) |
| eapconfenablecheckcertissuer | boolean (EAP-TLS) Check Cert Issuer When enabled, the server/client certificate must match the CA issuer. (Default: false) Validate the certificate against the CA |
| eapconfcasubject | string (EAP-TLS) CA Subject Enter the subject of the CA to validate, or leave blank to assume the subject of SSL CA Certificate chosen above. (Example: /C=US/ST=Texas/L=Austin/O=Example Co/emailAddress=certs@example.com/CN=example-ca) |
| eapconfenablecheckcertcn | boolean (EAP-TLS) Check Client Certificate CN When enabled, the Common Name of the client certificate must match the username set in 'FreeRADIUS > Users'. (Default: false) Validate the Client Certificate Common Name |
| eapconfcacheenablecache | string (EAP-TLS Cache) Enable cache (yes, no) Session resumption / fast reauthentication cache. Click Info for details. (Default: Disable) The cache contains the following information:
The "Cached-Session-Policy" is the name of a policy which should be applied to the cached session. This policy can be used to assign VLANs, IP addresses, etc. It serves as a useful way to re-apply the policy from the original Access-Accept to the subsequent Access-Accept for the cached session. On session resumption, these attributes are copied from the cache, and placed into the reply list. You probably also want use_tunneled_reply = yes when using fast session resumption. |
| eapconfcachelifetime | string (EAP-TLS Cache) Lifetime Lifetime of the cached entries, in hours. The sessions will be deleted after this time. (Default: 24) |
| eapconfcachemaxentries | string (EAP-TLS Cache) Max Entries The maximum number of entries in the cache. Set to "0" for "infinite." (Default: 255) |
| eapconfocspenable | string (EAP-TLS with OCSP support) Enable OCSP (no, yes) Choose whether you like to enable or disable OCSP support. (Default: Disable) |
| eapconfocspoverridecerturl | string (EAP-TLS with OCSP support) Override OCSP Responder URL (no, yes) The OCSP responder URL is extracted from the certificate. You can override it below. (Default: No) |
| eapconfocspurl | string (EAP-TLS with OCSP support) OCSP Responder Enter the URL of the OCSP responder. OCSP must be enabled for this to work. (Default: http://127.0.0.1/ocsp/) |
| eapconfttlsdefaulteaptype | string (EAP-TTLS) Default EAP Type (md5, gtc, otp, tls, mschapv2) The tunneled EAP session needs a default EAP type which is separate from the one for the non-tunneled EAP module. Inside of the TTLS tunnel, using EAP-MD5 is recommended. If the request does not contain an EAP conversation, then this configuration entry is ignored. (Default: MD5) |
| eapconfttlscopyrequesttotunnel | string (EAP-TTLS) Copy Request to Tunnel (no, yes) The tunneled authentication request does not usually contain useful attributes like 'Calling-Station-Id', etc. These attributes are outside of the tunnel, and normally unavailable to the tunneled authentication request. By setting this configuration entry to 'Yes', any attribute which is not available in the tunneled authentication request, but which is available outside of the tunnel, is copied to the tunneled request. (Default: No) |
| eapconfttlsusetunneledreply | string (EAP-TTLS) Use Tunneled Reply (no, yes) The reply attributes sent to the NAS are usually based on the name of the user 'outside' of the tunnel (usually 'anonymous'). If you want to send the reply attributes based on the user name inside of the tunnel, then set 'Use Tunneled Reply' to 'Yes'; the reply to the NAS will be taken from the reply to the tunneled request. (Default: No) |
| eapconfttlsincludelength | string (EAP-TTLS) Include Length (yes, no) If set to 'Yes', Total Length of the message is included in every packet we send. If set to 'No', Total Length of the message is included only in the first packet of a fragment series. (Default: Yes) |
| eapconfpeapdefaulteaptype | string (EAP-PEAP) Default EAP Type (md5, gtc, otp, tls, mschapv2) The tunneled EAP session needs a default EAP type which is separate from the one for the non-tunneled EAP module. Inside of the PEAP tunnel, using MS-CHAPv2 is recommended, as that is the default type supported by Windows clients. (Default: MSCHAPv2) |
| eapconfpeapcopyrequesttotunnel | string (EAP-PEAP) Copy Request to Tunnel (no, yes) The tunneled authentication request does not usually contain useful attributes like 'Calling-Station-Id', etc. These attributes are outside of the tunnel, and normally unavailable to the tunneled authentication request. By setting this configuration entry to 'Yes', any attribute which is not available in the tunneled authentication request, but which is available outside of the tunnel, is copied to the tunneled request. (Default: No) |
| eapconfpeapusetunneledreply | string (EAP-PEAP) Use Tunneled Reply (no, yes) The reply attributes sent to the NAS are usually based on the name of the user 'outside' of the tunnel (usually 'anonymous'). If you want to send the reply attributes based on the user name inside of the tunnel, then set this configuration entry to 'Yes'; the reply to the NAS will be taken from the reply to the tunneled request. (Default: No) |
| eapconfpeapsohenable | string (EAP-PEAP) Microsoft Statement of Health (SoH) Support (Disable, Enable) You can accept/reject clients based on Microsoft's Statement of Health, e.g. if they are missing Windows Updates, don't have a firewall enabled, antivirus is not in line with policy, etc. You need to change /usr/local/etc/raddb/sites-available/soh for your needs. It cannot be changed from GUI and will be deleted after package reinstallation. (Default: Disable) |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) |
{- "eapconfdisableweakeaptypes": true,
- "eapconfdefaulteaptype": "string",
- "eapconftimerexpire": "string",
- "eapconfignoreunknowneaptypes": "string",
- "eapconfciscoaccountingusernamebug": "string",
- "eapconfmaxsessions": "string",
- "eapconftlsminversion": "string",
- "ssl_ca_cert": "string",
- "ssl_ca_crl": "string",
- "ssl_server_cert": "string",
- "eapconfincludelength": "string",
- "eapconffragmentsize": "string",
- "eapconfenablecheckcertissuer": true,
- "eapconfcasubject": "string",
- "eapconfenablecheckcertcn": true,
- "eapconfcacheenablecache": "string",
- "eapconfcachelifetime": "string",
- "eapconfcachemaxentries": "string",
- "eapconfocspenable": "string",
- "eapconfocspoverridecerturl": "string",
- "eapconfocspurl": "string",
- "eapconfttlsdefaulteaptype": "string",
- "eapconfttlscopyrequesttotunnel": "string",
- "eapconfttlsusetunneledreply": "string",
- "eapconfttlsincludelength": "string",
- "eapconfpeapdefaulteaptype": "string",
- "eapconfpeapcopyrequesttotunnel": "string",
- "eapconfpeapusetunneledreply": "string",
- "eapconfpeapsohenable": "string",
- "ssl_ca_cert_options": [
- {
- "value": "string",
- "text": "string"
}
], - "ssl_ca_crl_options": [
- {
- "value": "string",
- "text": "string"
}
], - "ssl_server_cert_options": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "eapconfdisableweakeaptypes": true,
- "eapconfdefaulteaptype": "string",
- "eapconftimerexpire": "string",
- "eapconfignoreunknowneaptypes": "string",
- "eapconfciscoaccountingusernamebug": "string",
- "eapconfmaxsessions": "string",
- "eapconftlsminversion": "string",
- "ssl_ca_cert": "string",
- "ssl_ca_crl": "string",
- "ssl_server_cert": "string",
- "eapconfincludelength": "string",
- "eapconffragmentsize": "string",
- "eapconfenablecheckcertissuer": true,
- "eapconfcasubject": "string",
- "eapconfenablecheckcertcn": true,
- "eapconfcacheenablecache": "string",
- "eapconfcachelifetime": "string",
- "eapconfcachemaxentries": "string",
- "eapconfocspenable": "string",
- "eapconfocspoverridecerturl": "string",
- "eapconfocspurl": "string",
- "eapconfttlsdefaulteaptype": "string",
- "eapconfttlscopyrequesttotunnel": "string",
- "eapconfttlsusetunneledreply": "string",
- "eapconfttlsincludelength": "string",
- "eapconfpeapdefaulteaptype": "string",
- "eapconfpeapcopyrequesttotunnel": "string",
- "eapconfpeapusetunneledreply": "string",
- "eapconfpeapsohenable": "string",
- "ssl_ca_cert_options": [
- {
- "value": "string",
- "text": "string"
}
], - "ssl_ca_crl_options": [
- {
- "value": "string",
- "text": "string"
}
], - "ssl_server_cert_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| interfaceip | string (General Configuration) Interface IP Address Enter the IP address (e.g. 192.168.100.1) of the listening interface. If you choose * then it means all interfaces. (Default: *) |
| interfaceport | string (General Configuration) Port Enter the port number of the listening interface. Different interface types need different ports. Click Info for details. You could use this as an example:
IMPORTANT: For every interface type listening on the same IP address you need different ports. |
| interfacetype | string (General Configuration) Interface Type (auth, acct, proxy, detail, status, coa) Enter the type of the listening interface. (Default: Authentication) |
| interfaceipversion | string (General Configuration) IP Version (ipaddr, ipv6addr) Enter the IP version of the listening interface. (Default: IPv4) |
| description | string (General Configuration) Description Optionally enter a description here for your reference. |
| id | string (readonly) ID assigned to this entry |
{- "interfaceip": "string",
- "interfaceport": "string",
- "interfacetype": "string",
- "interfaceipversion": "string",
- "description": "string",
- "id": "string"
}{- "interfaceip": "string",
- "interfaceport": "string",
- "interfacetype": "string",
- "interfaceipversion": "string",
- "description": "string",
- "id": "string"
}| id required | string |
| interfaceip | string (General Configuration) Interface IP Address Enter the IP address (e.g. 192.168.100.1) of the listening interface. If you choose * then it means all interfaces. (Default: *) |
| interfaceport | string (General Configuration) Port Enter the port number of the listening interface. Different interface types need different ports. Click Info for details. You could use this as an example:
IMPORTANT: For every interface type listening on the same IP address you need different ports. |
| interfacetype | string (General Configuration) Interface Type (auth, acct, proxy, detail, status, coa) Enter the type of the listening interface. (Default: Authentication) |
| interfaceipversion | string (General Configuration) IP Version (ipaddr, ipv6addr) Enter the IP version of the listening interface. (Default: IPv4) |
| description | string (General Configuration) Description Optionally enter a description here for your reference. |
| id | string (readonly) ID assigned to this entry |
{- "interfaceip": "string",
- "interfaceport": "string",
- "interfacetype": "string",
- "interfaceipversion": "string",
- "description": "string",
- "id": "string"
}{- "interfaceip": "string",
- "interfaceport": "string",
- "interfacetype": "string",
- "interfaceipversion": "string",
- "description": "string",
- "id": "string"
}{- "modulesldapenableauthorize": true,
- "modulesldapenableauthenticate": true,
- "modulesldapserver": "string",
- "modulesldapserverport": "string",
- "modulesldapidentity": "string",
- "modulesldappassword": "string",
- "modulesldapbasedn": "string",
- "modulesldapfilter": "string",
- "modulesldapbasefilter": "string",
- "modulesldapldapconnectionsnumber": "string",
- "modulesldaptimeout": "string",
- "modulesldaptimelimit": "string",
- "modulesldapnettimeout": "string",
- "modulesldapmsadcompatibilityenable": "string",
- "modulesldapdmiscenable": true,
- "modulesldapdefaultprofile": "string",
- "modulesldapprofileattribute": "string",
- "modulesldapaccessattr": "string",
- "modulesldapgroupenable": true,
- "modulesldapgroupnameattribute": "string",
- "modulesldapgroupmembershipfilter": "string",
- "modulesldapgroupmembershipattribute": "string",
- "modulesldapcomparecheckitems": "string",
- "modulesldapdoxlat": "string",
- "modulesldapaccessattrusedforallow": "string",
- "modulesldapkeepaliveidle": "string",
- "modulesldapkeepaliveprobes": "string",
- "modulesldapkeepaliveinterval": "string",
- "modulesldapenabletlssupport": true,
- "modulesldapenablestarttls": true,
- "ssl_ca_cert1": "string",
- "ssl_server_cert1": "string",
- "modulesldaprequirecert": "string",
- "modulesldap2failover": "string",
- "modulesldap2enableauthorize": true,
- "modulesldap2enableauthenticate": true,
- "modulesldap2server": "string",
- "modulesldap2serverport": "string",
- "modulesldap2identity": "string",
- "modulesldap2password": "string",
- "modulesldap2basedn": "string",
- "modulesldap2filter": "string",
- "modulesldap2basefilter": "string",
- "modulesldap2ldapconnectionsnumber": "string",
- "modulesldap2timeout": "string",
- "modulesldap2timelimit": "string",
- "modulesldap2nettimeout": "string",
- "modulesldap2msadcompatibilityenable": "string",
- "modulesldap2dmiscenable": true,
- "modulesldap2defaultprofile": "string",
- "modulesldap2profileattribute": "string",
- "modulesldap2accessattr": "string",
- "modulesldap2groupenable": true,
- "modulesldap2groupnameattribute": "string",
- "modulesldap2groupmembershipfilter": "string",
- "modulesldap2groupmembershipattribute": "string",
- "modulesldap2comparecheckitems": "string",
- "modulesldap2doxlat": "string",
- "modulesldap2accessattrusedforallow": "string",
- "modulesldap2keepaliveidle": "string",
- "modulesldap2keepaliveprobes": "string",
- "modulesldap2keepaliveinterval": "string",
- "modulesldap2enabletlssupport": true,
- "modulesldap2enablestarttls": true,
- "ssl_ca_cert2": "string",
- "ssl_server_cert2": "string",
- "modulesldap2requirecert": "string",
- "ssl_ca_cert1_options": [
- {
- "value": "string",
- "text": "string"
}
], - "ssl_server_cert1_options": [
- {
- "value": "string",
- "text": "string"
}
], - "ssl_ca_cert2_options": [
- {
- "value": "string",
- "text": "string"
}
], - "ssl_server_cert2_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| modulesldapenableauthorize | boolean (Enable LDAP Support - Server 1) LDAP Authorization Support Enables LDAP in the authorize section. The ldap module will set Auth-Type to LDAP if it has not already been set. (Default: Disabled) Enable LDAP For Authorization |
| modulesldapenableauthenticate | boolean (Enable LDAP Support - Server 1) LDAP Authentication Support Enables LDAP in the authenticate section. Note that this means "check plain-text password against the LDAP database", which means that EAP won't work, as it does not supply a plain-text password. Enable LDAP For Authentication |
| modulesldapserver | string (General Configuration - Server 1) Server Address LDAP server FQDN or IP address. (Example: ldap.example.com) |
| modulesldapserverport | string (General Configuration - Server 1) Server Port LDAP server port. (Default: 389) |
| modulesldapidentity | string (General Configuration - Server 1) Identity LDAP ID for authentication. (Example: cn=admin,o=My Company Ltd,c=US) |
| modulesldappassword | string (General Configuration - Server 1) Password LDAP password for authentication. (Default: mypass) |
| modulesldapbasedn | string (General Configuration - Server 1) Base DN Base DN for LDAP search. (Example: o=My Company Ltd,c=US) |
| modulesldapfilter | string (General Configuration - Server 1) Filter LDAP search filter. Default: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) |
| modulesldapbasefilter | string (General Configuration - Server 1) Base Filter Default: (objectclass=radiusprofile) |
| modulesldapldapconnectionsnumber | string (General Configuration - Server 1) LDAP Connections Number How many connections to keep open to the LDAP server. This saves time over opening a new LDAP socket for every authentication request. (Default: 5) |
| modulesldaptimeout | string (General Configuration - Server 1) Timeout Seconds to wait for LDAP query to finish. (Default: 4) |
| modulesldaptimelimit | string (General Configuration - Server 1) Time Limit Seconds the LDAP server has to process the query (server-side time limit). (Default: 3) |
| modulesldapnettimeout | string (General Configuration - Server 1) Network Timeout Seconds to wait for response of the server because of network failures. (Default: 1) |
| modulesldapmsadcompatibilityenable | string (Miscellaneous Configuration - Server 1) Active Directory Compatibility (Disable, Enable) If you see the helpful "operations error" being returned to the LDAP module, enable this. (Default: Disable) |
| modulesldapdmiscenable | boolean (Miscellaneous Configuration - Server 1) Misc Configuration - Server 1 By default, the options below are not active in the configuration. Enable Miscellaneous Configuration for Server 1 |
| modulesldapdefaultprofile | string (Miscellaneous Configuration - Server 1) Default Profile (Example: cn=radprofile,ou=dialup,o=My Company Ltd,c=US) |
| modulesldapprofileattribute | string (Miscellaneous Configuration - Server 1) Profile Attribute (Default: radiusProfileDn) |
| modulesldapaccessattr | string (Miscellaneous Configuration - Server 1) Access Attribute (Default: dialupAccess) |
| modulesldapgroupenable | boolean (Group Membership Options - Server 1) Group Membership Options By default, the options below are not active in the configuration. Enable Group Membership Options |
| modulesldapgroupnameattribute | string (Group Membership Options - Server 1) Groupname Attribute (Default: cn) |
| modulesldapgroupmembershipfilter | string (Group Membership Options - Server 1) Group Membership Filter Default: (|(&(objectClass=GroupOfNames)(member=%{control:Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{control:Ldap-UserDn}))) |
| modulesldapgroupmembershipattribute | string (Group Membership Options - Server 1) Group Membership Attribute (Default: radiusGroupName) |
| modulesldapcomparecheckitems | string (Group Membership Options - Server 1) Compare Check Items (yes, no) (Default: Yes) |
| modulesldapdoxlat | string (Group Membership Options - Server 1) Do XLAT (yes, no) (Default: Yes) |
| modulesldapaccessattrusedforallow | string (Group Membership Options - Server 1) Access Attribute Used For Allow (yes, no) (Default: Yes) |
| modulesldapkeepaliveidle | string (KeepAlive Configuration - Server 1) LDAP OPT X KeepAlive Idle (Default: 60) |
| modulesldapkeepaliveprobes | string (KeepAlive Configuration - Server 1) LDAP OPT X KeepAlive Probes (Default: 3) |
| modulesldapkeepaliveinterval | string (KeepAlive Configuration - Server 1) LDAP OPT X KeepAlive Interval (Default: 3) |
| modulesldapenabletlssupport | boolean (LDAP TLS Support - Server 1) TLS Support If enabled, certificates in ../raddb/certs/ will be checked against the LDAP server certificates. Enable TLS support for LDAP server 1 |
| modulesldapenablestarttls | boolean (LDAP TLS Support - Server 1) Use STARTTLS If enabled, STARTTLS will be used instead of LDAPS. Enable STARTTLS for LDAP server 1 |
| ssl_ca_cert1 | string (LDAP TLS Support - Server 1) SSL CA Certificate Choose the SSL CA Certficate here which you created with 'System > Cert Manager'. Choose 'none' if you do not use any kind of certificates. (Default: none) |
| ssl_server_cert1 | string (LDAP TLS Support - Server 1) SSL Server Certificate Choose the SSL Server Certficate here which you created with 'System > Cert Manager'. Choose 'none' if you do not use any kind of certificates. (Default: none) |
| modulesldaprequirecert | string (LDAP TLS Support - Server 1) Choose Certificate Verification Method (never, allow, demand) Choose how the certs should be checked. Click Info for details. (Default: never)
|
| modulesldap2failover | string (Enable Redundant LDAP Server Support) Choose Failover/Load Balancing Mode (redundant, load-balance, redundant-load-balance) Choose the interaction of the two LDAP servers. Click Info for details. (Default: Redundant)
|
| modulesldap2enableauthorize | boolean (Enable LDAP Support - Server 2) LDAP Authorization Support Enables LDAP in the authorize section. The ldap module will set Auth-Type to LDAP if it has not already been set. (Default: Disabled) Enable LDAP For Authorization (Default: unchecked) |
| modulesldap2enableauthenticate | boolean (Enable LDAP Support - Server 2) LDAP Authentication Support Enables LDAP in the authenticate section. Note that this means "check plain-text password against the LDAP database", which means that EAP won't work, as it does not supply a plain-text password. Enable LDAP For Authentication |
| modulesldap2server | string (General Configuration - Server 2) Server Address LDAP server FQDN or IP address. (Example: ldap.example.com) |
| modulesldap2serverport | string (General Configuration - Server 2) Server Port LDAP server port. (Default: 389) |
| modulesldap2identity | string (General Configuration - Server 2) Identity LDAP ID for authentication. (Example: cn=admin,o=My Company Ltd,c=US) |
| modulesldap2password | string (General Configuration - Server 2) Password LDAP password for authentication. (Default: mypass) |
| modulesldap2basedn | string (General Configuration - Server 2) Base DN Base DN for LDAP search. (Example: o=My Company Ltd,c=US) |
| modulesldap2filter | string (General Configuration - Server 2) Filter LDAP search filter. Default: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) |
| modulesldap2basefilter | string (General Configuration - Server 2) Base Filter Default: (objectclass=radiusprofile) |
| modulesldap2ldapconnectionsnumber | string (General Configuration - Server 2) LDAP Connections Number How many connections to keep open to the LDAP server. This saves time over opening a new LDAP socket for every authentication request. (Default: 5) |
| modulesldap2timeout | string (General Configuration - Server 2) Timeout Seconds to wait for LDAP query to finish. (Default: 4) |
| modulesldap2timelimit | string (General Configuration - Server 2) Time Limit Seconds the LDAP server has to process the query (server-side time limit). (Default: 3) |
| modulesldap2nettimeout | string (General Configuration - Server 2) Network Timeout Seconds to wait for response of the server because of network failures. (Default: 1) |
| modulesldap2msadcompatibilityenable | string (Miscellaneous Configuration - Server 2) Active Directory Compatibility (Disable, Enable) If you see the helpful "operations error" being returned to the LDAP module, enable this. (Default: Disable) |
| modulesldap2dmiscenable | boolean (Miscellaneous Configuration - Server 2) Misc Configuration By default, the options below are not active in the configuration. Enable Miscellaneous Configuration for Server 2 |
| modulesldap2defaultprofile | string (Miscellaneous Configuration - Server 2) Default Profile (Example: cn=radprofile,ou=dialup,o=My Company Ltd,c=US) |
| modulesldap2profileattribute | string (Miscellaneous Configuration - Server 2) Profile Attribute (Default: radiusProfileDn) |
| modulesldap2accessattr | string (Miscellaneous Configuration - Server 2) Access Attribute (Default: dialupAccess) |
| modulesldap2groupenable | boolean (Group Membership Options - Server 2) Enable Group Membership Options By default, the options below are not active in the configuration. Enable Group Membership Options |
| modulesldap2groupnameattribute | string (Group Membership Options - Server 2) Groupname Attribute (Default: cn) |
| modulesldap2groupmembershipfilter | string (Group Membership Options - Server 2) Group Membership Filter Default: (|(&(objectClass=GroupOfNames)(member=%{control:Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{control:Ldap-UserDn}))) |
| modulesldap2groupmembershipattribute | string (Group Membership Options - Server 2) Group Membership Attribute (Default: radiusGroupName) |
| modulesldap2comparecheckitems | string (Group Membership Options - Server 2) Compare Check Items (yes, no) (Default: Yes) |
| modulesldap2doxlat | string (Group Membership Options - Server 2) Do XLAT (yes, no) (Default: Yes) |
| modulesldap2accessattrusedforallow | string (Group Membership Options - Server 2) Access Attribute Used For Allow (yes, no) (Default: Yes) |
| modulesldap2keepaliveidle | string (KeepAlive Configuration - Server 2) LDAP OPT X KeepAlive Idle (Default: 60) |
| modulesldap2keepaliveprobes | string (KeepAlive Configuration - Server 2) LDAP OPT X KeepAlive Probes (Default: 3) |
| modulesldap2keepaliveinterval | string (KeepAlive Configuration - Server 2) LDAP OPT X KeepAlive Interval (Default: 3) |
| modulesldap2enabletlssupport | boolean (LDAP TLS Support - Server 2) TLS Support If enabled, certificates in ../raddb/certs/ will be checked against the LDAP server certificates. Enable TLS support for LDAP server 2 |
| modulesldap2enablestarttls | boolean (LDAP TLS Support - Server 2) Use STARTTLS If enabled, STARTTLS will be used instead of LDAPS. Enable STARTTLS for LDAP server 2 |
| ssl_ca_cert2 | string (LDAP TLS Support - Server 2) SSL CA Certificate Choose the SSL CA Certficate here which you created with 'System > Cert Manager'. Choose 'none' if you do not use any kind of certificates. (Default: none) |
| ssl_server_cert2 | string (LDAP TLS Support - Server 2) SSL Server Certificate Choose the SSL Server Certficate here which you created with 'System > Cert Manager'. Choose 'none' if you do not use any kind of certificates. (Default: none) |
| modulesldap2requirecert | string (LDAP TLS Support - Server 2) Choose Certificate Verification Method (never, allow, demand) Choose how the certs should be checked. Click Info for details. (Default: never)
|
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) |
{- "modulesldapenableauthorize": true,
- "modulesldapenableauthenticate": true,
- "modulesldapserver": "string",
- "modulesldapserverport": "string",
- "modulesldapidentity": "string",
- "modulesldappassword": "string",
- "modulesldapbasedn": "string",
- "modulesldapfilter": "string",
- "modulesldapbasefilter": "string",
- "modulesldapldapconnectionsnumber": "string",
- "modulesldaptimeout": "string",
- "modulesldaptimelimit": "string",
- "modulesldapnettimeout": "string",
- "modulesldapmsadcompatibilityenable": "string",
- "modulesldapdmiscenable": true,
- "modulesldapdefaultprofile": "string",
- "modulesldapprofileattribute": "string",
- "modulesldapaccessattr": "string",
- "modulesldapgroupenable": true,
- "modulesldapgroupnameattribute": "string",
- "modulesldapgroupmembershipfilter": "string",
- "modulesldapgroupmembershipattribute": "string",
- "modulesldapcomparecheckitems": "string",
- "modulesldapdoxlat": "string",
- "modulesldapaccessattrusedforallow": "string",
- "modulesldapkeepaliveidle": "string",
- "modulesldapkeepaliveprobes": "string",
- "modulesldapkeepaliveinterval": "string",
- "modulesldapenabletlssupport": true,
- "modulesldapenablestarttls": true,
- "ssl_ca_cert1": "string",
- "ssl_server_cert1": "string",
- "modulesldaprequirecert": "string",
- "modulesldap2failover": "string",
- "modulesldap2enableauthorize": true,
- "modulesldap2enableauthenticate": true,
- "modulesldap2server": "string",
- "modulesldap2serverport": "string",
- "modulesldap2identity": "string",
- "modulesldap2password": "string",
- "modulesldap2basedn": "string",
- "modulesldap2filter": "string",
- "modulesldap2basefilter": "string",
- "modulesldap2ldapconnectionsnumber": "string",
- "modulesldap2timeout": "string",
- "modulesldap2timelimit": "string",
- "modulesldap2nettimeout": "string",
- "modulesldap2msadcompatibilityenable": "string",
- "modulesldap2dmiscenable": true,
- "modulesldap2defaultprofile": "string",
- "modulesldap2profileattribute": "string",
- "modulesldap2accessattr": "string",
- "modulesldap2groupenable": true,
- "modulesldap2groupnameattribute": "string",
- "modulesldap2groupmembershipfilter": "string",
- "modulesldap2groupmembershipattribute": "string",
- "modulesldap2comparecheckitems": "string",
- "modulesldap2doxlat": "string",
- "modulesldap2accessattrusedforallow": "string",
- "modulesldap2keepaliveidle": "string",
- "modulesldap2keepaliveprobes": "string",
- "modulesldap2keepaliveinterval": "string",
- "modulesldap2enabletlssupport": true,
- "modulesldap2enablestarttls": true,
- "ssl_ca_cert2": "string",
- "ssl_server_cert2": "string",
- "modulesldap2requirecert": "string",
- "ssl_ca_cert1_options": [
- {
- "value": "string",
- "text": "string"
}
], - "ssl_server_cert1_options": [
- {
- "value": "string",
- "text": "string"
}
], - "ssl_ca_cert2_options": [
- {
- "value": "string",
- "text": "string"
}
], - "ssl_server_cert2_options": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "modulesldapenableauthorize": true,
- "modulesldapenableauthenticate": true,
- "modulesldapserver": "string",
- "modulesldapserverport": "string",
- "modulesldapidentity": "string",
- "modulesldappassword": "string",
- "modulesldapbasedn": "string",
- "modulesldapfilter": "string",
- "modulesldapbasefilter": "string",
- "modulesldapldapconnectionsnumber": "string",
- "modulesldaptimeout": "string",
- "modulesldaptimelimit": "string",
- "modulesldapnettimeout": "string",
- "modulesldapmsadcompatibilityenable": "string",
- "modulesldapdmiscenable": true,
- "modulesldapdefaultprofile": "string",
- "modulesldapprofileattribute": "string",
- "modulesldapaccessattr": "string",
- "modulesldapgroupenable": true,
- "modulesldapgroupnameattribute": "string",
- "modulesldapgroupmembershipfilter": "string",
- "modulesldapgroupmembershipattribute": "string",
- "modulesldapcomparecheckitems": "string",
- "modulesldapdoxlat": "string",
- "modulesldapaccessattrusedforallow": "string",
- "modulesldapkeepaliveidle": "string",
- "modulesldapkeepaliveprobes": "string",
- "modulesldapkeepaliveinterval": "string",
- "modulesldapenabletlssupport": true,
- "modulesldapenablestarttls": true,
- "ssl_ca_cert1": "string",
- "ssl_server_cert1": "string",
- "modulesldaprequirecert": "string",
- "modulesldap2failover": "string",
- "modulesldap2enableauthorize": true,
- "modulesldap2enableauthenticate": true,
- "modulesldap2server": "string",
- "modulesldap2serverport": "string",
- "modulesldap2identity": "string",
- "modulesldap2password": "string",
- "modulesldap2basedn": "string",
- "modulesldap2filter": "string",
- "modulesldap2basefilter": "string",
- "modulesldap2ldapconnectionsnumber": "string",
- "modulesldap2timeout": "string",
- "modulesldap2timelimit": "string",
- "modulesldap2nettimeout": "string",
- "modulesldap2msadcompatibilityenable": "string",
- "modulesldap2dmiscenable": true,
- "modulesldap2defaultprofile": "string",
- "modulesldap2profileattribute": "string",
- "modulesldap2accessattr": "string",
- "modulesldap2groupenable": true,
- "modulesldap2groupnameattribute": "string",
- "modulesldap2groupmembershipfilter": "string",
- "modulesldap2groupmembershipattribute": "string",
- "modulesldap2comparecheckitems": "string",
- "modulesldap2doxlat": "string",
- "modulesldap2accessattrusedforallow": "string",
- "modulesldap2keepaliveidle": "string",
- "modulesldap2keepaliveprobes": "string",
- "modulesldap2keepaliveinterval": "string",
- "modulesldap2enabletlssupport": true,
- "modulesldap2enablestarttls": true,
- "ssl_ca_cert2": "string",
- "ssl_server_cert2": "string",
- "modulesldap2requirecert": "string",
- "ssl_ca_cert1_options": [
- {
- "value": "string",
- "text": "string"
}
], - "ssl_server_cert1_options": [
- {
- "value": "string",
- "text": "string"
}
], - "ssl_ca_cert2_options": [
- {
- "value": "string",
- "text": "string"
}
], - "ssl_server_cert2_options": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "macs": [
- {
- "macsaddress": "string",
- "macsswisprredirectionurl": "string",
- "macssimultaneousconnect": "string",
- "description": "string",
- "macsframedipaddress": "string",
- "macsframedipnetmask": "string",
- "macsframedroute": "string",
- "macsframedip6address": "string",
- "macsframedip6route": "string",
- "macsvlanid": "string",
- "macsexpiration": "string",
- "macssessiontimeout": "string",
- "macslogintime": "string",
- "macsamountoftime": "string",
- "macspointoftime": "string",
- "macsmaxtotaloctets": "string",
- "macsmaxtotaloctetstimerange": "string",
- "macsmaxbandwidthdown": "string",
- "macsmaxbandwidthup": "string",
- "macsacctinteriminterval": "string",
- "macstopadditionaloptions": "string",
- "macscheckitemsadditionaloptions": "string",
- "macsreplyitemsadditionaloptions": "string",
- "id": "string"
}
]
}| macsaddress | string (General Configuration) MAC Address Enter the MAC address. Leave empty if you want to use custom options instead of MAC address. Required format: 0a-1b-2c-4d-5f-fa or 0a:1b:2c:4d:5f:fa |
| macsswisprredirectionurl | string (Miscellaneous Configuration) Redirection URL Enter the URL the MAC should be redirected to after successful login. Example: http://www.google.com |
| macssimultaneousconnect | string (Miscellaneous Configuration) Number of Simultaneous Connections The maximum of simultaneous connections with this MAC address. Leave empty for no limit. If using FreeRADIUS with CaptivePortal you should leave this empty. Read the documentation! |
| description | string (Miscellaneous Configuration) Description Enter any description for this MAC address you like. |
| macsframedipaddress | string (IPv4 Network Configuration) IPv4 Address Framed-IP-Address must be supported by NAS. Click Info for details. IMPORTANT: You must enter an IPv4 address here if you checked "RADIUS issued IP" on PPPoE VPN configuration. |
| macsframedipnetmask | string (IPv4 Network Configuration) Subnet Mask Framed-IP-Netmask must be supported by NAS. Example: 255.255.255.0 |
| macsframedroute | string (IPv4 Network Configuration) IPv4 Gateway Framed-Route must be supported by NAS. Required format: Subnet Gateway Metric(s) (e.g. 192.168.10.0/24 192.168.10.1 1) |
| macsframedip6address | string (IPv6 Network Configuration) IPv6 Address When the IPv6 prefix part is empty it uses Framed-IPv6-Address. When the prefix part is filled in, it uses Framed-IPv6-Prefix. Example: 2001:db8:abab::5 or 2001:db8:abab::/64 |
| macsframedip6route | string (IPv6 Network Configuration) IPv6 Gateway Framed-IPv6-Route must be supported by NAS. Required format: Prefix Gateway Metric(s) (e.g. 2001:db8:0:16::/64 2001:db8::16:a0:20ff:fe99:a998 1) |
| macsvlanid | string (VLAN Configuration) VLAN ID Enter the VLAN ID (integer from 1-4095) or the VLAN name that this MAC address should be assigned to. Must be supported by the NAS. Click Info for details. This setting can be used for a NAS that supports the following RADIUS parameters:
|
| macsexpiration | string (Time Configuration) Expiration Date Enter the date when this account should expire. Required format: Mmm dd yyyy (e.g. Jan 01 2012) |
| macssessiontimeout | string (Time Configuration) Session Timeout Enter the time this MAC address has until relogin (in seconds). |
| macslogintime | string (Time Configuration) Possible Login Times Enter the time when this MAC address should have access. "Always" if no time is entered. Click Info for details. Each simple time string must begin with a day definition. That can be just one day, multiple days, or a range of days separated by a hyphen. A day is Mo, Tu, We, Th, Fr, Sa or Su, or Wk for Mo-Fr. Any or Al means all days. After that, a range of hours follows in hhmm-hhmm format. A time string may be a list of simple time strings separated by , Example: Wk0855-2305,Sa,Su2230-0230 - weekdays after 8:55 AM and before 11:05 PM | any time on Saturday | Sunday after 10:30 PM and before 02:30 AM. |
| macsamountoftime | string (Time Configuration) Amount of Time Enter the amount of time for this MAC address (in minutes). |
| macspointoftime | string (Time Configuration) Time Period (Daily, Weekly, Monthly, Forever) Select the time period after which the 'Amount of Time' is reset. |
| macsmaxtotaloctets | string (Traffic and Bandwidth) Amount of Download and Upload Traffic Enter the amount of download and upload traffic (summarized) in megabytes (MB) for this MAC. |
| macsmaxtotaloctetstimerange | string (Traffic and Bandwidth) Time Period (daily, weekly, monthly, forever) Select the time period for the amount of download and upload traffic. This does not automatically reset the counter. You need to setup a cronjob (with cron package) which will reset the counter. Read the documentation! |
| macsmaxbandwidthdown | string (Traffic and Bandwidth) Maximum Bandwidth Down Enter the maximum bandwidth for download in in kilobits per second (Kbps). |
| macsmaxbandwidthup | string (Traffic and Bandwidth) Maximum Bandwidth Up Enter the maximum bandwidth for upload in in kilobits per second (Kbps). |
| macsacctinteriminterval | string (Traffic and Bandwidth) Accounting Interim Interval Enter the interval in seconds which should elapse between interim-updates. It must be more than 60s and should not be less than 600s. (Default: 600) |
| macstopadditionaloptions | string (Advanced Configuration) Additional RADIUS Attributes on the TOP of this entry This is for experts only and should be treated with care! Click Info for details. You may append custom RADIUS options to this MAC address account. If required by syntax, you must use quotes and commas. Use a vertical bar | to put a command on a new line. Example: DEFAULT Auth-Type = System IMPORTANT: If you don't format this field correctly, FreeRADIUS will not start because of syntax errors. Verify your changes by checking the authorized_macs file (View config > macs). |
| macscheckitemsadditionaloptions | string (Advanced Configuration) Additional RADIUS Attributes (CHECK-ITEM) This is for experts only and should be treated with care! Click Info for details. You may append custom RADIUS options to this MAC address account. If required by syntax, you must use quotes and commas.. Use a vertical bar | to put a command on a new line. Example: Max-Daily-Session := 36000 IMPORTANT: If you don't format this field correctly, FreeRADIUS will not start because of syntax errors. Verify your changes by checking the authorized_macs file (View config > macs). |
| macsreplyitemsadditionaloptions | string (Advanced Configuration) Additional RADIUS Attributes (REPLY-ITEM) This is for experts only and should be treated with care! Click Info for details. You may append custom RADIUS options to this MAC address account. If required by syntax, you must use quotes and commas.. Use a vertical bar | to put a command on a new line. Example: Service-Type == Login-User,|Login-Service == Telnet,|Login-IP-Host == 192.168.1.2 IMPORTANT: If you don't format this field correctly, FreeRADIUS will not start because of syntax errors. Verify your changes by checking the authorized_macs file (View config > macs). |
| id | string (readonly) ID assigned to this entry |
{- "macsaddress": "string",
- "macsswisprredirectionurl": "string",
- "macssimultaneousconnect": "string",
- "description": "string",
- "macsframedipaddress": "string",
- "macsframedipnetmask": "string",
- "macsframedroute": "string",
- "macsframedip6address": "string",
- "macsframedip6route": "string",
- "macsvlanid": "string",
- "macsexpiration": "string",
- "macssessiontimeout": "string",
- "macslogintime": "string",
- "macsamountoftime": "string",
- "macspointoftime": "string",
- "macsmaxtotaloctets": "string",
- "macsmaxtotaloctetstimerange": "string",
- "macsmaxbandwidthdown": "string",
- "macsmaxbandwidthup": "string",
- "macsacctinteriminterval": "string",
- "macstopadditionaloptions": "string",
- "macscheckitemsadditionaloptions": "string",
- "macsreplyitemsadditionaloptions": "string",
- "id": "string"
}{- "macsaddress": "string",
- "macsswisprredirectionurl": "string",
- "macssimultaneousconnect": "string",
- "description": "string",
- "macsframedipaddress": "string",
- "macsframedipnetmask": "string",
- "macsframedroute": "string",
- "macsframedip6address": "string",
- "macsframedip6route": "string",
- "macsvlanid": "string",
- "macsexpiration": "string",
- "macssessiontimeout": "string",
- "macslogintime": "string",
- "macsamountoftime": "string",
- "macspointoftime": "string",
- "macsmaxtotaloctets": "string",
- "macsmaxtotaloctetstimerange": "string",
- "macsmaxbandwidthdown": "string",
- "macsmaxbandwidthup": "string",
- "macsacctinteriminterval": "string",
- "macstopadditionaloptions": "string",
- "macscheckitemsadditionaloptions": "string",
- "macsreplyitemsadditionaloptions": "string",
- "id": "string"
}| id required | string |
| macsaddress | string (General Configuration) MAC Address Enter the MAC address. Leave empty if you want to use custom options instead of MAC address. Required format: 0a-1b-2c-4d-5f-fa or 0a:1b:2c:4d:5f:fa |
| macsswisprredirectionurl | string (Miscellaneous Configuration) Redirection URL Enter the URL the MAC should be redirected to after successful login. Example: http://www.google.com |
| macssimultaneousconnect | string (Miscellaneous Configuration) Number of Simultaneous Connections The maximum of simultaneous connections with this MAC address. Leave empty for no limit. If using FreeRADIUS with CaptivePortal you should leave this empty. Read the documentation! |
| description | string (Miscellaneous Configuration) Description Enter any description for this MAC address you like. |
| macsframedipaddress | string (IPv4 Network Configuration) IPv4 Address Framed-IP-Address must be supported by NAS. Click Info for details. IMPORTANT: You must enter an IPv4 address here if you checked "RADIUS issued IP" on PPPoE VPN configuration. |
| macsframedipnetmask | string (IPv4 Network Configuration) Subnet Mask Framed-IP-Netmask must be supported by NAS. Example: 255.255.255.0 |
| macsframedroute | string (IPv4 Network Configuration) IPv4 Gateway Framed-Route must be supported by NAS. Required format: Subnet Gateway Metric(s) (e.g. 192.168.10.0/24 192.168.10.1 1) |
| macsframedip6address | string (IPv6 Network Configuration) IPv6 Address When the IPv6 prefix part is empty it uses Framed-IPv6-Address. When the prefix part is filled in, it uses Framed-IPv6-Prefix. Example: 2001:db8:abab::5 or 2001:db8:abab::/64 |
| macsframedip6route | string (IPv6 Network Configuration) IPv6 Gateway Framed-IPv6-Route must be supported by NAS. Required format: Prefix Gateway Metric(s) (e.g. 2001:db8:0:16::/64 2001:db8::16:a0:20ff:fe99:a998 1) |
| macsvlanid | string (VLAN Configuration) VLAN ID Enter the VLAN ID (integer from 1-4095) or the VLAN name that this MAC address should be assigned to. Must be supported by the NAS. Click Info for details. This setting can be used for a NAS that supports the following RADIUS parameters:
|
| macsexpiration | string (Time Configuration) Expiration Date Enter the date when this account should expire. Required format: Mmm dd yyyy (e.g. Jan 01 2012) |
| macssessiontimeout | string (Time Configuration) Session Timeout Enter the time this MAC address has until relogin (in seconds). |
| macslogintime | string (Time Configuration) Possible Login Times Enter the time when this MAC address should have access. "Always" if no time is entered. Click Info for details. Each simple time string must begin with a day definition. That can be just one day, multiple days, or a range of days separated by a hyphen. A day is Mo, Tu, We, Th, Fr, Sa or Su, or Wk for Mo-Fr. Any or Al means all days. After that, a range of hours follows in hhmm-hhmm format. A time string may be a list of simple time strings separated by , Example: Wk0855-2305,Sa,Su2230-0230 - weekdays after 8:55 AM and before 11:05 PM | any time on Saturday | Sunday after 10:30 PM and before 02:30 AM. |
| macsamountoftime | string (Time Configuration) Amount of Time Enter the amount of time for this MAC address (in minutes). |
| macspointoftime | string (Time Configuration) Time Period (Daily, Weekly, Monthly, Forever) Select the time period after which the 'Amount of Time' is reset. |
| macsmaxtotaloctets | string (Traffic and Bandwidth) Amount of Download and Upload Traffic Enter the amount of download and upload traffic (summarized) in megabytes (MB) for this MAC. |
| macsmaxtotaloctetstimerange | string (Traffic and Bandwidth) Time Period (daily, weekly, monthly, forever) Select the time period for the amount of download and upload traffic. This does not automatically reset the counter. You need to setup a cronjob (with cron package) which will reset the counter. Read the documentation! |
| macsmaxbandwidthdown | string (Traffic and Bandwidth) Maximum Bandwidth Down Enter the maximum bandwidth for download in in kilobits per second (Kbps). |
| macsmaxbandwidthup | string (Traffic and Bandwidth) Maximum Bandwidth Up Enter the maximum bandwidth for upload in in kilobits per second (Kbps). |
| macsacctinteriminterval | string (Traffic and Bandwidth) Accounting Interim Interval Enter the interval in seconds which should elapse between interim-updates. It must be more than 60s and should not be less than 600s. (Default: 600) |
| macstopadditionaloptions | string (Advanced Configuration) Additional RADIUS Attributes on the TOP of this entry This is for experts only and should be treated with care! Click Info for details. You may append custom RADIUS options to this MAC address account. If required by syntax, you must use quotes and commas. Use a vertical bar | to put a command on a new line. Example: DEFAULT Auth-Type = System IMPORTANT: If you don't format this field correctly, FreeRADIUS will not start because of syntax errors. Verify your changes by checking the authorized_macs file (View config > macs). |
| macscheckitemsadditionaloptions | string (Advanced Configuration) Additional RADIUS Attributes (CHECK-ITEM) This is for experts only and should be treated with care! Click Info for details. You may append custom RADIUS options to this MAC address account. If required by syntax, you must use quotes and commas.. Use a vertical bar | to put a command on a new line. Example: Max-Daily-Session := 36000 IMPORTANT: If you don't format this field correctly, FreeRADIUS will not start because of syntax errors. Verify your changes by checking the authorized_macs file (View config > macs). |
| macsreplyitemsadditionaloptions | string (Advanced Configuration) Additional RADIUS Attributes (REPLY-ITEM) This is for experts only and should be treated with care! Click Info for details. You may append custom RADIUS options to this MAC address account. If required by syntax, you must use quotes and commas.. Use a vertical bar | to put a command on a new line. Example: Service-Type == Login-User,|Login-Service == Telnet,|Login-IP-Host == 192.168.1.2 IMPORTANT: If you don't format this field correctly, FreeRADIUS will not start because of syntax errors. Verify your changes by checking the authorized_macs file (View config > macs). |
| id | string (readonly) ID assigned to this entry |
{- "macsaddress": "string",
- "macsswisprredirectionurl": "string",
- "macssimultaneousconnect": "string",
- "description": "string",
- "macsframedipaddress": "string",
- "macsframedipnetmask": "string",
- "macsframedroute": "string",
- "macsframedip6address": "string",
- "macsframedip6route": "string",
- "macsvlanid": "string",
- "macsexpiration": "string",
- "macssessiontimeout": "string",
- "macslogintime": "string",
- "macsamountoftime": "string",
- "macspointoftime": "string",
- "macsmaxtotaloctets": "string",
- "macsmaxtotaloctetstimerange": "string",
- "macsmaxbandwidthdown": "string",
- "macsmaxbandwidthup": "string",
- "macsacctinteriminterval": "string",
- "macstopadditionaloptions": "string",
- "macscheckitemsadditionaloptions": "string",
- "macsreplyitemsadditionaloptions": "string",
- "id": "string"
}{- "macsaddress": "string",
- "macsswisprredirectionurl": "string",
- "macssimultaneousconnect": "string",
- "description": "string",
- "macsframedipaddress": "string",
- "macsframedipnetmask": "string",
- "macsframedroute": "string",
- "macsframedip6address": "string",
- "macsframedip6route": "string",
- "macsvlanid": "string",
- "macsexpiration": "string",
- "macssessiontimeout": "string",
- "macslogintime": "string",
- "macsamountoftime": "string",
- "macspointoftime": "string",
- "macsmaxtotaloctets": "string",
- "macsmaxtotaloctetstimerange": "string",
- "macsmaxbandwidthdown": "string",
- "macsmaxbandwidthup": "string",
- "macsacctinteriminterval": "string",
- "macstopadditionaloptions": "string",
- "macscheckitemsadditionaloptions": "string",
- "macsreplyitemsadditionaloptions": "string",
- "id": "string"
}{- "settingsmaxrequests": "string",
- "settingsmaxrequesttime": "string",
- "settingscleanupdelay": "string",
- "settingsallowcoredumps": "string",
- "settingsregularexpressions": "string",
- "settingsextendedexpressions": "string",
- "keep_settings": true,
- "settingslogdir": "string",
- "settingsauth": "string",
- "settingsauthbadpass": "string",
- "settingsauthbadpassmessage": "string",
- "settingsauthgoodpass": "string",
- "settingsauthgoodpassmessage": "string",
- "settingsstrippednames": "string",
- "settingshostnamelookups": "string",
- "settingsmaxattributes": "string",
- "settingsrejectdelay": "string",
- "settingsstartservers": "string",
- "settingsmaxservers": "string",
- "settingsminspareservers": "string",
- "settingsmaxspareservers": "string",
- "settingsmaxqueuesize": "string",
- "settingsmaxrequestsperserver": "string",
- "settingsmotpenable": true,
- "settingsmotptimespan": "string",
- "settingsmotppasswordattempts": "string",
- "settingsmotpchecksumtype": "string",
- "settingsmotptokenlength": "string",
- "settingsenablemacauth": true,
- "settingsenableacctunique": true
}| settingsmaxrequests | string (General Configuration) Maximum Requests Tracked The maximum number of requests which the server keeps track of until 'Cleanup Delay' deletes them. If set too low, it will make FreeRADIUS server busy. A higher value is better (but means increased RAM usage). Useful range: (256 * < number of NAS >). Shouldn't be higher than (1000 * < number of NAS >). (Default: 1024) |
| settingsmaxrequesttime | string (General Configuration) Maximum Request Timeout The maximum time to handle a request (in seconds). (Default: 30) |
| settingscleanupdelay | string (General Configuration) Cleanup Delay The time to wait before cleaning up a reply which was sent to the NAS (in seconds). (Default: 5) |
| settingsallowcoredumps | string (General Configuration) Allow Core Dumps (no, yes) Only enable if you need to debug the RADIUS server! (Default: Disable) |
| settingsregularexpressions | string (General Configuration) Regular Expressions (no, yes) Allows to use regular expressions. (Default: Enable) |
| settingsextendedexpressions | string (General Configuration) Extended Expressions (no, yes) Allows to use extended expressions. (Default: Enable) |
| keep_settings | boolean (General Configuration) Save settings after deletion Important: If disabled, all settings will be wiped on package uninstall/reinstall/upgrade. If enabled, the settings will be preserved across package reinstalls. |
| settingslogdir | string (Logging Configuration) RADIUS Logging Destination (files, syslog) Choose the destination for FreeRADIUS logs. This will log general service information, but no authentication information. (Default: System Logs) |
| settingsauth | string (Logging Configuration) RADIUS Logging (no, yes) This enables logging of accepted or rejected authentication. (Default: Enable) |
| settingsauthbadpass | string (Logging Configuration) Log Password on Authentication Failure (no, yes) Log the password of failed authentication attempts to syslog. Not recommended for security reasons. 'RADIUS Logging' must be enabled. (Default: No) |
| settingsauthbadpassmessage | string (Logging Configuration) Additional Information for Bad Attempts You can add additional information to the syslog output if a user is rejected. Click Info for details. You can use variables for any attributes. %{User-Name} - Logs the username. %{reply:Acct-Output-Octets} - Logs the remaining output octets. |
| settingsauthgoodpass | string (Logging Configuration) Log Password on Authentication Success (no, yes) Log the password of successful authentication attempts to syslog. Not recommended for security reasons. 'RADIUS Logging' must be enabled. (Default: No) |
| settingsauthgoodpassmessage | string (Logging Configuration) Additional Information for Good Attempts You can add additional information to the syslog output if a user connects. Click Info for details. You can use variables for any attributes. %{User-Name} - Logs the username. %{reply:Acct-Output-Octets} - Logs the remaining output octets. |
| settingsstrippednames | string (Logging Configuration) Log Stripped Names (no, yes) Choose this if you want to log the full User-Name attribute as it was found in the request. 'RADIUS Logging' must be enabled. (Default: No) |
| settingshostnamelookups | string (Logging Configuration) NAS Hostname Lookup (no, yes) Log the names of NAS instead of IP addresses. Warning: Turning this on can result in lock-ups of the RADIUS server. (Default: Disable) |
| settingsmaxattributes | string (Security Configuration) Maximum Number of Attributes The maximum number of attributes permitted in a RADIUS packet. Packets which have more than this number of attributes in them will be dropped. (Default: 200) |
| settingsrejectdelay | string (Security Configuration) Access-Reject Delay When sending an Access-Reject it can be delayed for a few seconds. This may help to slow down a DoS attack. It also helps to slow down people trying to brute-force crack a user's password. To send Access-Reject immediately, set to '0'. (Default: 1) |
| settingsstartservers | string (Thread Pool Configuration) Number of Threads After Start The thread pool is a long-lived group of threads which take turns (round-robin) handling any incoming requests. (Default: 5) |
| settingsmaxservers | string (Thread Pool Configuration) Maximum Number of Threads If this limit is ever reached, clients will be locked out; it should not be set too low. (Default: 32) |
| settingsminspareservers | string (Thread Pool Configuration) Minimum Spare Servers This dynamically adjusts the 'Number of Threads After Start'. If the RADIUS server has to handle many requests and less than 'Minimum Spare Servers' are left, the RADIUS server will increase the number of running threads. (Default: 3) |
| settingsmaxspareservers | string (Thread Pool Configuration) Maximum Spare Servers This dynamically adjusts the 'Number of Threads After Start'. If the RADIUS server has to handle few requests and more than 'Maximum Spare Servers' are left, the RADIUS server will decrease the number of running threads. (Default: 10) |
| settingsmaxqueuesize | string (Thread Pool Configuration) Server Packet Queue Size This is the queue size where the server stores packets before processing them. (Default: 65536) |
| settingsmaxrequestsperserver | string (Thread Pool Configuration) Maximum Requests Per Server You should only change this if you encounter memory leaks while running RADIUS. (Default: 0) |
| settingsmotpenable | boolean (Mobile-One-Time-Password Configuration) Mobile-One-Time-Password This enables the possibility to authenticate with username and one-time-password. The client used to generate OTP can be installed on various mobile device platforms like Android, iOS and others. (Default: Disabled) Enable Mobile-One-Time-Password Support |
| settingsmotptimespan | string (Mobile-One-Time-Password Configuration) OTP Lifetime The resulting lifetime (in seconds) is the value entered here multiplied by 10 (i.e., 1 ~ 10s, 2 ~ 20s, 3 ~30s). Values higher than 12 are not allowed for security reasons. (Default: 2) |
| settingsmotppasswordattempts | string (Mobile-One-Time-Password Configuration) Number of Invalid Password Attempts After this many failed attempts, the user will be locked out until an admin unlocks the user. Values higher than 20 are not allowed for security reasons. (Default: 5) |
| settingsmotpchecksumtype | string (Mobile-One-Time-Password Configuration) Hash Algorithm (md5, sha1, sha256) We build a hash of EPOCHTIME+INIT-SECRET+PIN and then use the digits as password. If some other (hardware) tokens use other hash types, you can adjust the calculation here. Note: This must be equal on both sides!(Default: md5) |
| settingsmotptokenlength | string (Mobile-One-Time-Password Configuration) Token Password Length We build a hash of EPOCHTIME+INIT-SECRET+PIN and then use the first 6 digits as password. If some other (hardware) tokens use other digits, you can adjust the used digits here. Note: This must be equal on both sides! (Default: 1-6) |
| settingsenablemacauth | boolean (Miscellaneous Configuration) Plain MAC Auth The Calling-Station-Id in an Access-Request is first checked against the authorized_macs list, before all other authorization methods. If the NAS is not able to convert the MAC address to the 802.1X format, this field can be enabled. Leave this disabled (unchecked) unless absolutely necessary. (Default: Disabled) Enable Plain MAC Authentication |
| settingsenableacctunique | boolean (Miscellaneous Configuration) Disable Acct_Unique If you encounter problems with some counters when using 'Amount of Download/Upload/Time', you can check this to disable the module. (Default: Enabled) Disable the "rlm_acct_unique" module in FreeRADIUS "preacct" section. |
{- "settingsmaxrequests": "string",
- "settingsmaxrequesttime": "string",
- "settingscleanupdelay": "string",
- "settingsallowcoredumps": "string",
- "settingsregularexpressions": "string",
- "settingsextendedexpressions": "string",
- "keep_settings": true,
- "settingslogdir": "string",
- "settingsauth": "string",
- "settingsauthbadpass": "string",
- "settingsauthbadpassmessage": "string",
- "settingsauthgoodpass": "string",
- "settingsauthgoodpassmessage": "string",
- "settingsstrippednames": "string",
- "settingshostnamelookups": "string",
- "settingsmaxattributes": "string",
- "settingsrejectdelay": "string",
- "settingsstartservers": "string",
- "settingsmaxservers": "string",
- "settingsminspareservers": "string",
- "settingsmaxspareservers": "string",
- "settingsmaxqueuesize": "string",
- "settingsmaxrequestsperserver": "string",
- "settingsmotpenable": true,
- "settingsmotptimespan": "string",
- "settingsmotppasswordattempts": "string",
- "settingsmotpchecksumtype": "string",
- "settingsmotptokenlength": "string",
- "settingsenablemacauth": true,
- "settingsenableacctunique": true
}{- "settingsmaxrequests": "string",
- "settingsmaxrequesttime": "string",
- "settingscleanupdelay": "string",
- "settingsallowcoredumps": "string",
- "settingsregularexpressions": "string",
- "settingsextendedexpressions": "string",
- "keep_settings": true,
- "settingslogdir": "string",
- "settingsauth": "string",
- "settingsauthbadpass": "string",
- "settingsauthbadpassmessage": "string",
- "settingsauthgoodpass": "string",
- "settingsauthgoodpassmessage": "string",
- "settingsstrippednames": "string",
- "settingshostnamelookups": "string",
- "settingsmaxattributes": "string",
- "settingsrejectdelay": "string",
- "settingsstartservers": "string",
- "settingsmaxservers": "string",
- "settingsminspareservers": "string",
- "settingsmaxspareservers": "string",
- "settingsmaxqueuesize": "string",
- "settingsmaxrequestsperserver": "string",
- "settingsmotpenable": true,
- "settingsmotptimespan": "string",
- "settingsmotppasswordattempts": "string",
- "settingsmotpchecksumtype": "string",
- "settingsmotptokenlength": "string",
- "settingsenablemacauth": true,
- "settingsenableacctunique": true
}{- "sqlconfincludeenable": true,
- "sqlconfenableauthorize": "string",
- "sqlconfenableaccounting": "string",
- "sqlconfenablesession": "string",
- "sqlconfenablepostauth": "string",
- "sqlconfdatabase": "string",
- "sqlconfserver": "string",
- "sqlconfport": "string",
- "sqlconflogin": "string",
- "sqlconfpassword": "string",
- "sqlconfradiusdb": "string",
- "sqlconfaccttable1": "string",
- "sqlconfaccttable2": "string",
- "sqlconfpostauthtable": "string",
- "sqlconfauthchecktable": "string",
- "sqlconfauthreplytable": "string",
- "sqlconfgroupchecktable": "string",
- "sqlconfgroupreplytable": "string",
- "sqlconfusergrouptable": "string",
- "sqlconfreadgroups": "string",
- "sqlconfdeletestalesessions": "string",
- "sqlconfsqltrace": "string",
- "sqlconfnumsqlsocks": "string",
- "sqlconfconnectfailureretrydelay": "string",
- "sqlconflifetime": "string",
- "sqlconfmaxqueries": "string",
- "sqlconfreadclients": "string",
- "sqlconfnastable": "string",
- "sqlconf2failover": "string",
- "sqlconf2includeenable": true,
- "sqlconf2enableauthorize": "string",
- "sqlconf2enableaccounting": "string",
- "sqlconf2enablesession": "string",
- "sqlconf2enablepostauth": "string",
- "sqlconf2database": "string",
- "sqlconf2server": "string",
- "sqlconf2port": "string",
- "sqlconf2login": "string",
- "sqlconf2password": "string",
- "sqlconf2radiusdb": "string",
- "sqlconf2accttable1": "string",
- "sqlconf2accttable2": "string",
- "sqlconf2postauthtable": "string",
- "sqlconf2authchecktable": "string",
- "sqlconf2authreplytable": "string",
- "sqlconf2groupchecktable": "string",
- "sqlconf2groupreplytable": "string",
- "sqlconf2usergrouptable": "string",
- "sqlconf2readgroups": "string",
- "sqlconf2deletestalesessions": "string",
- "sqlconf2sqltrace": "string",
- "sqlconf2numsqlsocks": "string",
- "sqlconf2connectfailureretrydelay": "string",
- "sqlconf2lifetime": "string",
- "sqlconf2maxqueries": "string",
- "sqlconf2readclients": "string",
- "sqlconf2nastable": "string"
}| sqlconfincludeenable | boolean (Enable SQL Database - Server 1) SQL Support Enable this to allow connections from FreeRADIUS to a SQL database. At least one of the following options must be enabled: Authorization, Accounting, Session, Post-Auth. (Default: Disabled) Enable SQL Support |
| sqlconfenableauthorize | string (Enable SQL Database - Server 1) Enable SQL Authorization (Disable, Enable) Enable this if usernames and passwords are stored on a SQL database. SQL support must be enabled for this to work. (Default: Disable) |
| sqlconfenableaccounting | string (Enable SQL Database - Server 1) Enable SQL Accounting (Disable, Enable) Enable this if accounting packets should be logged to a SQL database. SQL support must be enabled for this to work. (Default: Disable) |
| sqlconfenablesession | string (Enable SQL Database - Server 1) Enable SQL Session (Disable, Enable) Enable this to use the "rlm_sql" module (fast) to check for simultaneous connections instead of "radutmp" (slow). SQL support must be enabled for this to work. (Default: Disable) |
| sqlconfenablepostauth | string (Enable SQL Database - Server 1) Enable SQL Post-Auth (Disable, Enable) Enable this if you like to store post-authentication data on a SQL database. SQL support must be enabled for this to work. (Default: Disable) |
| sqlconfdatabase | string (SQL Database Configuration - Server 1) Database Type (mysql, postgresql) Choose the database type. (Default: MySQL) |
| sqlconfserver | string (SQL Database Configuration - Server 1) Server Address Database server FQDN or IP address. (Default: localhost) |
| sqlconfport | string (SQL Database Configuration - Server 1) Server Port Enter the port of the database server. (Default: 3306) |
| sqlconflogin | string (SQL Database Configuration - Server 1) Database Username Enter the username for the database server. (Default: radius) |
| sqlconfpassword | string (SQL Database Configuration - Server 1) Database Password Enter the password for the database server user. (Default: radpass) |
| sqlconfradiusdb | string (SQL Database Configuration - Server 1) Database Table Configuration Choose database table configuration. Click Info for details. (Default: radius)
(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=localhost)(PORT=1521))(CONNECT_DATA=(SID=your_sid))) |
| sqlconfaccttable1 | string (SQL Database Configuration - Server 1) Accounting Table 1 (Start) This is the accounting "Start" table. Choose the same name for both if you want to log "Start" and "Stop" to the same table. (Default: radacct) |
| sqlconfaccttable2 | string (SQL Database Configuration - Server 1) Accounting Table 2 (Stop) This is the accounting "Stop" table. Choose the same name for both if you want to log "Start" and "Stop" to the same table. (Default: radacct) |
| sqlconfpostauthtable | string (SQL Database Configuration - Server 1) Post Auth Table Choose Post Auth Table. (Default: radpostauth) |
| sqlconfauthchecktable | string (SQL Database Configuration - Server 1) Auth Check Table Choose Auth Check Table. (Default: radcheck) |
| sqlconfauthreplytable | string (SQL Database Configuration - Server 1) Auth Reply Table Choose Auth Reply Table. (Default: radreply) |
| sqlconfgroupchecktable | string (SQL Database Configuration - Server 1) Group Check Table Choose Group Check Table. (Default: radgroupcheck) |
| sqlconfgroupreplytable | string (SQL Database Configuration - Server 1) Group Reply Table Choose Group Reply Table. (Default: radgroupreply) |
| sqlconfusergrouptable | string (SQL Database Configuration - Server 1) User Group Table Choose User Group Table. (Default: radusergroup) |
| sqlconfreadgroups | string (SQL Database Configuration - Server 1) Read the Group Tables (yes, no) If set to 'Yes', the group tables will be read. If set to 'No', the user must have Fall-Through = Yes in the radreply table. (Default: Yes) |
| sqlconfdeletestalesessions | string (SQL Database Configuration - Server 1) Delete Stale Sessions (yes, no) Remove stale session if checkrad does not see a double login. (Default: Yes) |
| sqlconfsqltrace | string (SQL Database Configuration - Server 1) Print all SQL Statements (yes, no) Print all SQL statements when in debug mode. (Default: No) |
| sqlconfnumsqlsocks | string (SQL Database Configuration - Server 1) Number of SQL Connections Number of SQL connections to make to the server. (Default: 5) |
| sqlconfconnectfailureretrydelay | string (SQL Database Configuration - Server 1) Failed Database Connection Delay Number of seconds before a retry after a failed database connection. (Default: 60) |
| sqlconflifetime | string (SQL Database Configuration - Server 1) SQL Socket Lifetime If you have network issues, such as TCP sessions expiring, you may need to set the socket lifetime. If set to non-zero, any open connections will be closed X seconds after they were first opened. (Default: 0) |
| sqlconfmaxqueries | string (SQL Database Configuration - Server 1) SQL Socket Maximum Queries If you have issues with SQL sockets lasting too long, you can limit the number of queries performed over one socket. After set number of queries, the socket will be closed. Use 0 for no limit. (Default: 0) |
| sqlconfreadclients | string (SQL Database Configuration - Server 1) Read Clients from Database (yes, no) Set to 'Yes' to read RADIUS clients from the database 'nas' table. Clients will only be read on server startup. (Default: Yes) |
| sqlconfnastable | string (SQL Database Configuration - Server 1) RADIUS Client Table Choose the table to keep RADIUS client info. (Default: nas) |
| sqlconf2failover | string (Enable Redundant SQL Database Support) Choose Failover/Load Balancing Mode (redundant, load-balance, redundant-load-balance) Choose the interaction of the two SQL databases. Click Info for details. (Default: Redundant)
|
| sqlconf2includeenable | boolean (Enable SQL Database - Server 2) SQL Support Enable this to allow connections from FreeRADIUS to a SQL database. At least one of the following options must be enabled: Authorization, Accounting, Session, Post-Auth. (Default: Disabled) Enable SQL Support (Default: unchecked) |
| sqlconf2enableauthorize | string (Enable SQL Database - Server 2) Enable SQL Authorization (Disable, Enable) Enable this if usernames and passwords are stored on a SQL database. SQL support must be enabled for this to work. (Default: Disable) |
| sqlconf2enableaccounting | string (Enable SQL Database - Server 2) Enable SQL Accounting (Disable, Enable) Enable this if accounting packets should be logged to a SQL database. SQL support must be enabled for this to work. (Default: Disable) |
| sqlconf2enablesession | string (Enable SQL Database - Server 2) Enable SQL Session (Disable, Enable) Enable this to use the "rlm_sql" module (fast) to check for simultaneous connections instead of "radutmp" (slow). SQL support must be enabled for this to work. (Default: Disable) |
| sqlconf2enablepostauth | string (Enable SQL Database - Server 2) Enable SQL Post-Auth (Disable, Enable) Enable this if you like to store post-authentication data on a SQL database. SQL support must be enabled for this to work. (Default: Disable) |
| sqlconf2database | string (SQL Database Configuration - Server 2) Database Type (mysql, postgresql) Choose the database type. (Default: MySQL) |
| sqlconf2server | string (SQL Database Configuration - Server 2) Server Address Database server FQDN or IP address. (Default: localhost) |
| sqlconf2port | string (SQL Database Configuration - Server 2) Server Port Enter the port of the database server. (Default: 3306) |
| sqlconf2login | string (SQL Database Configuration - Server 2) Database Username Enter the username for the database server. (Default: radius) |
| sqlconf2password | string (SQL Database Configuration - Server 2) Database Password Enter the password for the database server user. (Default: radpass) |
| sqlconf2radiusdb | string (SQL Database Configuration - Server 2) Database Table Configuration Choose database table configuration. Click Info for details. (Default: radius)
(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=localhost)(PORT=1521))(CONNECT_DATA=(SID=your_sid))) |
| sqlconf2accttable1 | string (SQL Database Configuration - Server 2) Accounting Table 1 (Start) This is the accounting "Start" table. Choose the same name for both if you want to log "Start" and "Stop" to the same table. (Default: radacct) |
| sqlconf2accttable2 | string (SQL Database Configuration - Server 2) Accounting Table 2 (Stop) This is the accounting "Stop" table. Choose the same name for both if you want to log "Start" and "Stop" to the same table. (Default: radacct) |
| sqlconf2postauthtable | string (SQL Database Configuration - Server 2) Post Auth Table Choose Post Auth Table. (Default: radpostauth) |
| sqlconf2authchecktable | string (SQL Database Configuration - Server 2) Auth Check Table Choose Auth Check Table. (Default: radcheck) |
| sqlconf2authreplytable | string (SQL Database Configuration - Server 2) Auth Reply Table Choose Auth Reply Table. (Default: radreply) |
| sqlconf2groupchecktable | string (SQL Database Configuration - Server 2) Group Check Table Choose Group Check Table. (Default: radgroupcheck) |
| sqlconf2groupreplytable | string (SQL Database Configuration - Server 2) Group Reply Table Choose Group Reply Table. (Default: radgroupreply) |
| sqlconf2usergrouptable | string (SQL Database Configuration - Server 2) User Group Table Choose User Group Table. (Default: radusergroup) |
| sqlconf2readgroups | string (SQL Database Configuration - Server 2) Read the Group Tables (yes, no) If set to 'Yes', the group tables will be read. If set to 'No', the user must have Fall-Through = Yes in the radreply table. (Default: Yes) |
| sqlconf2deletestalesessions | string (SQL Database Configuration - Server 2) Delete Stale Sessions (yes, no) Remove stale session if checkrad does not see a double login. (Default: Yes) |
| sqlconf2sqltrace | string (SQL Database Configuration - Server 2) Print all SQL Statements (yes, no) Print all SQL statements when in debug mode. (Default: No) |
| sqlconf2numsqlsocks | string (SQL Database Configuration - Server 2) Number of SQL Connections Number of SQL connections to make to the server. (Default: 5) |
| sqlconf2connectfailureretrydelay | string (SQL Database Configuration - Server 2) Failed Database Connection Delay Number of seconds before a retry after a failed database connection. (Default: 60) |
| sqlconf2lifetime | string (SQL Database Configuration - Server 2) SQL Socket Lifetime If you have network issues, such as TCP sessions expiring, you may need to set the socket lifetime. If set to non-zero, any open connections will be closed X seconds after they were first opened. (Default: 0) |
| sqlconf2maxqueries | string (SQL Database Configuration - Server 2) SQL Socket Maximum Queries If you have issues with SQL sockets lasting too long, you can limit the number of queries performed over one socket. After set number of queries, the socket will be closed. Use 0 for no limit. (Default: 0) |
| sqlconf2readclients | string (SQL Database Configuration - Server 2) Read Clients from Database (yes, no) Set to 'Yes' to read RADIUS clients from the database 'nas' table. Clients will only be read on server startup. (Default: Yes) |
| sqlconf2nastable | string (SQL Database Configuration - Server 2) RADIUS Client Table Choose the table to keep RADIUS client info. (Default: nas) |
{- "sqlconfincludeenable": true,
- "sqlconfenableauthorize": "string",
- "sqlconfenableaccounting": "string",
- "sqlconfenablesession": "string",
- "sqlconfenablepostauth": "string",
- "sqlconfdatabase": "string",
- "sqlconfserver": "string",
- "sqlconfport": "string",
- "sqlconflogin": "string",
- "sqlconfpassword": "string",
- "sqlconfradiusdb": "string",
- "sqlconfaccttable1": "string",
- "sqlconfaccttable2": "string",
- "sqlconfpostauthtable": "string",
- "sqlconfauthchecktable": "string",
- "sqlconfauthreplytable": "string",
- "sqlconfgroupchecktable": "string",
- "sqlconfgroupreplytable": "string",
- "sqlconfusergrouptable": "string",
- "sqlconfreadgroups": "string",
- "sqlconfdeletestalesessions": "string",
- "sqlconfsqltrace": "string",
- "sqlconfnumsqlsocks": "string",
- "sqlconfconnectfailureretrydelay": "string",
- "sqlconflifetime": "string",
- "sqlconfmaxqueries": "string",
- "sqlconfreadclients": "string",
- "sqlconfnastable": "string",
- "sqlconf2failover": "string",
- "sqlconf2includeenable": true,
- "sqlconf2enableauthorize": "string",
- "sqlconf2enableaccounting": "string",
- "sqlconf2enablesession": "string",
- "sqlconf2enablepostauth": "string",
- "sqlconf2database": "string",
- "sqlconf2server": "string",
- "sqlconf2port": "string",
- "sqlconf2login": "string",
- "sqlconf2password": "string",
- "sqlconf2radiusdb": "string",
- "sqlconf2accttable1": "string",
- "sqlconf2accttable2": "string",
- "sqlconf2postauthtable": "string",
- "sqlconf2authchecktable": "string",
- "sqlconf2authreplytable": "string",
- "sqlconf2groupchecktable": "string",
- "sqlconf2groupreplytable": "string",
- "sqlconf2usergrouptable": "string",
- "sqlconf2readgroups": "string",
- "sqlconf2deletestalesessions": "string",
- "sqlconf2sqltrace": "string",
- "sqlconf2numsqlsocks": "string",
- "sqlconf2connectfailureretrydelay": "string",
- "sqlconf2lifetime": "string",
- "sqlconf2maxqueries": "string",
- "sqlconf2readclients": "string",
- "sqlconf2nastable": "string"
}{- "sqlconfincludeenable": true,
- "sqlconfenableauthorize": "string",
- "sqlconfenableaccounting": "string",
- "sqlconfenablesession": "string",
- "sqlconfenablepostauth": "string",
- "sqlconfdatabase": "string",
- "sqlconfserver": "string",
- "sqlconfport": "string",
- "sqlconflogin": "string",
- "sqlconfpassword": "string",
- "sqlconfradiusdb": "string",
- "sqlconfaccttable1": "string",
- "sqlconfaccttable2": "string",
- "sqlconfpostauthtable": "string",
- "sqlconfauthchecktable": "string",
- "sqlconfauthreplytable": "string",
- "sqlconfgroupchecktable": "string",
- "sqlconfgroupreplytable": "string",
- "sqlconfusergrouptable": "string",
- "sqlconfreadgroups": "string",
- "sqlconfdeletestalesessions": "string",
- "sqlconfsqltrace": "string",
- "sqlconfnumsqlsocks": "string",
- "sqlconfconnectfailureretrydelay": "string",
- "sqlconflifetime": "string",
- "sqlconfmaxqueries": "string",
- "sqlconfreadclients": "string",
- "sqlconfnastable": "string",
- "sqlconf2failover": "string",
- "sqlconf2includeenable": true,
- "sqlconf2enableauthorize": "string",
- "sqlconf2enableaccounting": "string",
- "sqlconf2enablesession": "string",
- "sqlconf2enablepostauth": "string",
- "sqlconf2database": "string",
- "sqlconf2server": "string",
- "sqlconf2port": "string",
- "sqlconf2login": "string",
- "sqlconf2password": "string",
- "sqlconf2radiusdb": "string",
- "sqlconf2accttable1": "string",
- "sqlconf2accttable2": "string",
- "sqlconf2postauthtable": "string",
- "sqlconf2authchecktable": "string",
- "sqlconf2authreplytable": "string",
- "sqlconf2groupchecktable": "string",
- "sqlconf2groupreplytable": "string",
- "sqlconf2usergrouptable": "string",
- "sqlconf2readgroups": "string",
- "sqlconf2deletestalesessions": "string",
- "sqlconf2sqltrace": "string",
- "sqlconf2numsqlsocks": "string",
- "sqlconf2connectfailureretrydelay": "string",
- "sqlconf2lifetime": "string",
- "sqlconf2maxqueries": "string",
- "sqlconf2readclients": "string",
- "sqlconf2nastable": "string"
}{- "syncenablexmlrpc": "string",
- "synctimeout": "string",
- "row": [
- {
- "syncdestinenable": "string",
- "syncprotocol": "string",
- "syncipaddress": "string",
- "syncport": "string",
- "syncusername": "string",
- "syncpassword": "string"
}
]
}| syncenablexmlrpc | string (FreeRADIUS XMLRPC Sync) Enable Sync (auto, manual, disabled) Select a sync method for FreeRADIUS. Important: While using "Sync to host(s) defined below", only sync from host A to B, A to C but do not enable XMLRPC sync to A. This will result in a loop! |
| synctimeout | string (FreeRADIUS XMLRPC Sync) XMLRPC timeout Timeout in seconds for the XMLRPC timeout. Default: 150 |
Array of objects (FreeradiussyncRow) |
{- "syncenablexmlrpc": "string",
- "synctimeout": "string",
- "row": [
- {
- "syncdestinenable": "string",
- "syncprotocol": "string",
- "syncipaddress": "string",
- "syncport": "string",
- "syncusername": "string",
- "syncpassword": "string"
}
]
}{- "syncenablexmlrpc": "string",
- "synctimeout": "string",
- "row": [
- {
- "syncdestinenable": "string",
- "syncprotocol": "string",
- "syncipaddress": "string",
- "syncport": "string",
- "syncusername": "string",
- "syncpassword": "string"
}
]
}{- "users": [
- {
- "usersusername": "string",
- "userspassword": "string",
- "userspasswordencryption": "string",
- "usersmotpenable": true,
- "usersauthmethod": "string",
- "usersmotpinitsecret": "string",
- "usersmotppin": "string",
- "usersmotpoffset": "string",
- "userswisprredirectionurl": "string",
- "userssimultaneousconnect": "string",
- "description": "string",
- "usersframedipaddress": "string",
- "usersframedipnetmask": "string",
- "usersframedroute": "string",
- "usersframedip6address": "string",
- "usersframedip6route": "string",
- "usersvlanid": "string",
- "usersexpiration": "string",
- "userssessiontimeout": "string",
- "userslogintime": "string",
- "usersamountoftime": "string",
- "userspointoftime": "string",
- "usersmaxtotaloctets": "string",
- "usersmaxtotaloctetstimerange": "string",
- "usersmaxbandwidthdown": "string",
- "usersmaxbandwidthup": "string",
- "usersacctinteriminterval": "string",
- "userstopadditionaloptions": "string",
- "userscheckitemsadditionaloptions": "string",
- "usersreplyitemsadditionaloptions": "string",
- "id": "string"
}
]
}| usersusername | string (General Configuration) Username Enter the username. Whitespace is allowed. Note: May only contain a-z, A-Z, 0-9, underscore, period and hyphen when using OTP. |
| userspassword | string (General Configuration) Password Enter the password for this username. Leave empty if you want to use custom options (such as OTP) instead of username/password. |
| userspasswordencryption | string (General Configuration) Password Encryption (Cleartext-Password, MD5-Password, MD5-Password-hashed, NT-Password-hashed) Select the password encryption for this user. If the (pre-hashed) options are used, the password should already be hashed by the expected hash function. Note that not all authentication protocols are compatible with all types of hashed passwords. Default: Cleartext-Password |
| usersmotpenable | boolean (One-Time Password Configuration) One-Time Password This enables the possibility to authenticate with username and one-time-password. The client used to generate OTP can be installed on various mobile device platforms like Android, iOS and others. (Default: unchecked) IMPORTANT: For MOTP, mOTP must be enabled at FreeRADIUS > Settings. The RADIUS NAS / Client must use PAP, otherwise the authenticator script cannot use the authentication data. Enable One-Time Password (OTP) for this user |
| usersauthmethod | string (One-Time Password Configuration) OTP Auth Method (motp, googleauth) Select the OTP authentication method for this user. Default: mOTP |
| usersmotpinitsecret | string (One-Time Password Configuration) Init-Secret This is the generated init secret you get when you initialize the token for the first time on a client (mobile device). Note: For mOTP this may only contain 0-9 and a-f. For Google Authenticator, it must be A-Z and 2-7. Must contain at least 16 characters. |
| usersmotppin | string (One-Time Password Configuration) PIN This is the PIN the user has to enter on his mobile device to generate a one-time-password. For Google Authenticator, the user must prepend this PIN to the one-time password generated by the authenticator when logging in (e.g. OTP code "990990", user enters "1234990990" as the password). May only contain a PIN consisting of 4-8 digits. Normally 4 digits are used. |
| usersmotpoffset | string (One-Time Password Configuration) Time Offset If the client is not in the correct time zone or is not changing time zone automatically, you have to calculate the offset and enter it here. (Default: 0). Click Info for details. To calculate the time offset, do the following:
|
| userswisprredirectionurl | string (Miscellaneous Configuration) Redirection URL Enter the URL the user should be redirected to after successful login. Example: http://www.google.com |
| userssimultaneousconnect | string (Miscellaneous Configuration) Number of Simultaneous Connections The maximum of simultaneous connections with this username. Leave empty for no limit. If using FreeRADIUS with Captive Portal you should leave this empty. Read the documentation! |
| description | string (Miscellaneous Configuration) Description Enter any description for this user you like. |
| usersframedipaddress | string (IPv4 Network Configuration) IPv4 Address Framed-IP-Address must be supported by NAS. Click Info for details. IMPORTANT: You must enter an IPv4 address here if you checked "RADIUS issued IP" on PPPoE VPN configuration. |
| usersframedipnetmask | string (IPv4 Network Configuration) Subnet Mask Framed-IP-Netmask must be supported by NAS. Example: 255.255.255.0 |
| usersframedroute | string (IPv4 Network Configuration) IPv4 Gateway Framed-Route must be supported by NAS. Required format: Subnet Gateway Metric(s) (e.g. 192.168.10.0/24 192.168.10.1 1) |
| usersframedip6address | string (IPv6 Network Configuration) IPv6 Address When the IPv6 prefix part is empty it uses Framed-IPv6-Address. When the prefix part is filled in, it uses Framed-IPv6-Prefix. Example: 2001:db8:abab::5 or 2001:db8:abab::/64 |
| usersframedip6route | string (IPv6 Network Configuration) IPv6 Gateway Framed-IPv6-Route must be supported by NAS. Required format: Prefix Gateway Metric(s) (e.g. 2001:db8:0:16::/64 2001:db8::16:a0:20ff:fe99:a998 1) |
| usersvlanid | string (VLAN Configuration) VLAN ID Enter the VLAN ID (integer from 1-4095) or the VLAN name that this username should be assigned to. Must be supported by the NAS. Click Info for details. This setting can be used for a NAS that supports the following RADIUS parameters:
|
| usersexpiration | string (Time Configuration) Expiration Date Enter the date when this account should expire. Required format: Mmm dd yyyy (e.g. Jan 01 2012) |
| userssessiontimeout | string (Time Configuration) Session Timeout Enter the time this user has until relogin (in seconds). |
| userslogintime | string (Time Configuration) Possible Login Times Enter the time when this user should have access. "Always" if no time is entered. Click Info for details. Each simple time string must begin with a day definition. That can be just one day, multiple days, or a range of days separated by a hyphen. A day is Mo, Tu, We, Th, Fr, Sa or Su, or Wk for Mo-Fr. Any or Al means all days. After that, a range of hours follows in hhmm-hhmm format. A time string may be a list of simple time strings separated by , Example: Wk0855-2305,Sa,Su2230-0230 - weekdays after 8:55 AM and before 11:05 PM | any time on Saturday | Sunday after 10:30 PM and before 02:30 AM. |
| usersamountoftime | string (Time Configuration) Amount of Time Enter the amount of time for this username (in minutes). |
| userspointoftime | string (Time Configuration) Time Period (Daily, Weekly, Monthly, Forever) Select the time period after which the 'Amount of Time' is reset. |
| usersmaxtotaloctets | string (Traffic and Bandwidth) Amount of Download and Upload Traffic Enter the amount of download and upload traffic (summarized) in megabytes (MB) for this user. IMPORTANT: If using captive portal without periodic reauthentication enabled, this value must not exceed 4095 due to protocol limitations communicating this value to the captive portal via the 32 bit unsigned pfSense-Max-Total-Octets attribute. |
| usersmaxtotaloctetstimerange | string (Traffic and Bandwidth) Time Period (daily, weekly, monthly, forever) Select the time period for the amount of download and upload traffic. This does not automatically reset the counter. You need to setup a cronjob (with cron package) which will reset the counter. Read the documentation! |
| usersmaxbandwidthdown | string (Traffic and Bandwidth) Maximum Bandwidth Down Enter the maximum bandwidth for download in kilobits (1000 bits) per second (Kbit/s). |
| usersmaxbandwidthup | string (Traffic and Bandwidth) Maximum Bandwidth Up Enter the maximum bandwidth for upload in kilobits (1000 bits) per second (Kbit/s). |
| usersacctinteriminterval | string (Traffic and Bandwidth) Accounting Interim Interval Enter the interval in seconds which should elapse between interim-updates. It must be more than 60s and should not be less than 600s. (Default: 600) |
| userstopadditionaloptions | string (Advanced Configuration) Additional RADIUS Attributes on the TOP of this entry This is for experts only and should be treated with care! Click Info for details. You may append custom RADIUS options to this user account. If required by syntax, you must use quotes and commas. Use a vertical bar | to put a command on a new line. Example: DEFAULT Auth-Type = System IMPORTANT: If you don't format this field correctly, FreeRADIUS will not start because of syntax errors. Verify your changes by checking the authorized_macs file (View config > Users). |
| userscheckitemsadditionaloptions | string (Advanced Configuration) Additional RADIUS Attributes (CHECK-ITEM) This is for experts only and should be treated with care! Click Info for details. You may append custom RADIUS options to this user account. If required by syntax, you must use quotes and commas. Use a vertical bar | to put a command on a new line. Example: Max-Daily-Session := 36000 IMPORTANT: If you don't format this field correctly, FreeRADIUS will not start because of syntax errors. Verify your changes by checking the authorized_macs file (View config > Users). |
| usersreplyitemsadditionaloptions | string (Advanced Configuration) Additional RADIUS Attributes (REPLY-ITEM) This is for experts only and should be treated with care! Click Info for details. You may append custom RADIUS options to this user account. If required by syntax, you must use quotes and commas. Use a vertical bar | to put a command on a new line. Example: Service-Type == Login-User,|Login-Service == Telnet,|Login-IP-Host == 192.168.1.2 IMPORTANT: If you don't format this field correctly, FreeRADIUS will not start because of syntax errors. Verify your changes by checking the authorized_macs file (View config > Users). |
| id | string (readonly) ID assigned to this entry |
{- "usersusername": "string",
- "userspassword": "string",
- "userspasswordencryption": "string",
- "usersmotpenable": true,
- "usersauthmethod": "string",
- "usersmotpinitsecret": "string",
- "usersmotppin": "string",
- "usersmotpoffset": "string",
- "userswisprredirectionurl": "string",
- "userssimultaneousconnect": "string",
- "description": "string",
- "usersframedipaddress": "string",
- "usersframedipnetmask": "string",
- "usersframedroute": "string",
- "usersframedip6address": "string",
- "usersframedip6route": "string",
- "usersvlanid": "string",
- "usersexpiration": "string",
- "userssessiontimeout": "string",
- "userslogintime": "string",
- "usersamountoftime": "string",
- "userspointoftime": "string",
- "usersmaxtotaloctets": "string",
- "usersmaxtotaloctetstimerange": "string",
- "usersmaxbandwidthdown": "string",
- "usersmaxbandwidthup": "string",
- "usersacctinteriminterval": "string",
- "userstopadditionaloptions": "string",
- "userscheckitemsadditionaloptions": "string",
- "usersreplyitemsadditionaloptions": "string",
- "id": "string"
}{- "usersusername": "string",
- "userspassword": "string",
- "userspasswordencryption": "string",
- "usersmotpenable": true,
- "usersauthmethod": "string",
- "usersmotpinitsecret": "string",
- "usersmotppin": "string",
- "usersmotpoffset": "string",
- "userswisprredirectionurl": "string",
- "userssimultaneousconnect": "string",
- "description": "string",
- "usersframedipaddress": "string",
- "usersframedipnetmask": "string",
- "usersframedroute": "string",
- "usersframedip6address": "string",
- "usersframedip6route": "string",
- "usersvlanid": "string",
- "usersexpiration": "string",
- "userssessiontimeout": "string",
- "userslogintime": "string",
- "usersamountoftime": "string",
- "userspointoftime": "string",
- "usersmaxtotaloctets": "string",
- "usersmaxtotaloctetstimerange": "string",
- "usersmaxbandwidthdown": "string",
- "usersmaxbandwidthup": "string",
- "usersacctinteriminterval": "string",
- "userstopadditionaloptions": "string",
- "userscheckitemsadditionaloptions": "string",
- "usersreplyitemsadditionaloptions": "string",
- "id": "string"
}| id required | string |
| usersusername | string (General Configuration) Username Enter the username. Whitespace is allowed. Note: May only contain a-z, A-Z, 0-9, underscore, period and hyphen when using OTP. |
| userspassword | string (General Configuration) Password Enter the password for this username. Leave empty if you want to use custom options (such as OTP) instead of username/password. |
| userspasswordencryption | string (General Configuration) Password Encryption (Cleartext-Password, MD5-Password, MD5-Password-hashed, NT-Password-hashed) Select the password encryption for this user. If the (pre-hashed) options are used, the password should already be hashed by the expected hash function. Note that not all authentication protocols are compatible with all types of hashed passwords. Default: Cleartext-Password |
| usersmotpenable | boolean (One-Time Password Configuration) One-Time Password This enables the possibility to authenticate with username and one-time-password. The client used to generate OTP can be installed on various mobile device platforms like Android, iOS and others. (Default: unchecked) IMPORTANT: For MOTP, mOTP must be enabled at FreeRADIUS > Settings. The RADIUS NAS / Client must use PAP, otherwise the authenticator script cannot use the authentication data. Enable One-Time Password (OTP) for this user |
| usersauthmethod | string (One-Time Password Configuration) OTP Auth Method (motp, googleauth) Select the OTP authentication method for this user. Default: mOTP |
| usersmotpinitsecret | string (One-Time Password Configuration) Init-Secret This is the generated init secret you get when you initialize the token for the first time on a client (mobile device). Note: For mOTP this may only contain 0-9 and a-f. For Google Authenticator, it must be A-Z and 2-7. Must contain at least 16 characters. |
| usersmotppin | string (One-Time Password Configuration) PIN This is the PIN the user has to enter on his mobile device to generate a one-time-password. For Google Authenticator, the user must prepend this PIN to the one-time password generated by the authenticator when logging in (e.g. OTP code "990990", user enters "1234990990" as the password). May only contain a PIN consisting of 4-8 digits. Normally 4 digits are used. |
| usersmotpoffset | string (One-Time Password Configuration) Time Offset If the client is not in the correct time zone or is not changing time zone automatically, you have to calculate the offset and enter it here. (Default: 0). Click Info for details. To calculate the time offset, do the following:
|
| userswisprredirectionurl | string (Miscellaneous Configuration) Redirection URL Enter the URL the user should be redirected to after successful login. Example: http://www.google.com |
| userssimultaneousconnect | string (Miscellaneous Configuration) Number of Simultaneous Connections The maximum of simultaneous connections with this username. Leave empty for no limit. If using FreeRADIUS with Captive Portal you should leave this empty. Read the documentation! |
| description | string (Miscellaneous Configuration) Description Enter any description for this user you like. |
| usersframedipaddress | string (IPv4 Network Configuration) IPv4 Address Framed-IP-Address must be supported by NAS. Click Info for details. IMPORTANT: You must enter an IPv4 address here if you checked "RADIUS issued IP" on PPPoE VPN configuration. |
| usersframedipnetmask | string (IPv4 Network Configuration) Subnet Mask Framed-IP-Netmask must be supported by NAS. Example: 255.255.255.0 |
| usersframedroute | string (IPv4 Network Configuration) IPv4 Gateway Framed-Route must be supported by NAS. Required format: Subnet Gateway Metric(s) (e.g. 192.168.10.0/24 192.168.10.1 1) |
| usersframedip6address | string (IPv6 Network Configuration) IPv6 Address When the IPv6 prefix part is empty it uses Framed-IPv6-Address. When the prefix part is filled in, it uses Framed-IPv6-Prefix. Example: 2001:db8:abab::5 or 2001:db8:abab::/64 |
| usersframedip6route | string (IPv6 Network Configuration) IPv6 Gateway Framed-IPv6-Route must be supported by NAS. Required format: Prefix Gateway Metric(s) (e.g. 2001:db8:0:16::/64 2001:db8::16:a0:20ff:fe99:a998 1) |
| usersvlanid | string (VLAN Configuration) VLAN ID Enter the VLAN ID (integer from 1-4095) or the VLAN name that this username should be assigned to. Must be supported by the NAS. Click Info for details. This setting can be used for a NAS that supports the following RADIUS parameters:
|
| usersexpiration | string (Time Configuration) Expiration Date Enter the date when this account should expire. Required format: Mmm dd yyyy (e.g. Jan 01 2012) |
| userssessiontimeout | string (Time Configuration) Session Timeout Enter the time this user has until relogin (in seconds). |
| userslogintime | string (Time Configuration) Possible Login Times Enter the time when this user should have access. "Always" if no time is entered. Click Info for details. Each simple time string must begin with a day definition. That can be just one day, multiple days, or a range of days separated by a hyphen. A day is Mo, Tu, We, Th, Fr, Sa or Su, or Wk for Mo-Fr. Any or Al means all days. After that, a range of hours follows in hhmm-hhmm format. A time string may be a list of simple time strings separated by , Example: Wk0855-2305,Sa,Su2230-0230 - weekdays after 8:55 AM and before 11:05 PM | any time on Saturday | Sunday after 10:30 PM and before 02:30 AM. |
| usersamountoftime | string (Time Configuration) Amount of Time Enter the amount of time for this username (in minutes). |
| userspointoftime | string (Time Configuration) Time Period (Daily, Weekly, Monthly, Forever) Select the time period after which the 'Amount of Time' is reset. |
| usersmaxtotaloctets | string (Traffic and Bandwidth) Amount of Download and Upload Traffic Enter the amount of download and upload traffic (summarized) in megabytes (MB) for this user. IMPORTANT: If using captive portal without periodic reauthentication enabled, this value must not exceed 4095 due to protocol limitations communicating this value to the captive portal via the 32 bit unsigned pfSense-Max-Total-Octets attribute. |
| usersmaxtotaloctetstimerange | string (Traffic and Bandwidth) Time Period (daily, weekly, monthly, forever) Select the time period for the amount of download and upload traffic. This does not automatically reset the counter. You need to setup a cronjob (with cron package) which will reset the counter. Read the documentation! |
| usersmaxbandwidthdown | string (Traffic and Bandwidth) Maximum Bandwidth Down Enter the maximum bandwidth for download in kilobits (1000 bits) per second (Kbit/s). |
| usersmaxbandwidthup | string (Traffic and Bandwidth) Maximum Bandwidth Up Enter the maximum bandwidth for upload in kilobits (1000 bits) per second (Kbit/s). |
| usersacctinteriminterval | string (Traffic and Bandwidth) Accounting Interim Interval Enter the interval in seconds which should elapse between interim-updates. It must be more than 60s and should not be less than 600s. (Default: 600) |
| userstopadditionaloptions | string (Advanced Configuration) Additional RADIUS Attributes on the TOP of this entry This is for experts only and should be treated with care! Click Info for details. You may append custom RADIUS options to this user account. If required by syntax, you must use quotes and commas. Use a vertical bar | to put a command on a new line. Example: DEFAULT Auth-Type = System IMPORTANT: If you don't format this field correctly, FreeRADIUS will not start because of syntax errors. Verify your changes by checking the authorized_macs file (View config > Users). |
| userscheckitemsadditionaloptions | string (Advanced Configuration) Additional RADIUS Attributes (CHECK-ITEM) This is for experts only and should be treated with care! Click Info for details. You may append custom RADIUS options to this user account. If required by syntax, you must use quotes and commas. Use a vertical bar | to put a command on a new line. Example: Max-Daily-Session := 36000 IMPORTANT: If you don't format this field correctly, FreeRADIUS will not start because of syntax errors. Verify your changes by checking the authorized_macs file (View config > Users). |
| usersreplyitemsadditionaloptions | string (Advanced Configuration) Additional RADIUS Attributes (REPLY-ITEM) This is for experts only and should be treated with care! Click Info for details. You may append custom RADIUS options to this user account. If required by syntax, you must use quotes and commas. Use a vertical bar | to put a command on a new line. Example: Service-Type == Login-User,|Login-Service == Telnet,|Login-IP-Host == 192.168.1.2 IMPORTANT: If you don't format this field correctly, FreeRADIUS will not start because of syntax errors. Verify your changes by checking the authorized_macs file (View config > Users). |
| id | string (readonly) ID assigned to this entry |
{- "usersusername": "string",
- "userspassword": "string",
- "userspasswordencryption": "string",
- "usersmotpenable": true,
- "usersauthmethod": "string",
- "usersmotpinitsecret": "string",
- "usersmotppin": "string",
- "usersmotpoffset": "string",
- "userswisprredirectionurl": "string",
- "userssimultaneousconnect": "string",
- "description": "string",
- "usersframedipaddress": "string",
- "usersframedipnetmask": "string",
- "usersframedroute": "string",
- "usersframedip6address": "string",
- "usersframedip6route": "string",
- "usersvlanid": "string",
- "usersexpiration": "string",
- "userssessiontimeout": "string",
- "userslogintime": "string",
- "usersamountoftime": "string",
- "userspointoftime": "string",
- "usersmaxtotaloctets": "string",
- "usersmaxtotaloctetstimerange": "string",
- "usersmaxbandwidthdown": "string",
- "usersmaxbandwidthup": "string",
- "usersacctinteriminterval": "string",
- "userstopadditionaloptions": "string",
- "userscheckitemsadditionaloptions": "string",
- "usersreplyitemsadditionaloptions": "string",
- "id": "string"
}{- "usersusername": "string",
- "userspassword": "string",
- "userspasswordencryption": "string",
- "usersmotpenable": true,
- "usersauthmethod": "string",
- "usersmotpinitsecret": "string",
- "usersmotppin": "string",
- "usersmotpoffset": "string",
- "userswisprredirectionurl": "string",
- "userssimultaneousconnect": "string",
- "description": "string",
- "usersframedipaddress": "string",
- "usersframedipnetmask": "string",
- "usersframedroute": "string",
- "usersframedip6address": "string",
- "usersframedip6route": "string",
- "usersvlanid": "string",
- "usersexpiration": "string",
- "userssessiontimeout": "string",
- "userslogintime": "string",
- "usersamountoftime": "string",
- "userspointoftime": "string",
- "usersmaxtotaloctets": "string",
- "usersmaxtotaloctetstimerange": "string",
- "usersmaxbandwidthdown": "string",
- "usersmaxbandwidthup": "string",
- "usersacctinteriminterval": "string",
- "userstopadditionaloptions": "string",
- "userscheckitemsadditionaloptions": "string",
- "usersreplyitemsadditionaloptions": "string",
- "id": "string"
}{- "enable": true,
- "routerid": "string",
- "password": "string",
- "passwordencrypt": true,
- "ignoreipsecrestart": true,
- "carpstatusvid": "string",
- "logging": true,
- "pkgloglevel": "string",
- "enablesnmpagentx": true,
- "row": [
- {
- "acceptfilter": "string",
- "nullroute": "string",
- "routevalue": "string",
- "routetarget": "string"
}
], - "nht": "string",
- "carpstatusvid_options": [
- {
- "value": "string",
- "text": "string"
}
], - "routetarget_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| enable | boolean Enable Enable FRR |
| routerid | string Default Router ID Specify the default Router ID. RID is the highest logical (loopback) IP address configured on a router. For more information on router identifiers see http://en.wikipedia.org/wiki/Open_Shortest_Path_First. Per-daemon configuration will take precedence over this setting. |
| password | string Master Password Password to access the management daemons. Required. |
| passwordencrypt | boolean Encrypt Password Enable password encryption service. |
| ignoreipsecrestart | boolean Ignore IPsec Restart Ignore IPsec restart events. When unchecked, IPsec VTI interfaces will be reset in FRR when IPsec restarts. This reset can prevent routes from becoming inactive in the routing table after interface events. |
| carpstatusvid | string CARP Status IP Used to determine the CARP status. When the CARP vhid is in BACKUP status, FRR will not be started. |
| logging | boolean (Logging) Syslog Logging If set to yes, FRR daemon Logs will be written via syslog. |
| pkgloglevel | string (Logging) Package Logging Level (0, 1) Set the log level for package scripts |
| enablesnmpagentx | boolean (Modules) Enable SNMP AgentX Enable agentx support for accessing FRR Zebra data via SNMP with the net-snmp package. |
Array of objects (FrrRow) | |
| nht | string (Next hop Tracking) Resolve via default route (none, ipv4, ipv6, both) By default, next hop tracking does not resolve next hops via the default route. Allowing this behavior can be useful, for example, so BGP can peer across the default route. |
Array of objects (TextValue) | |
Array of objects (TextValue) |
{- "enable": true,
- "routerid": "string",
- "password": "string",
- "passwordencrypt": true,
- "ignoreipsecrestart": true,
- "carpstatusvid": "string",
- "logging": true,
- "pkgloglevel": "string",
- "enablesnmpagentx": true,
- "row": [
- {
- "acceptfilter": "string",
- "nullroute": "string",
- "routevalue": "string",
- "routetarget": "string"
}
], - "nht": "string",
- "carpstatusvid_options": [
- {
- "value": "string",
- "text": "string"
}
], - "routetarget_options": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "enable": true,
- "routerid": "string",
- "password": "string",
- "passwordencrypt": true,
- "ignoreipsecrestart": true,
- "carpstatusvid": "string",
- "logging": true,
- "pkgloglevel": "string",
- "enablesnmpagentx": true,
- "row": [
- {
- "acceptfilter": "string",
- "nullroute": "string",
- "routevalue": "string",
- "routetarget": "string"
}
], - "nht": "string",
- "carpstatusvid_options": [
- {
- "value": "string",
- "text": "string"
}
], - "routetarget_options": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "items": [
- {
- "peer": "string",
- "descr": "string",
- "profile": "string",
- "multihop": true,
- "shutdown": true,
- "interface": "string",
- "local_address": "string",
- "detectmultiplier": "string",
- "receiveinterval": "string",
- "transmitinterval": "string",
- "echointerval": "string",
- "echomode": true,
- "id": "string"
}
], - "profile_options": [
- {
- "value": "string",
- "text": "string"
}
], - "interface_options": [
- {
- "value": "string",
- "text": "string"
}
], - "local_address_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| peer | string (Peer Configurations) Peer Address IP address of a peer |
| descr | string (Peer Configurations) Description |
| profile | string (Peer Configurations) Profile Select the profile for peer take configuration from. |
| multihop | boolean (Options) Multihop Expect packets with TTL less than 254 due to more than one hop between peer addresses and listen on the multihop port 4784. When using multi-hop mode echo-mode will not work, see RFC 5883 section 3. |
| shutdown | boolean (Options) Shutdown Enables or disables the peer. When the peer is disabled an "administrative down" message is sent to the remote peer. |
| interface | string (Source Address/Interface) Interface Select the interface which BFD will use as a packet source. |
| local_address | string (Source Address/Interface) Local Source Address Provide a local address to bind the BFD peer listener to for participating in a BFD session. |
| detectmultiplier | string (Advanced Options) Detect Multiplier Configures the detection multiplier to determine packet loss. The remote transmission interval will be multiplied by this value to determine the connection loss detection timer. The default value is 3. |
| receiveinterval | string (Advanced Options) Receive Interval Configures the minimum interval at which this system is capable of receiving control packets. The default value is 300 milliseconds. |
| transmitinterval | string (Advanced Options) Transmit Interval The minimum transmission interval for the system to use to send BFD control packets. |
| echointerval | string (Advanced Options) Echo Interval The minimal echo receive interval that the system is capable of handling. |
| echomode | boolean (Advanced Options) Echo Mode Enables or disables the echo transmission mode. This mode is disabled by default. FRR documentation recommendeds that the transmission interval of control packets to be increased after enabling echo-mode to reduce bandwidth usage. For example: transmission-interval 2000. Echo mode is not supported on multi-hop setups, see RFC 5883 section 3. |
| id | string (readonly) ID assigned to this entry |
{- "peer": "string",
- "descr": "string",
- "profile": "string",
- "multihop": true,
- "shutdown": true,
- "interface": "string",
- "local_address": "string",
- "detectmultiplier": "string",
- "receiveinterval": "string",
- "transmitinterval": "string",
- "echointerval": "string",
- "echomode": true,
- "id": "string"
}{- "peer": "string",
- "descr": "string",
- "profile": "string",
- "multihop": true,
- "shutdown": true,
- "interface": "string",
- "local_address": "string",
- "detectmultiplier": "string",
- "receiveinterval": "string",
- "transmitinterval": "string",
- "echointerval": "string",
- "echomode": true,
- "id": "string"
}| id required | string |
| peer | string (Peer Configurations) Peer Address IP address of a peer |
| descr | string (Peer Configurations) Description |
| profile | string (Peer Configurations) Profile Select the profile for peer take configuration from. |
| multihop | boolean (Options) Multihop Expect packets with TTL less than 254 due to more than one hop between peer addresses and listen on the multihop port 4784. When using multi-hop mode echo-mode will not work, see RFC 5883 section 3. |
| shutdown | boolean (Options) Shutdown Enables or disables the peer. When the peer is disabled an "administrative down" message is sent to the remote peer. |
| interface | string (Source Address/Interface) Interface Select the interface which BFD will use as a packet source. |
| local_address | string (Source Address/Interface) Local Source Address Provide a local address to bind the BFD peer listener to for participating in a BFD session. |
| detectmultiplier | string (Advanced Options) Detect Multiplier Configures the detection multiplier to determine packet loss. The remote transmission interval will be multiplied by this value to determine the connection loss detection timer. The default value is 3. |
| receiveinterval | string (Advanced Options) Receive Interval Configures the minimum interval at which this system is capable of receiving control packets. The default value is 300 milliseconds. |
| transmitinterval | string (Advanced Options) Transmit Interval The minimum transmission interval for the system to use to send BFD control packets. |
| echointerval | string (Advanced Options) Echo Interval The minimal echo receive interval that the system is capable of handling. |
| echomode | boolean (Advanced Options) Echo Mode Enables or disables the echo transmission mode. This mode is disabled by default. FRR documentation recommendeds that the transmission interval of control packets to be increased after enabling echo-mode to reduce bandwidth usage. For example: transmission-interval 2000. Echo mode is not supported on multi-hop setups, see RFC 5883 section 3. |
| id | string (readonly) ID assigned to this entry |
{- "peer": "string",
- "descr": "string",
- "profile": "string",
- "multihop": true,
- "shutdown": true,
- "interface": "string",
- "local_address": "string",
- "detectmultiplier": "string",
- "receiveinterval": "string",
- "transmitinterval": "string",
- "echointerval": "string",
- "echomode": true,
- "id": "string"
}{- "peer": "string",
- "descr": "string",
- "profile": "string",
- "multihop": true,
- "shutdown": true,
- "interface": "string",
- "local_address": "string",
- "detectmultiplier": "string",
- "receiveinterval": "string",
- "transmitinterval": "string",
- "echointerval": "string",
- "echomode": true,
- "id": "string"
}{- "bfdprofiles": [
- {
- "name": "string",
- "descr": "string",
- "shutdown": true,
- "passive": true,
- "detectmultiplier": "string",
- "receiveinterval": "string",
- "transmitinterval": "string",
- "echointerval": "string",
- "minimumttl": "string",
- "echomode": true,
- "id": "string"
}
]
}| name | string (Profile Configuration) Name |
| descr | string (Profile Configuration) Description |
| shutdown | boolean (Profile Configuration) Shutdown Enables or disables the peer. When the peer is disabled an "administrative down" message is sent to the remote peer. |
| passive | boolean (Profile Configuration) Passive Mark session as passive. A passive session will not attempt to start the connection and will wait for control packets from peer before it begins replying. |
| detectmultiplier | string (Profile Options) Detect Multiplier Configures the detection multiplier to determine packet loss. The remote transmission interval will be multiplied by this value to determine the connection loss detection timer. The default value is 3. |
| receiveinterval | string (Profile Options) Receive Interval Configures the minimum interval at which this system is capable of receiving control packets. The default value is 300 milliseconds. |
| transmitinterval | string (Profile Options) Transmit Interval The minimum transmission interval for the system to use to send BFD control packets. |
| echointerval | string (Profile Options) Echo Interval The minimal echo receive interval that the system is capable of handling. |
| minimumttl | string (Profile Options) Minimum TTL For multi hop sessions only, configure the minimum expected TTL for an incoming BFD control packet. This feature serves the purpose of tightening the packet validation requirements to avoid receiving BFD control packets from other sessions. The default value is 254 (which means we only expect one hop between this system and the peer). |
| echomode | boolean (Profile Options) Echo Mode Enables or disables the echo transmission mode. This mode is disabled by default. FRR documentation recommendeds that the transmission interval of control packets to be increased after enabling echo-mode to reduce bandwidth usage. For example: transmission-interval 2000. Echo mode is not supported on multi-hop setups, see RFC 5883 section 3. |
| id | string (readonly) ID assigned to this entry |
{- "name": "string",
- "descr": "string",
- "shutdown": true,
- "passive": true,
- "detectmultiplier": "string",
- "receiveinterval": "string",
- "transmitinterval": "string",
- "echointerval": "string",
- "minimumttl": "string",
- "echomode": true,
- "id": "string"
}{- "name": "string",
- "descr": "string",
- "shutdown": true,
- "passive": true,
- "detectmultiplier": "string",
- "receiveinterval": "string",
- "transmitinterval": "string",
- "echointerval": "string",
- "minimumttl": "string",
- "echomode": true,
- "id": "string"
}| id required | string |
| name | string (Profile Configuration) Name |
| descr | string (Profile Configuration) Description |
| shutdown | boolean (Profile Configuration) Shutdown Enables or disables the peer. When the peer is disabled an "administrative down" message is sent to the remote peer. |
| passive | boolean (Profile Configuration) Passive Mark session as passive. A passive session will not attempt to start the connection and will wait for control packets from peer before it begins replying. |
| detectmultiplier | string (Profile Options) Detect Multiplier Configures the detection multiplier to determine packet loss. The remote transmission interval will be multiplied by this value to determine the connection loss detection timer. The default value is 3. |
| receiveinterval | string (Profile Options) Receive Interval Configures the minimum interval at which this system is capable of receiving control packets. The default value is 300 milliseconds. |
| transmitinterval | string (Profile Options) Transmit Interval The minimum transmission interval for the system to use to send BFD control packets. |
| echointerval | string (Profile Options) Echo Interval The minimal echo receive interval that the system is capable of handling. |
| minimumttl | string (Profile Options) Minimum TTL For multi hop sessions only, configure the minimum expected TTL for an incoming BFD control packet. This feature serves the purpose of tightening the packet validation requirements to avoid receiving BFD control packets from other sessions. The default value is 254 (which means we only expect one hop between this system and the peer). |
| echomode | boolean (Profile Options) Echo Mode Enables or disables the echo transmission mode. This mode is disabled by default. FRR documentation recommendeds that the transmission interval of control packets to be increased after enabling echo-mode to reduce bandwidth usage. For example: transmission-interval 2000. Echo mode is not supported on multi-hop setups, see RFC 5883 section 3. |
| id | string (readonly) ID assigned to this entry |
{- "name": "string",
- "descr": "string",
- "shutdown": true,
- "passive": true,
- "detectmultiplier": "string",
- "receiveinterval": "string",
- "transmitinterval": "string",
- "echointerval": "string",
- "minimumttl": "string",
- "echomode": true,
- "id": "string"
}{- "name": "string",
- "descr": "string",
- "shutdown": true,
- "passive": true,
- "detectmultiplier": "string",
- "receiveinterval": "string",
- "transmitinterval": "string",
- "echointerval": "string",
- "minimumttl": "string",
- "echomode": true,
- "id": "string"
}{- "enable": true,
- "adjacencylog": true,
- "asnum": "string",
- "routerid": "string",
- "timers_keepalive": "string",
- "timers_holdtime": "string",
- "timers_updatedelay": "string",
- "timers_peerwait": "string",
- "nodefipv4unicast": true,
- "enablesnmpagentx": true,
- "enablerpki": true,
- "shutdown": true,
- "shutdownmessage": "string",
- "grglobaldisable": true,
- "disablepreservefwstate": true,
- "grstalepathtime": "string",
- "grrestarttimetime": "string",
- "grselectdefertime": "string",
- "grribstaletime": "string",
- "gsenable": true,
- "rpkipollingperiod": "string",
- "rpkiexpireinterval": "string",
- "rpkiretryinterval": "string",
- "redistributeconnected": "string",
- "redistributestatic": "string",
- "redistributekernel": "string",
- "redistributeospf": "string",
- "redistributeospf6": "string",
- "redistributerip": "string",
- "row": [
- {
- "distributeroutevalue": "string",
- "distributeroutemap": "string",
- "distributeroutemap_options": [
- {
- "value": "string",
- "text": "string"
}
]
}
], - "redistributeconnected_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributestatic_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributekernel_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributeospf_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributeospf6_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributerip_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| enable | boolean (BGP Router Options) Enable Enable BGP Routing |
| adjacencylog | boolean (BGP Router Options) Log Adjacency Changes If set to yes, adjacency changes will be written via syslog. |
| asnum | string (BGP Router Options) Local AS Autonomous System (AS) Number for this router. May be an integer from 1-4294967295. |
| routerid | string (BGP Router Options) Router ID Specify the Router ID, if it is not the default. |
| timers_keepalive | string (BGP Router Options) Timers Keep Alive Interval (0-65535) |
| timers_holdtime | string (BGP Router Options) Hold Time Hold Time (0-65535) |
| timers_updatedelay | string (BGP Router Options) Update Delay Update Delay (0-3600, s) |
| timers_peerwait | string (BGP Router Options) Peer Wait Peer Wait (1-3600, s) |
| nodefipv4unicast | boolean (BGP Router Options) Disable Default IPv4 Unicast If checked, BGP will not assume IPv4 unicast by default. |
| enablesnmpagentx | boolean (Modules) Enable SNMP AgentX Enable agentx support for accessing FRR Zebra data via SNMP with the net-snmp package. |
| enablerpki | boolean (Modules) Enable BGP RPKI Enable BGP Resource Public Key Infrastructure. |
| shutdown | boolean (Global Neighbor Shutdown) Global Neighbor Shutdown Administratively shutdown ALL neighbors |
| shutdownmessage | string (Global Neighbor Shutdown) Message Shutdown message (optional) |
| grglobaldisable | boolean (Graceful Restart/Shutdown) Disable BGP Graceful Restart Globally disable graceful restart functionality in both restart and helper mode. |
| disablepreservefwstate | boolean (Graceful Restart/Shutdown) Preserve FW State If checked, sets F-bit indication that fib is preserved while doing Graceful Restart. |
| grstalepathtime | string (Graceful Restart/Shutdown) Timers Stale Path Time (1-4095, s) |
| grrestarttimetime | string (Graceful Restart/Shutdown) Restart Time Restart Time (1-4095, s) |
| grselectdefertime | string (Graceful Restart/Shutdown) Select Defer Time Select Defer Time (0-3600, s) |
| grribstaletime | string (Graceful Restart/Shutdown) RIB Stale Time RIB Stale Time (1-3600, s) |
| gsenable | boolean (Graceful Restart/Shutdown) Enable BGP Graceful Shutdown If checked, enable BGP graceful shutdown. |
| rpkipollingperiod | string (RPKI Timers) Timers Polling Period (1-86400, s) |
| rpkiexpireinterval | string (RPKI Timers) Expire Interval Expire Interval (600-172800, s) |
| rpkiretryinterval | string (RPKI Timers) Retry Interval Retry Interval (1-7200, s) |
| redistributeconnected | string (Network Distribution) Redistribute Local Redistribute connected networks |
| redistributestatic | string (Network Distribution) Redistribute Static Redistribute FRR static routes |
| redistributekernel | string (Network Distribution) Redistribute Kernel Redistribute Kernel routing table/pfSense static routes |
| redistributeospf | string (Network Distribution) Redistribute OSPF Redistribute OSPF routes to BGP Neighbors |
| redistributeospf6 | string (Network Distribution) Redistribute OSPFv3 Redistribute OSPFv3 routes to BGP Neighbors |
| redistributerip | string (Network Distribution) Redistribute RIP Redistribute RIP routes to BGP Neighbors |
Array of objects (FrrBgpRow) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) |
{- "enable": true,
- "adjacencylog": true,
- "asnum": "string",
- "routerid": "string",
- "timers_keepalive": "string",
- "timers_holdtime": "string",
- "timers_updatedelay": "string",
- "timers_peerwait": "string",
- "nodefipv4unicast": true,
- "enablesnmpagentx": true,
- "enablerpki": true,
- "shutdown": true,
- "shutdownmessage": "string",
- "grglobaldisable": true,
- "disablepreservefwstate": true,
- "grstalepathtime": "string",
- "grrestarttimetime": "string",
- "grselectdefertime": "string",
- "grribstaletime": "string",
- "gsenable": true,
- "rpkipollingperiod": "string",
- "rpkiexpireinterval": "string",
- "rpkiretryinterval": "string",
- "redistributeconnected": "string",
- "redistributestatic": "string",
- "redistributekernel": "string",
- "redistributeospf": "string",
- "redistributeospf6": "string",
- "redistributerip": "string",
- "row": [
- {
- "distributeroutevalue": "string",
- "distributeroutemap": "string",
- "distributeroutemap_options": [
- {
- "value": "string",
- "text": "string"
}
]
}
], - "redistributeconnected_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributestatic_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributekernel_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributeospf_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributeospf6_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributerip_options": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "enable": true,
- "adjacencylog": true,
- "asnum": "string",
- "routerid": "string",
- "timers_keepalive": "string",
- "timers_holdtime": "string",
- "timers_updatedelay": "string",
- "timers_peerwait": "string",
- "nodefipv4unicast": true,
- "enablesnmpagentx": true,
- "enablerpki": true,
- "shutdown": true,
- "shutdownmessage": "string",
- "grglobaldisable": true,
- "disablepreservefwstate": true,
- "grstalepathtime": "string",
- "grrestarttimetime": "string",
- "grselectdefertime": "string",
- "grribstaletime": "string",
- "gsenable": true,
- "rpkipollingperiod": "string",
- "rpkiexpireinterval": "string",
- "rpkiretryinterval": "string",
- "redistributeconnected": "string",
- "redistributestatic": "string",
- "redistributekernel": "string",
- "redistributeospf": "string",
- "redistributeospf6": "string",
- "redistributerip": "string",
- "row": [
- {
- "distributeroutevalue": "string",
- "distributeroutemap": "string",
- "distributeroutemap_options": [
- {
- "value": "string",
- "text": "string"
}
]
}
], - "redistributeconnected_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributestatic_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributekernel_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributeospf_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributeospf6_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributerip_options": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "default_localpref": "string",
- "tablemap": "string",
- "timers_coalesce": "string",
- "timers_routemapdelay": "string",
- "dampening_halflife": "string",
- "dampening_reuse": "string",
- "dampening_suppress": "string",
- "dampening_suppressduration": "string",
- "fastexternalfailover": true,
- "networkimportcheck": true,
- "rejcectassetasconfedset": true,
- "routereflectorallowoutboundpolicy": true,
- "routereflectorclusterid": "string",
- "routereflectorclienttoclient": true,
- "row": [
- {
- "aggregateaddr": "string",
- "aggregateasset": "string",
- "aggregatesummaryonly": "string"
}
], - "meddeterministic": true,
- "medalwayscompare": true,
- "maxmedadmin": true,
- "maxmedadminvalue": "string",
- "maxmedstartup": "string",
- "maxmedstartupvalue": "string",
- "confedas": "string",
- "confedpeers": "string",
- "distanceadmin": "string",
- "distanceadminprefix": "string",
- "distanceadminacl": "string",
- "bgpdistanceext": "string",
- "bgpdistanceint": "string",
- "bgpdistancelocal": "string",
- "bgpbestpathasconfed": true,
- "bgpbestpathasignore": true,
- "bgpbestpathasmulti": true,
- "bgpbestpathasmultigenasset": true,
- "bgpbestpathcomparerouterid": true,
- "bgpbestpathmedconfed": true,
- "bgpbestpathmedmissing": true,
- "disableebgpconnectedroutecheck": true,
- "enforcefirstas": true,
- "disableebgprequirepolicy": true,
- "subgrouppktqueuemax": "string",
- "writequanta": "string",
- "tablemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "distanceadminacl_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| default_localpref | string (Advanced Options) Default Local Preference Configure default Local Preference value (0-4294967295, higher=more preferred) |
| tablemap | string (Advanced Options) Table Map BGP table to RIB route download filter |
| timers_coalesce | string (Advanced Timers) Coalesce Timer Subgroup Coalesce Timer (1-4294967295, ms) |
| timers_routemapdelay | string (Advanced Timers) Route Map Delay Time to wait before processing route-map changes (0-600, seconds). 0 disables the timer (No route updates happen when route-maps change) |
| dampening_halflife | string (Advanced Timers) Dampening Time Penalty Half Life (1-45) |
| dampening_reuse | string (Advanced Timers) Reuse Route When to Reuse a Route (1-20000) |
| dampening_suppress | string (Advanced Timers) Suppress Route Start Suppressing Route (1-20000) |
| dampening_suppressduration | string (Advanced Timers) Suppress Duration Max Time to Suppress (1-255) |
| fastexternalfailover | boolean (Advanced Routing Behavior) Disable Fast External Failover Do not immediately reset session if a link to a directly connected external peer goes down |
| networkimportcheck | boolean (Advanced Routing Behavior) Network Import Check Check if the BGP network route exists in IGP |
| rejcectassetasconfedset | boolean (Advanced Routing Behavior) Reject AS_SET/AS_CONFED_SET Routes Reject incoming and outgoing routes with AS_SET or AS_CONFED_SET type |
| routereflectorallowoutboundpolicy | boolean (Route Reflecting) Route Reflector Outbound Allow modifications made by outbound route-map on ibgp neighbors |
| routereflectorclusterid | string (Route Reflecting) Cluster ID Route Reflector Cluster ID (1-4294967295 or IP address) |
| routereflectorclienttoclient | boolean (Route Reflecting) Disable Client-To-Client Do not allow client-to-client route reflection |
Array of objects (FrrBgpadvancedRow) | |
| meddeterministic | boolean (Multi-Exit Discriminator) Deterministic MED Pick the best-MED path among paths advertised from the neighboring AS |
| medalwayscompare | boolean (Multi-Exit Discriminator) Always Compare MED Allow comparing MED from different neighbors |
| maxmedadmin | boolean (Multi-Exit Discriminator) Max MED Administratively applied Max MED (indefinite) |
| maxmedadminvalue | string (Multi-Exit Discriminator) Definite Max MED Definite Admin Max MED value to be used (0-4294967294) |
| maxmedstartup | string (Multi-Exit Discriminator) Startup Max MED Time Time period for Max MED on startup (5-86400) |
| maxmedstartupvalue | string (Multi-Exit Discriminator) Startup Max Med Value Max MED value to be used during startup (0-4294967294) |
| confedas | string (Confederation) AS Confederation Routing domain confederation AS (1-4294967295) |
| confedpeers | string (Confederation) Confederation Peers Peer AS list in BGP confederation (space separated) |
| distanceadmin | string (Distance) Administrative Distance Define an administrative distance (1-255) |
| distanceadminprefix | string (Distance) IP Source Prefix IP Source Prefix for Admin Distance (x.x.x.x/yy) |
| distanceadminacl | string (Distance) Admin Distance ACL Access List for Admin Distance |
| bgpdistanceext | string (Distance) BGP Distance Distance for AS external routes (1-255) |
| bgpdistanceint | string (Distance) Internal BGP Distance Distance for AS internal routes (1-255) |
| bgpdistancelocal | string (Distance) Local BGP Distance Distance for local routes (1-255) |
| bgpbestpathasconfed | boolean (Best Path Selection) Compare Path with Confederation Compare path lengths including confederation sets and sequences in selecting a route |
| bgpbestpathasignore | boolean (Best Path Selection) Ignore AS Path Ignore AS path length in selecting a route |
| bgpbestpathasmulti | boolean (Best Path Selection) Multipath Relax Allow load sharing across routes that have different AS paths (but same length) |
| bgpbestpathasmultigenasset | boolean (Best Path Selection) Generate an AS_SET Generate an AS_SET |
| bgpbestpathcomparerouterid | boolean (Best Path Selection) Compare Router ID Compare Router ID for identical EBGP paths |
| bgpbestpathmedconfed | boolean (Best Path Selection) MED Confederation Compare MED among confederation paths |
| bgpbestpathmedmissing | boolean (Best Path Selection) Missing MED Treat missing MED as the least preferred path |
| disableebgpconnectedroutecheck | boolean (eBGP) eBGP Nexthop Connected Disable checking if nexthop is connected on eBGP sessions |
| enforcefirstas | boolean (eBGP) Enforce First AS Enforce the first AS for eBGP routes |
| disableebgprequirepolicy | boolean (eBGP) Disable eBGP Require Policy Disable the requirement to apply incoming and outgoing filter to eBGP sessions |
| subgrouppktqueuemax | string (Networking Behavior) Subgroup Packet Queue Default Subgroup Packet Queue Maximum (20-100) |
| writequanta | string (Networking Behavior) Write Quanta Number of packets to write to peer socket per run (1-10000) |
Array of objects (TextValue) | |
Array of objects (TextValue) |
{- "default_localpref": "string",
- "tablemap": "string",
- "timers_coalesce": "string",
- "timers_routemapdelay": "string",
- "dampening_halflife": "string",
- "dampening_reuse": "string",
- "dampening_suppress": "string",
- "dampening_suppressduration": "string",
- "fastexternalfailover": true,
- "networkimportcheck": true,
- "rejcectassetasconfedset": true,
- "routereflectorallowoutboundpolicy": true,
- "routereflectorclusterid": "string",
- "routereflectorclienttoclient": true,
- "row": [
- {
- "aggregateaddr": "string",
- "aggregateasset": "string",
- "aggregatesummaryonly": "string"
}
], - "meddeterministic": true,
- "medalwayscompare": true,
- "maxmedadmin": true,
- "maxmedadminvalue": "string",
- "maxmedstartup": "string",
- "maxmedstartupvalue": "string",
- "confedas": "string",
- "confedpeers": "string",
- "distanceadmin": "string",
- "distanceadminprefix": "string",
- "distanceadminacl": "string",
- "bgpdistanceext": "string",
- "bgpdistanceint": "string",
- "bgpdistancelocal": "string",
- "bgpbestpathasconfed": true,
- "bgpbestpathasignore": true,
- "bgpbestpathasmulti": true,
- "bgpbestpathasmultigenasset": true,
- "bgpbestpathcomparerouterid": true,
- "bgpbestpathmedconfed": true,
- "bgpbestpathmedmissing": true,
- "disableebgpconnectedroutecheck": true,
- "enforcefirstas": true,
- "disableebgprequirepolicy": true,
- "subgrouppktqueuemax": "string",
- "writequanta": "string",
- "tablemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "distanceadminacl_options": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "default_localpref": "string",
- "tablemap": "string",
- "timers_coalesce": "string",
- "timers_routemapdelay": "string",
- "dampening_halflife": "string",
- "dampening_reuse": "string",
- "dampening_suppress": "string",
- "dampening_suppressduration": "string",
- "fastexternalfailover": true,
- "networkimportcheck": true,
- "rejcectassetasconfedset": true,
- "routereflectorallowoutboundpolicy": true,
- "routereflectorclusterid": "string",
- "routereflectorclienttoclient": true,
- "row": [
- {
- "aggregateaddr": "string",
- "aggregateasset": "string",
- "aggregatesummaryonly": "string"
}
], - "meddeterministic": true,
- "medalwayscompare": true,
- "maxmedadmin": true,
- "maxmedadminvalue": "string",
- "maxmedstartup": "string",
- "maxmedstartupvalue": "string",
- "confedas": "string",
- "confedpeers": "string",
- "distanceadmin": "string",
- "distanceadminprefix": "string",
- "distanceadminacl": "string",
- "bgpdistanceext": "string",
- "bgpdistanceint": "string",
- "bgpdistancelocal": "string",
- "bgpbestpathasconfed": true,
- "bgpbestpathasignore": true,
- "bgpbestpathasmulti": true,
- "bgpbestpathasmultigenasset": true,
- "bgpbestpathcomparerouterid": true,
- "bgpbestpathmedconfed": true,
- "bgpbestpathmedmissing": true,
- "disableebgpconnectedroutecheck": true,
- "enforcefirstas": true,
- "disableebgprequirepolicy": true,
- "subgrouppktqueuemax": "string",
- "writequanta": "string",
- "tablemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "distanceadminacl_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| name | string Name The name of this AS Path List. |
| descr | string Description |
Array of objects (FrrBgpAspathsRow) | |
| id | string (readonly) ID assigned to this entry |
{- "name": "string",
- "descr": "string",
- "row": [
- {
- "seq": "string",
- "action": "string",
- "regex": "string",
- "id": "string"
}
], - "id": "string"
}{- "name": "string",
- "descr": "string",
- "row": [
- {
- "seq": "string",
- "action": "string",
- "regex": "string",
- "id": "string"
}
], - "id": "string"
}| id required | string |
| name | string Name The name of this AS Path List. |
| descr | string Description |
Array of objects (FrrBgpAspathsRow) | |
| id | string (readonly) ID assigned to this entry |
{- "name": "string",
- "descr": "string",
- "row": [
- {
- "seq": "string",
- "action": "string",
- "regex": "string",
- "id": "string"
}
], - "id": "string"
}{- "name": "string",
- "descr": "string",
- "row": [
- {
- "seq": "string",
- "action": "string",
- "regex": "string",
- "id": "string"
}
], - "id": "string"
}| name | string Name The name of this BGP Community. Use 1-99 for a standard community list (AS:VAL pairs), 100-500 for an expanded community list (Regular Expression Matching), or enter a text name combined with the selected type. |
| descr | string Description |
| listtype | string Community List Type (standard, expanded) Type of Community List to specify, which controls how the list operates. The selected type must match the Name appropriately. |
Array of objects (FrrBgpCommunitiesRow) | |
| id | string (readonly) ID assigned to this entry |
{- "name": "string",
- "descr": "string",
- "listtype": "string",
- "row": [
- {
- "seq": "string",
- "action": "string",
- "community": "string",
- "id": "string"
}
], - "id": "string"
}{- "name": "string",
- "descr": "string",
- "listtype": "string",
- "row": [
- {
- "seq": "string",
- "action": "string",
- "community": "string",
- "id": "string"
}
], - "id": "string"
}| id required | string |
| name | string Name The name of this BGP Community. Use 1-99 for a standard community list (AS:VAL pairs), 100-500 for an expanded community list (Regular Expression Matching), or enter a text name combined with the selected type. |
| descr | string Description |
| listtype | string Community List Type (standard, expanded) Type of Community List to specify, which controls how the list operates. The selected type must match the Name appropriately. |
Array of objects (FrrBgpCommunitiesRow) | |
| id | string (readonly) ID assigned to this entry |
{- "name": "string",
- "descr": "string",
- "listtype": "string",
- "row": [
- {
- "seq": "string",
- "action": "string",
- "community": "string",
- "id": "string"
}
], - "id": "string"
}{- "name": "string",
- "descr": "string",
- "listtype": "string",
- "row": [
- {
- "seq": "string",
- "action": "string",
- "community": "string",
- "id": "string"
}
], - "id": "string"
}{- "bgpneighbors": [
- {
- "peer": "string",
- "descr": "string",
- "peergroup": "string",
- "password": "string",
- "password_type": "string",
- "shutdown": true,
- "shutdownmessage": "string",
- "shutdownautortt": "string",
- "shutdownautokeepalive": "string",
- "asnum": "string",
- "updatesource_type": "string",
- "updatesource": "string",
- "bothaf": true,
- "defaultoriginate": "string",
- "defaultoriginateroutemap": "string",
- "sendcommunity": "string",
- "nexthopself": "string",
- "softreconfigurationinbound": true,
- "timers_keepalive": "string",
- "timers_holdtime": "string",
- "timers_connect": "string",
- "distribute_in": "string",
- "distribute_out": "string",
- "prefixfilter_in": "string",
- "prefixfilter_out": "string",
- "aspathfilter_in": "string",
- "aspathfilter_out": "string",
- "routemap_in": "string",
- "routemap_out": "string",
- "unsuppressmap": "string",
- "bfdenable": true,
- "bfd_check_control_plane_failure": true,
- "bfd_peer": "string",
- "grmode": "string",
- "weight": "string",
- "passive": true,
- "addpathtxallpaths": true,
- "addpathtxbestpathperas": true,
- "advertisementinterval": "string",
- "allowasin": "string",
- "asoverride": true,
- "attributeunchanged": true,
- "attributeunchanged_aspath": true,
- "attributeunchanged_med": true,
- "attributeunchanged_nexthop": true,
- "capability": true,
- "capability_nexthop": true,
- "capability_orf": "string",
- "dontcapabilitynegotiate": true,
- "overridecapability": true,
- "ttlsecurityhops": "string",
- "disableconnectedcheck": true,
- "ebgpmultihop": "string",
- "enforcemultihop": true,
- "localas_num": "string",
- "localas_noprepend": true,
- "localas_replaceas": true,
- "maximumprefix_num": "string",
- "maximumprefix_threshold": "string",
- "maximumprefix_warnonly": true,
- "maximumprefix_restart": "string",
- "maximumprefixout_num": "string",
- "removeprivateas": true,
- "removeprivateas_all": true,
- "removeprivateas_replace": true,
- "routeclient_reflector": true,
- "routeclient_server": true,
- "solo": true,
- "id": "string"
}
], - "peergroup_options": [
- {
- "value": "string",
- "text": "string"
}
], - "updatesource_options": [
- {
- "value": "string",
- "text": "string"
}
], - "defaultoriginateroutemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "distribute_in_options": [
- {
- "value": "string",
- "text": "string"
}
], - "distribute_out_options": [
- {
- "value": "string",
- "text": "string"
}
], - "prefixfilter_in_options": [
- {
- "value": "string",
- "text": "string"
}
], - "prefixfilter_out_options": [
- {
- "value": "string",
- "text": "string"
}
], - "aspathfilter_in_options": [
- {
- "value": "string",
- "text": "string"
}
], - "aspathfilter_out_options": [
- {
- "value": "string",
- "text": "string"
}
], - "routemap_in_options": [
- {
- "value": "string",
- "text": "string"
}
], - "routemap_out_options": [
- {
- "value": "string",
- "text": "string"
}
], - "unsuppressmap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "bfd_peer_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| peer | string Name/Address The name of a peer group, or IP address of a neighbor. Provide a text name to define a Peer Group. Enter an IP Address to define a Peer. |
| descr | string Description |
| peergroup | string Peer Group When defining a Neighbor by IP address, select a group to which it belongs, if any. |
| password | string Password Password for this BGP Neighbor |
| password_type | string Password Type (none, both, both-bidir, frr, setkey, setkey-bidir) Type of Password |
| shutdown | boolean (Shutdown) Shutdown Neighbor administrative shutdown |
| shutdownmessage | string (Shutdown) Shutdown Message Shutdown message (optional) |
| shutdownautortt | string (Shutdown) Auto-Shutdown RTT in milliseconds to automatically shutdown the peer if exceeded. |
| shutdownautokeepalive | string (Shutdown) Auto-Shutdown Keepalive Count Number of keepalive messages to count before shutting down the peer when round-trip-time exceeds the set threshold. |
| asnum | string (Basic Options) Remote AS Autonomous System (AS) Number for this neighbor. May be an integer from 1-4294967295, "external", or "internal". |
| updatesource_type | string (Basic Options) Update Source (ipv4, ipv6) IP type for BGP Updates |
| updatesource | string (Basic Options) Update Source Local source of BGP Updates |
| bothaf | boolean (Basic Options) Address Family Allow neighbor to advertise and receive routes for both IPv4 and IPv6 |
| defaultoriginate | string (Basic Options) Default Originate (no, ipv4, ipv6, yes) Originate default route to this neighbor. |
| defaultoriginateroutemap | string (Basic Options) Default Originate Route Map Choose a Route Map to restrict origination. |
| sendcommunity | string (Basic Options) Send Community (disabled, enabled, standard, extended, both) Send Community attribute to this neighbor |
| nexthopself | string (Basic Options) Next Hop Self (disabled, enabled, force) Disable the next hop calculation for this neighbor |
| softreconfigurationinbound | boolean (Basic Options) Inbound Soft Reconfiguration Per-neighbor Inbound Soft Reconfiguration |
| timers_keepalive | string (Basic Options) Timers Keep Alive Interval (0-65535) |
| timers_holdtime | string (Basic Options) Hold Time Hold Time (1-65535) |
| timers_connect | string (Basic Options) Connect Timer Connect Timer (1-65535) |
| distribute_in | string (Peer Filtering) Distribute List Filter Inbound Distribution ACL Filter |
| distribute_out | string (Peer Filtering) Distribute List Filter Outbound Distribution ACL Filter |
| prefixfilter_in | string (Peer Filtering) Prefix List Filter Inbound Prefix List Filter |
| prefixfilter_out | string (Peer Filtering) Prefix List Filter Outbound Prefix List Filter |
| aspathfilter_in | string (Peer Filtering) AS Path Filter Inbound AS Path Filter |
| aspathfilter_out | string (Peer Filtering) AS Path Filter Outbound AS Path Filter |
| routemap_in | string (Peer Filtering) Route Map Filters Inbound Route Map Filter |
| routemap_out | string (Peer Filtering) Route Map Filters Outbound Route Map Filter |
| unsuppressmap | string (Peer Filtering) Unsuppress Route Map Route Map to selectively unsuppress suppressed routes |
| bfdenable | boolean (BFD) BFD BFD Enable |
| bfd_check_control_plane_failure | boolean (BFD) BFD Check Control Plane Failure BFD Check Control Plane Failure |
| bfd_peer | string (BFD) BFD Peer Select a BFD peer to subscribe, default is to use the neighbor address |
| grmode | string (Graceful Restart) Graceful Restart Mode (default, restart, helper, disable) Neighbor graceful restart mode |
| weight | string (Advanced Options) Weight Default weight for routes from this neighbor, 0-65535 |
| passive | boolean (Advanced Options) Passive Do not send open messages to this neighbor |
| addpathtxallpaths | boolean (Advanced Options) Path Advertise All Paths to Neighbor |
| addpathtxbestpathperas | boolean (Advanced Options) Path Transmit Best Path per each neighboring AS |
| advertisementinterval | string (Advanced Options) Advertisement Interval Minimum interval, in seconds, between sending BGP routing updates. (0-600) |
| allowasin | string (Advanced Options) Allow AS Inbound (disabled, enabled, origin, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10) Accept as-path with this local router's own AS present in it. |
| asoverride | boolean (Advanced Options) AS Override Override ASNs in outbound updates if the AS Path is the same as the Remote AS |
| attributeunchanged | boolean (Advanced Options) Attribute Unchanged Propagate BGP Attribute Unchanged |
| attributeunchanged_aspath | boolean (Advanced Options) AS Path AS Path Attribute |
| attributeunchanged_med | boolean (Advanced Options) Med Med Attribute |
| attributeunchanged_nexthop | boolean (Advanced Options) Next Hop Next Hop Attribute |
| capability | boolean (Advanced Options) Advertise Capability Advertise Dynamic capability |
| capability_nexthop | boolean (Advanced Options) Advertise Capability Nexthop Advertise Extended Next-Hop capability. This is automatically enabled when peering with IPv6 link-local addresses. |
| capability_orf | string (Advanced Options) Advertise Capability (disabled, send, receive, both) Advertise Outbound Route Filter capability |
| dontcapabilitynegotiate | boolean (Advanced Options) Disable Capability Negotiation Do not perform capability negotiation with the neighbor |
| overridecapability | boolean (Advanced Options) Override Capability Negotiation Override capability negotiation result |
| ttlsecurityhops | string (Advanced Options) TTL Security Hops The maximum hop count to allow for BGP neighbors (1-254) Leave blank to disable |
| disableconnectedcheck | boolean (Advanced Options) Disable Connected Check One-hop away EBGP peer using loopback address |
| ebgpmultihop | string (Advanced Options) EBGP Multi-Hop The maximum hop count to allow for EBGP neighbors not on directly connected networks (1-255) Leave blank to disable |
| enforcemultihop | boolean (Advanced Options) Enforce EBGP Multi-Hop Enforce EBGP neighbors perform multihop |
| localas_num | string (Advanced Options) Local AS Local AS Number |
| localas_noprepend | boolean (Advanced Options) No Prepend Do not prepend Local AS to updates from EBGP peers |
| localas_replaceas | boolean (Advanced Options) Replace AS Do not prepend Local AS to updates from IBGP peers |
| maximumprefix_num | string (Advanced Options) Maximum Prefix Maximum Prefix to Accept (1-4294967295) |
| maximumprefix_threshold | string (Advanced Options) Warning Threshold % at which to warn (1-100) |
| maximumprefix_warnonly | boolean (Advanced Options) Warn Only Warn Only (No Restart) |
| maximumprefix_restart | string (Advanced Options) Restart Interval Restart BGP after X warned minutes (1-65535) |
| maximumprefixout_num | string (Advanced Options) Maximum Prefix Out Maximum Prefix to Send (1-4294967295) |
| removeprivateas | boolean (Advanced Options) Remove Private AS Remove private ASNs in outbound updates |
| removeprivateas_all | boolean (Advanced Options) Apply to All Apply to all AS Numbers |
| removeprivateas_replace | boolean (Advanced Options) Replace AS Replace Private with Local AS |
| routeclient_reflector | boolean (Advanced Options) Route Client Neighbor is Route Reflector Client |
| routeclient_server | boolean (Advanced Options) Route Client Neighbor is Route Server Client |
| solo | boolean (Advanced Options) Solo Peer Neighbor is part of its own update group |
| id | string (readonly) ID assigned to this entry |
{- "peer": "string",
- "descr": "string",
- "peergroup": "string",
- "password": "string",
- "password_type": "string",
- "shutdown": true,
- "shutdownmessage": "string",
- "shutdownautortt": "string",
- "shutdownautokeepalive": "string",
- "asnum": "string",
- "updatesource_type": "string",
- "updatesource": "string",
- "bothaf": true,
- "defaultoriginate": "string",
- "defaultoriginateroutemap": "string",
- "sendcommunity": "string",
- "nexthopself": "string",
- "softreconfigurationinbound": true,
- "timers_keepalive": "string",
- "timers_holdtime": "string",
- "timers_connect": "string",
- "distribute_in": "string",
- "distribute_out": "string",
- "prefixfilter_in": "string",
- "prefixfilter_out": "string",
- "aspathfilter_in": "string",
- "aspathfilter_out": "string",
- "routemap_in": "string",
- "routemap_out": "string",
- "unsuppressmap": "string",
- "bfdenable": true,
- "bfd_check_control_plane_failure": true,
- "bfd_peer": "string",
- "grmode": "string",
- "weight": "string",
- "passive": true,
- "addpathtxallpaths": true,
- "addpathtxbestpathperas": true,
- "advertisementinterval": "string",
- "allowasin": "string",
- "asoverride": true,
- "attributeunchanged": true,
- "attributeunchanged_aspath": true,
- "attributeunchanged_med": true,
- "attributeunchanged_nexthop": true,
- "capability": true,
- "capability_nexthop": true,
- "capability_orf": "string",
- "dontcapabilitynegotiate": true,
- "overridecapability": true,
- "ttlsecurityhops": "string",
- "disableconnectedcheck": true,
- "ebgpmultihop": "string",
- "enforcemultihop": true,
- "localas_num": "string",
- "localas_noprepend": true,
- "localas_replaceas": true,
- "maximumprefix_num": "string",
- "maximumprefix_threshold": "string",
- "maximumprefix_warnonly": true,
- "maximumprefix_restart": "string",
- "maximumprefixout_num": "string",
- "removeprivateas": true,
- "removeprivateas_all": true,
- "removeprivateas_replace": true,
- "routeclient_reflector": true,
- "routeclient_server": true,
- "solo": true,
- "id": "string"
}{- "peer": "string",
- "descr": "string",
- "peergroup": "string",
- "password": "string",
- "password_type": "string",
- "shutdown": true,
- "shutdownmessage": "string",
- "shutdownautortt": "string",
- "shutdownautokeepalive": "string",
- "asnum": "string",
- "updatesource_type": "string",
- "updatesource": "string",
- "bothaf": true,
- "defaultoriginate": "string",
- "defaultoriginateroutemap": "string",
- "sendcommunity": "string",
- "nexthopself": "string",
- "softreconfigurationinbound": true,
- "timers_keepalive": "string",
- "timers_holdtime": "string",
- "timers_connect": "string",
- "distribute_in": "string",
- "distribute_out": "string",
- "prefixfilter_in": "string",
- "prefixfilter_out": "string",
- "aspathfilter_in": "string",
- "aspathfilter_out": "string",
- "routemap_in": "string",
- "routemap_out": "string",
- "unsuppressmap": "string",
- "bfdenable": true,
- "bfd_check_control_plane_failure": true,
- "bfd_peer": "string",
- "grmode": "string",
- "weight": "string",
- "passive": true,
- "addpathtxallpaths": true,
- "addpathtxbestpathperas": true,
- "advertisementinterval": "string",
- "allowasin": "string",
- "asoverride": true,
- "attributeunchanged": true,
- "attributeunchanged_aspath": true,
- "attributeunchanged_med": true,
- "attributeunchanged_nexthop": true,
- "capability": true,
- "capability_nexthop": true,
- "capability_orf": "string",
- "dontcapabilitynegotiate": true,
- "overridecapability": true,
- "ttlsecurityhops": "string",
- "disableconnectedcheck": true,
- "ebgpmultihop": "string",
- "enforcemultihop": true,
- "localas_num": "string",
- "localas_noprepend": true,
- "localas_replaceas": true,
- "maximumprefix_num": "string",
- "maximumprefix_threshold": "string",
- "maximumprefix_warnonly": true,
- "maximumprefix_restart": "string",
- "maximumprefixout_num": "string",
- "removeprivateas": true,
- "removeprivateas_all": true,
- "removeprivateas_replace": true,
- "routeclient_reflector": true,
- "routeclient_server": true,
- "solo": true,
- "id": "string"
}| id required | string |
| peer | string Name/Address The name of a peer group, or IP address of a neighbor. Provide a text name to define a Peer Group. Enter an IP Address to define a Peer. |
| descr | string Description |
| peergroup | string Peer Group When defining a Neighbor by IP address, select a group to which it belongs, if any. |
| password | string Password Password for this BGP Neighbor |
| password_type | string Password Type (none, both, both-bidir, frr, setkey, setkey-bidir) Type of Password |
| shutdown | boolean (Shutdown) Shutdown Neighbor administrative shutdown |
| shutdownmessage | string (Shutdown) Shutdown Message Shutdown message (optional) |
| shutdownautortt | string (Shutdown) Auto-Shutdown RTT in milliseconds to automatically shutdown the peer if exceeded. |
| shutdownautokeepalive | string (Shutdown) Auto-Shutdown Keepalive Count Number of keepalive messages to count before shutting down the peer when round-trip-time exceeds the set threshold. |
| asnum | string (Basic Options) Remote AS Autonomous System (AS) Number for this neighbor. May be an integer from 1-4294967295, "external", or "internal". |
| updatesource_type | string (Basic Options) Update Source (ipv4, ipv6) IP type for BGP Updates |
| updatesource | string (Basic Options) Update Source Local source of BGP Updates |
| bothaf | boolean (Basic Options) Address Family Allow neighbor to advertise and receive routes for both IPv4 and IPv6 |
| defaultoriginate | string (Basic Options) Default Originate (no, ipv4, ipv6, yes) Originate default route to this neighbor. |
| defaultoriginateroutemap | string (Basic Options) Default Originate Route Map Choose a Route Map to restrict origination. |
| sendcommunity | string (Basic Options) Send Community (disabled, enabled, standard, extended, both) Send Community attribute to this neighbor |
| nexthopself | string (Basic Options) Next Hop Self (disabled, enabled, force) Disable the next hop calculation for this neighbor |
| softreconfigurationinbound | boolean (Basic Options) Inbound Soft Reconfiguration Per-neighbor Inbound Soft Reconfiguration |
| timers_keepalive | string (Basic Options) Timers Keep Alive Interval (0-65535) |
| timers_holdtime | string (Basic Options) Hold Time Hold Time (1-65535) |
| timers_connect | string (Basic Options) Connect Timer Connect Timer (1-65535) |
| distribute_in | string (Peer Filtering) Distribute List Filter Inbound Distribution ACL Filter |
| distribute_out | string (Peer Filtering) Distribute List Filter Outbound Distribution ACL Filter |
| prefixfilter_in | string (Peer Filtering) Prefix List Filter Inbound Prefix List Filter |
| prefixfilter_out | string (Peer Filtering) Prefix List Filter Outbound Prefix List Filter |
| aspathfilter_in | string (Peer Filtering) AS Path Filter Inbound AS Path Filter |
| aspathfilter_out | string (Peer Filtering) AS Path Filter Outbound AS Path Filter |
| routemap_in | string (Peer Filtering) Route Map Filters Inbound Route Map Filter |
| routemap_out | string (Peer Filtering) Route Map Filters Outbound Route Map Filter |
| unsuppressmap | string (Peer Filtering) Unsuppress Route Map Route Map to selectively unsuppress suppressed routes |
| bfdenable | boolean (BFD) BFD BFD Enable |
| bfd_check_control_plane_failure | boolean (BFD) BFD Check Control Plane Failure BFD Check Control Plane Failure |
| bfd_peer | string (BFD) BFD Peer Select a BFD peer to subscribe, default is to use the neighbor address |
| grmode | string (Graceful Restart) Graceful Restart Mode (default, restart, helper, disable) Neighbor graceful restart mode |
| weight | string (Advanced Options) Weight Default weight for routes from this neighbor, 0-65535 |
| passive | boolean (Advanced Options) Passive Do not send open messages to this neighbor |
| addpathtxallpaths | boolean (Advanced Options) Path Advertise All Paths to Neighbor |
| addpathtxbestpathperas | boolean (Advanced Options) Path Transmit Best Path per each neighboring AS |
| advertisementinterval | string (Advanced Options) Advertisement Interval Minimum interval, in seconds, between sending BGP routing updates. (0-600) |
| allowasin | string (Advanced Options) Allow AS Inbound (disabled, enabled, origin, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10) Accept as-path with this local router's own AS present in it. |
| asoverride | boolean (Advanced Options) AS Override Override ASNs in outbound updates if the AS Path is the same as the Remote AS |
| attributeunchanged | boolean (Advanced Options) Attribute Unchanged Propagate BGP Attribute Unchanged |
| attributeunchanged_aspath | boolean (Advanced Options) AS Path AS Path Attribute |
| attributeunchanged_med | boolean (Advanced Options) Med Med Attribute |
| attributeunchanged_nexthop | boolean (Advanced Options) Next Hop Next Hop Attribute |
| capability | boolean (Advanced Options) Advertise Capability Advertise Dynamic capability |
| capability_nexthop | boolean (Advanced Options) Advertise Capability Nexthop Advertise Extended Next-Hop capability. This is automatically enabled when peering with IPv6 link-local addresses. |
| capability_orf | string (Advanced Options) Advertise Capability (disabled, send, receive, both) Advertise Outbound Route Filter capability |
| dontcapabilitynegotiate | boolean (Advanced Options) Disable Capability Negotiation Do not perform capability negotiation with the neighbor |
| overridecapability | boolean (Advanced Options) Override Capability Negotiation Override capability negotiation result |
| ttlsecurityhops | string (Advanced Options) TTL Security Hops The maximum hop count to allow for BGP neighbors (1-254) Leave blank to disable |
| disableconnectedcheck | boolean (Advanced Options) Disable Connected Check One-hop away EBGP peer using loopback address |
| ebgpmultihop | string (Advanced Options) EBGP Multi-Hop The maximum hop count to allow for EBGP neighbors not on directly connected networks (1-255) Leave blank to disable |
| enforcemultihop | boolean (Advanced Options) Enforce EBGP Multi-Hop Enforce EBGP neighbors perform multihop |
| localas_num | string (Advanced Options) Local AS Local AS Number |
| localas_noprepend | boolean (Advanced Options) No Prepend Do not prepend Local AS to updates from EBGP peers |
| localas_replaceas | boolean (Advanced Options) Replace AS Do not prepend Local AS to updates from IBGP peers |
| maximumprefix_num | string (Advanced Options) Maximum Prefix Maximum Prefix to Accept (1-4294967295) |
| maximumprefix_threshold | string (Advanced Options) Warning Threshold % at which to warn (1-100) |
| maximumprefix_warnonly | boolean (Advanced Options) Warn Only Warn Only (No Restart) |
| maximumprefix_restart | string (Advanced Options) Restart Interval Restart BGP after X warned minutes (1-65535) |
| maximumprefixout_num | string (Advanced Options) Maximum Prefix Out Maximum Prefix to Send (1-4294967295) |
| removeprivateas | boolean (Advanced Options) Remove Private AS Remove private ASNs in outbound updates |
| removeprivateas_all | boolean (Advanced Options) Apply to All Apply to all AS Numbers |
| removeprivateas_replace | boolean (Advanced Options) Replace AS Replace Private with Local AS |
| routeclient_reflector | boolean (Advanced Options) Route Client Neighbor is Route Reflector Client |
| routeclient_server | boolean (Advanced Options) Route Client Neighbor is Route Server Client |
| solo | boolean (Advanced Options) Solo Peer Neighbor is part of its own update group |
| id | string (readonly) ID assigned to this entry |
{- "peer": "string",
- "descr": "string",
- "peergroup": "string",
- "password": "string",
- "password_type": "string",
- "shutdown": true,
- "shutdownmessage": "string",
- "shutdownautortt": "string",
- "shutdownautokeepalive": "string",
- "asnum": "string",
- "updatesource_type": "string",
- "updatesource": "string",
- "bothaf": true,
- "defaultoriginate": "string",
- "defaultoriginateroutemap": "string",
- "sendcommunity": "string",
- "nexthopself": "string",
- "softreconfigurationinbound": true,
- "timers_keepalive": "string",
- "timers_holdtime": "string",
- "timers_connect": "string",
- "distribute_in": "string",
- "distribute_out": "string",
- "prefixfilter_in": "string",
- "prefixfilter_out": "string",
- "aspathfilter_in": "string",
- "aspathfilter_out": "string",
- "routemap_in": "string",
- "routemap_out": "string",
- "unsuppressmap": "string",
- "bfdenable": true,
- "bfd_check_control_plane_failure": true,
- "bfd_peer": "string",
- "grmode": "string",
- "weight": "string",
- "passive": true,
- "addpathtxallpaths": true,
- "addpathtxbestpathperas": true,
- "advertisementinterval": "string",
- "allowasin": "string",
- "asoverride": true,
- "attributeunchanged": true,
- "attributeunchanged_aspath": true,
- "attributeunchanged_med": true,
- "attributeunchanged_nexthop": true,
- "capability": true,
- "capability_nexthop": true,
- "capability_orf": "string",
- "dontcapabilitynegotiate": true,
- "overridecapability": true,
- "ttlsecurityhops": "string",
- "disableconnectedcheck": true,
- "ebgpmultihop": "string",
- "enforcemultihop": true,
- "localas_num": "string",
- "localas_noprepend": true,
- "localas_replaceas": true,
- "maximumprefix_num": "string",
- "maximumprefix_threshold": "string",
- "maximumprefix_warnonly": true,
- "maximumprefix_restart": "string",
- "maximumprefixout_num": "string",
- "removeprivateas": true,
- "removeprivateas_all": true,
- "removeprivateas_replace": true,
- "routeclient_reflector": true,
- "routeclient_server": true,
- "solo": true,
- "id": "string"
}{- "peer": "string",
- "descr": "string",
- "peergroup": "string",
- "password": "string",
- "password_type": "string",
- "shutdown": true,
- "shutdownmessage": "string",
- "shutdownautortt": "string",
- "shutdownautokeepalive": "string",
- "asnum": "string",
- "updatesource_type": "string",
- "updatesource": "string",
- "bothaf": true,
- "defaultoriginate": "string",
- "defaultoriginateroutemap": "string",
- "sendcommunity": "string",
- "nexthopself": "string",
- "softreconfigurationinbound": true,
- "timers_keepalive": "string",
- "timers_holdtime": "string",
- "timers_connect": "string",
- "distribute_in": "string",
- "distribute_out": "string",
- "prefixfilter_in": "string",
- "prefixfilter_out": "string",
- "aspathfilter_in": "string",
- "aspathfilter_out": "string",
- "routemap_in": "string",
- "routemap_out": "string",
- "unsuppressmap": "string",
- "bfdenable": true,
- "bfd_check_control_plane_failure": true,
- "bfd_peer": "string",
- "grmode": "string",
- "weight": "string",
- "passive": true,
- "addpathtxallpaths": true,
- "addpathtxbestpathperas": true,
- "advertisementinterval": "string",
- "allowasin": "string",
- "asoverride": true,
- "attributeunchanged": true,
- "attributeunchanged_aspath": true,
- "attributeunchanged_med": true,
- "attributeunchanged_nexthop": true,
- "capability": true,
- "capability_nexthop": true,
- "capability_orf": "string",
- "dontcapabilitynegotiate": true,
- "overridecapability": true,
- "ttlsecurityhops": "string",
- "disableconnectedcheck": true,
- "ebgpmultihop": "string",
- "enforcemultihop": true,
- "localas_num": "string",
- "localas_noprepend": true,
- "localas_replaceas": true,
- "maximumprefix_num": "string",
- "maximumprefix_threshold": "string",
- "maximumprefix_warnonly": true,
- "maximumprefix_restart": "string",
- "maximumprefixout_num": "string",
- "removeprivateas": true,
- "removeprivateas_all": true,
- "removeprivateas_replace": true,
- "routeclient_reflector": true,
- "routeclient_server": true,
- "solo": true,
- "id": "string"
}| cacheserver | string Address Address of the cache server |
| port | string Port Port number to connect to the cache server |
| preference | string Preference Cache server preference |
| username | string Username SSH username to establish an SSH connection to the cache server |
| privkeypath | string Private Key Path Local path that includes the private key file of the router |
| pubkeypath | string Public Key Path Local path that includes the public key file of the router |
| id | string (readonly) ID assigned to this entry |
{- "cacheserver": "string",
- "port": "string",
- "preference": "string",
- "username": "string",
- "privkeypath": "string",
- "pubkeypath": "string",
- "id": "string"
}{- "cacheserver": "string",
- "port": "string",
- "preference": "string",
- "username": "string",
- "privkeypath": "string",
- "pubkeypath": "string",
- "id": "string"
}| id required | string |
| cacheserver | string Address Address of the cache server |
| port | string Port Port number to connect to the cache server |
| preference | string Preference Cache server preference |
| username | string Username SSH username to establish an SSH connection to the cache server |
| privkeypath | string Private Key Path Local path that includes the private key file of the router |
| pubkeypath | string Public Key Path Local path that includes the public key file of the router |
| id | string (readonly) ID assigned to this entry |
{- "cacheserver": "string",
- "port": "string",
- "preference": "string",
- "username": "string",
- "privkeypath": "string",
- "pubkeypath": "string",
- "id": "string"
}{- "cacheserver": "string",
- "port": "string",
- "preference": "string",
- "username": "string",
- "privkeypath": "string",
- "pubkeypath": "string",
- "id": "string"
}{- "globalacls": [
- {
- "type": "string",
- "iptype": "string",
- "name": "string",
- "descr": "string",
- "row": [
- {
- "seq": "string",
- "action": "string",
- "source": "string",
- "sourceany": "string",
- "destination": "string",
- "destinationany": "string",
- "exactmatch": "string",
- "id": "string"
}
], - "id": "string"
}
]
}| type | string Type (standard, extended, zebra) Access list type. |
| iptype | string IP Type (IPv4, IPv6) Access list IP version. |
| name | string Name The name of this Access List entry.
|
| descr | string Description |
Array of objects (FrrGlobalAclsRow) | |
| id | string (readonly) ID |
{- "type": "string",
- "iptype": "string",
- "name": "string",
- "descr": "string",
- "row": [
- {
- "seq": "string",
- "action": "string",
- "source": "string",
- "sourceany": "string",
- "destination": "string",
- "destinationany": "string",
- "exactmatch": "string",
- "id": "string"
}
], - "id": "string"
}{- "type": "string",
- "iptype": "string",
- "name": "string",
- "descr": "string",
- "row": [
- {
- "seq": "string",
- "action": "string",
- "source": "string",
- "sourceany": "string",
- "destination": "string",
- "destinationany": "string",
- "exactmatch": "string",
- "id": "string"
}
], - "id": "string"
}| id required | string |
| type | string Type (standard, extended, zebra) Access list type. |
| iptype | string IP Type (IPv4, IPv6) Access list IP version. |
| name | string Name The name of this Access List entry.
|
| descr | string Description |
Array of objects (FrrGlobalAclsRow) | |
| id | string (readonly) ID |
{- "type": "string",
- "iptype": "string",
- "name": "string",
- "descr": "string",
- "row": [
- {
- "seq": "string",
- "action": "string",
- "source": "string",
- "sourceany": "string",
- "destination": "string",
- "destinationany": "string",
- "exactmatch": "string",
- "id": "string"
}
], - "id": "string"
}{- "type": "string",
- "iptype": "string",
- "name": "string",
- "descr": "string",
- "row": [
- {
- "seq": "string",
- "action": "string",
- "source": "string",
- "sourceany": "string",
- "destination": "string",
- "destinationany": "string",
- "exactmatch": "string",
- "id": "string"
}
], - "id": "string"
}{- "globalprefixes": [
- {
- "iptype": "string",
- "name": "string",
- "descr": "string",
- "row": [
- {
- "seq": "string",
- "action": "string",
- "source": "string",
- "any": "string",
- "ge": "string",
- "le": "string",
- "id": "string"
}
], - "id": "string"
}
]
}| iptype | string IP Type (IPv4, IPv6) Prefix list IP version. |
| name | string Name A text name for this Prefix List entry. |
| descr | string Description |
Array of objects (FrrGlobalPrefixRow) | |
| id | string (readonly) ID |
{- "iptype": "string",
- "name": "string",
- "descr": "string",
- "row": [
- {
- "seq": "string",
- "action": "string",
- "source": "string",
- "any": "string",
- "ge": "string",
- "le": "string",
- "id": "string"
}
], - "id": "string"
}{- "iptype": "string",
- "name": "string",
- "descr": "string",
- "row": [
- {
- "seq": "string",
- "action": "string",
- "source": "string",
- "any": "string",
- "ge": "string",
- "le": "string",
- "id": "string"
}
], - "id": "string"
}| id required | string |
| iptype | string IP Type (IPv4, IPv6) Prefix list IP version. |
| name | string Name A text name for this Prefix List entry. |
| descr | string Description |
Array of objects (FrrGlobalPrefixRow) | |
| id | string (readonly) ID |
{- "iptype": "string",
- "name": "string",
- "descr": "string",
- "row": [
- {
- "seq": "string",
- "action": "string",
- "source": "string",
- "any": "string",
- "ge": "string",
- "le": "string",
- "id": "string"
}
], - "id": "string"
}{- "iptype": "string",
- "name": "string",
- "descr": "string",
- "row": [
- {
- "seq": "string",
- "action": "string",
- "source": "string",
- "any": "string",
- "ge": "string",
- "le": "string",
- "id": "string"
}
], - "id": "string"
}Array of objects (FrrGlobalTcpMd5Peer) | |
| frr | string (RAW Configuration Files) SAVED frr.conf Note: If a configuration is placed in this box and saved, the GUI settings (in all other tabs) will be overridden with the contents of this box. To get back the GUI configuration save this form below once with empty input fields. |
| frrrunning | string (RAW Configuration Files) RUNNING frr.conf Note: This is the CURRENT RUNNING CONFIG from "/var/etc/frr/frr.conf". |
{- "tcp_md5_peers": [
- {
- "tcpsigsrc": "string",
- "tcpsigdst": "string",
- "tcpsigpw": "string",
- "tcpsigbidir": "string"
}
], - "frr": "string",
- "frrrunning": "string"
}{- "tcp_md5_peers": [
- {
- "tcpsigsrc": "string",
- "tcpsigdst": "string",
- "tcpsigpw": "string",
- "tcpsigbidir": "string"
}
], - "frr": "string",
- "frrrunning": "string"
}{- "globalroutemaps": [
- {
- "name": "string",
- "descr": "string",
- "action": "string",
- "seq": "string",
- "call": "string",
- "exitaction": "string",
- "acl_match": "string",
- "prefix_match": "string",
- "nexthop_action": "string",
- "nexthop_peer": "string",
- "nexthop_acl": "string",
- "nexthop_pl": "string",
- "metric_action": "string",
- "metric_value": "string",
- "weight": "string",
- "localpref_action": "string",
- "localpref_value": "string",
- "aspath_action": "string",
- "aspath_match": "string",
- "aspath_value": "string",
- "community_action": "string",
- "community_match": "string",
- "community_set": "string",
- "community_additive": true,
- "origin_action": "string",
- "origin_value": "string",
- "source_proto": "string",
- "tag_action": "string",
- "tag_value": "string",
- "rpki_state": "string",
- "id": "string"
}
], - "call_options": [
- {
- "value": "string",
- "text": "string"
}
], - "exitaction_options": [
- {
- "value": "string",
- "text": "string"
}
], - "acl_match_options": [
- {
- "value": "string",
- "text": "string"
}
], - "prefix_match_options": [
- {
- "value": "string",
- "text": "string"
}
], - "nexthop_peer_options": [
- {
- "value": "string",
- "text": "string"
}
], - "nexthop_acl_options": [
- {
- "value": "string",
- "text": "string"
}
], - "nexthop_pl_options": [
- {
- "value": "string",
- "text": "string"
}
], - "aspath_match_options": [
- {
- "value": "string",
- "text": "string"
}
], - "community_match_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| name | string Name The name of this Route Map entry. |
| descr | string Description |
| action | string Action (deny, permit) Permit or deny access |
| seq | string Sequence |
| call | string (Logic Control) Call Route Map Used to stop processing and call another route-map, then return. |
| exitaction | string (Logic Control) Exit Action Used to control what happens after processing this route-map. |
| acl_match | string (Access Lists) Match ACL Match a specific access list. |
| prefix_match | string (Prefix Lists) Match Prefix List Match a specific Prefix List. |
| nexthop_action | string (Next Hop) Next Hop Action (none, match-peer, match-acl, match-pl, set) Set or Match |
| nexthop_peer | string (Next Hop) Peer The peer to match or set |
| nexthop_acl | string (Next Hop) ACL The ACL to match |
| nexthop_pl | string (Next Hop) Prefix List The Prefix List to match |
| metric_action | string (Metric) Metric Action (none, match, set, settype1, settype2) Set or Match Metric |
| metric_value | string (Metric) Metric Value The metric value to match or apply. When setting a metric, the value may also be +rtt, -rtt, + or - value offset, or a specific metric. |
| weight | string (Weight) Weight A specific weight to set. Leave blank for default. |
| localpref_action | string (Local Preference) Local Pref Action (none, match, set) Set or Match Local Preference |
| localpref_value | string (Local Preference) Local Preference The Local Preference value to match or apply. |
| aspath_action | string (BGP AS Paths) AS Path Action (none, match, setexclude, setprepend, setprependlast) Set or Match |
| aspath_match | string (BGP AS Paths) Match AS Path The AS Path list to match, when Match AS Path is the Action. |
| aspath_value | string (BGP AS Paths) Set AS List |
| community_action | string (BGP Communities) Community Action (none, match, matchexact, set) Set or Match |
| community_match | string (BGP Communities) Match Community The existing community list to match. |
| community_set | string (BGP Communities) Set Community When setting a community, this is a space-separated list of communities in AS:VAL format, or a well-known community: internet, no-export, no-advertise, or local-as. |
| community_additive | boolean (BGP Communities) Additive Indicates that when setting a community, it will be appended to any existing communities rather than replacing them. |
| origin_action | string (Origin) Origin Action (none, match, set) Set or Match |
| origin_value | string (Origin) Origin Name (none, egp, igp, incomplete) Origin value to match or set |
| source_proto | string (Source Protocol) Match Source Protocol (none, bgp, ospf, ospf6, connected, kernel, static, system, rip, ripng, isis) Source Protocol to match or set |
| tag_action | string (Tags) Tag Action (none, match, set) Set or Match Tag Value |
| tag_value | string (Tags) Tag Value The tag number to set or match, an integer 1-4294967295. |
| rpki_state | string (RPKI) Validate BGP Updates (none, notfound, invalid, valid) Match RKPI State |
| id | string (readonly) ID assigned to this entry |
{- "name": "string",
- "descr": "string",
- "action": "string",
- "seq": "string",
- "call": "string",
- "exitaction": "string",
- "acl_match": "string",
- "prefix_match": "string",
- "nexthop_action": "string",
- "nexthop_peer": "string",
- "nexthop_acl": "string",
- "nexthop_pl": "string",
- "metric_action": "string",
- "metric_value": "string",
- "weight": "string",
- "localpref_action": "string",
- "localpref_value": "string",
- "aspath_action": "string",
- "aspath_match": "string",
- "aspath_value": "string",
- "community_action": "string",
- "community_match": "string",
- "community_set": "string",
- "community_additive": true,
- "origin_action": "string",
- "origin_value": "string",
- "source_proto": "string",
- "tag_action": "string",
- "tag_value": "string",
- "rpki_state": "string",
- "id": "string"
}{- "name": "string",
- "descr": "string",
- "action": "string",
- "seq": "string",
- "call": "string",
- "exitaction": "string",
- "acl_match": "string",
- "prefix_match": "string",
- "nexthop_action": "string",
- "nexthop_peer": "string",
- "nexthop_acl": "string",
- "nexthop_pl": "string",
- "metric_action": "string",
- "metric_value": "string",
- "weight": "string",
- "localpref_action": "string",
- "localpref_value": "string",
- "aspath_action": "string",
- "aspath_match": "string",
- "aspath_value": "string",
- "community_action": "string",
- "community_match": "string",
- "community_set": "string",
- "community_additive": true,
- "origin_action": "string",
- "origin_value": "string",
- "source_proto": "string",
- "tag_action": "string",
- "tag_value": "string",
- "rpki_state": "string",
- "id": "string"
}| id required | string |
| name | string Name The name of this Route Map entry. |
| descr | string Description |
| action | string Action (deny, permit) Permit or deny access |
| seq | string Sequence |
| call | string (Logic Control) Call Route Map Used to stop processing and call another route-map, then return. |
| exitaction | string (Logic Control) Exit Action Used to control what happens after processing this route-map. |
| acl_match | string (Access Lists) Match ACL Match a specific access list. |
| prefix_match | string (Prefix Lists) Match Prefix List Match a specific Prefix List. |
| nexthop_action | string (Next Hop) Next Hop Action (none, match-peer, match-acl, match-pl, set) Set or Match |
| nexthop_peer | string (Next Hop) Peer The peer to match or set |
| nexthop_acl | string (Next Hop) ACL The ACL to match |
| nexthop_pl | string (Next Hop) Prefix List The Prefix List to match |
| metric_action | string (Metric) Metric Action (none, match, set, settype1, settype2) Set or Match Metric |
| metric_value | string (Metric) Metric Value The metric value to match or apply. When setting a metric, the value may also be +rtt, -rtt, + or - value offset, or a specific metric. |
| weight | string (Weight) Weight A specific weight to set. Leave blank for default. |
| localpref_action | string (Local Preference) Local Pref Action (none, match, set) Set or Match Local Preference |
| localpref_value | string (Local Preference) Local Preference The Local Preference value to match or apply. |
| aspath_action | string (BGP AS Paths) AS Path Action (none, match, setexclude, setprepend, setprependlast) Set or Match |
| aspath_match | string (BGP AS Paths) Match AS Path The AS Path list to match, when Match AS Path is the Action. |
| aspath_value | string (BGP AS Paths) Set AS List |
| community_action | string (BGP Communities) Community Action (none, match, matchexact, set) Set or Match |
| community_match | string (BGP Communities) Match Community The existing community list to match. |
| community_set | string (BGP Communities) Set Community When setting a community, this is a space-separated list of communities in AS:VAL format, or a well-known community: internet, no-export, no-advertise, or local-as. |
| community_additive | boolean (BGP Communities) Additive Indicates that when setting a community, it will be appended to any existing communities rather than replacing them. |
| origin_action | string (Origin) Origin Action (none, match, set) Set or Match |
| origin_value | string (Origin) Origin Name (none, egp, igp, incomplete) Origin value to match or set |
| source_proto | string (Source Protocol) Match Source Protocol (none, bgp, ospf, ospf6, connected, kernel, static, system, rip, ripng, isis) Source Protocol to match or set |
| tag_action | string (Tags) Tag Action (none, match, set) Set or Match Tag Value |
| tag_value | string (Tags) Tag Value The tag number to set or match, an integer 1-4294967295. |
| rpki_state | string (RPKI) Validate BGP Updates (none, notfound, invalid, valid) Match RKPI State |
| id | string (readonly) ID assigned to this entry |
{- "name": "string",
- "descr": "string",
- "action": "string",
- "seq": "string",
- "call": "string",
- "exitaction": "string",
- "acl_match": "string",
- "prefix_match": "string",
- "nexthop_action": "string",
- "nexthop_peer": "string",
- "nexthop_acl": "string",
- "nexthop_pl": "string",
- "metric_action": "string",
- "metric_value": "string",
- "weight": "string",
- "localpref_action": "string",
- "localpref_value": "string",
- "aspath_action": "string",
- "aspath_match": "string",
- "aspath_value": "string",
- "community_action": "string",
- "community_match": "string",
- "community_set": "string",
- "community_additive": true,
- "origin_action": "string",
- "origin_value": "string",
- "source_proto": "string",
- "tag_action": "string",
- "tag_value": "string",
- "rpki_state": "string",
- "id": "string"
}{- "name": "string",
- "descr": "string",
- "action": "string",
- "seq": "string",
- "call": "string",
- "exitaction": "string",
- "acl_match": "string",
- "prefix_match": "string",
- "nexthop_action": "string",
- "nexthop_peer": "string",
- "nexthop_acl": "string",
- "nexthop_pl": "string",
- "metric_action": "string",
- "metric_value": "string",
- "weight": "string",
- "localpref_action": "string",
- "localpref_value": "string",
- "aspath_action": "string",
- "aspath_match": "string",
- "aspath_value": "string",
- "community_action": "string",
- "community_match": "string",
- "community_set": "string",
- "community_additive": true,
- "origin_action": "string",
- "origin_value": "string",
- "source_proto": "string",
- "tag_action": "string",
- "tag_value": "string",
- "rpki_state": "string",
- "id": "string"
}{- "enable": true,
- "adjacencylog": true,
- "routerid": "string",
- "updatefib": "string",
- "spfholdtime": "string",
- "spfdelay": "string",
- "enablesnmpagentx": true,
- "defaultarea": "string",
- "defaultareatype": "string",
- "row": [
- {
- "routevalue": "string",
- "routearea": "string",
- "routecost": "string"
}
], - "redistributeconnectedsubnets": true,
- "redistributeconnectedsubnets_routemap": "string",
- "redistributekernel": true,
- "redistributekernel_routemap": "string",
- "redistributebgp": true,
- "redistributebgp_routemap": "string",
- "redistributestatic": true,
- "redistributestatic_routemap": "string",
- "exportlist": "string",
- "importlist": "string",
- "filterlist_out": "string",
- "filterlist_in": "string",
- "referencebandwidth": "string",
- "distance": "string",
- "distance_external": "string",
- "distance_interarea": "string",
- "distance_intraarea": "string",
- "redistributeconnectedsubnets_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributekernel_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributebgp_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributestatic_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "exportlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "importlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "filterlist_out_options": [
- {
- "value": "string",
- "text": "string"
}
], - "filterlist_in_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| enable | boolean Enable Enable OSPF6 Routing |
| adjacencylog | boolean Log Adjacency Changes If set to yes, adjacency changes will be written via syslog. |
| routerid | string Router ID Override the default Router ID. RID is the highest logical (loopback) IP address configured on a router. For more information on router identifiers see http://en.wikipedia.org/wiki/Open_Shortest_Path_First |
| updatefib | string Disable FIB updates (Routing table) (none, stub) Disables the updating of the host routing table (turns into stub router). |
| spfholdtime | string SPF Hold Time Set the SPF holdtime in milliseconds. The minimum time between two consecutive shortest path first calculations. The default value is 5 seconds; the valid range is 1-5 seconds. |
| spfdelay | string SPF Delay Set SPF delay in milliseconds. The delay between receiving an update to the link state database and starting the shortest path first calculation. The default value is 1; valid range is 1-10 seconds. |
| enablesnmpagentx | boolean (Modules) Enable SNMP AgentX Enable agentx support for accessing FRR OSPF6 data via SNMP with the net-snmp package. |
| defaultarea | string (Default Area) Default Area Default OSPF6 area for this instance of OSPF6. Used when an area is required but not defined elsewhere. For more information on Areas see http://en.wikipedia.org/wiki/Open_Shortest_Path_First#Area_types |
| defaultareatype | string (Default Area) Default Area Type (none, stub, nosum) Defines how the default area behaves |
Array of objects (FrrOspf6dRow) | |
| redistributeconnectedsubnets | boolean (Route Redistribution) Connected Networks Redistribute Connected Networks |
| redistributeconnectedsubnets_routemap | string (Route Redistribution) Route Map |
| redistributekernel | boolean (Route Redistribution) pfSense Kernel Routes Redistribute pfSense Kernel |
| redistributekernel_routemap | string (Route Redistribution) Route Map |
| redistributebgp | boolean (Route Redistribution) BGP Routes Redistribute BGP |
| redistributebgp_routemap | string (Route Redistribution) Route Map |
| redistributestatic | boolean (Route Redistribution) FRR Static Routes Redistribute FRR Static |
| redistributestatic_routemap | string (Route Redistribution) Route Map |
| exportlist | string (Route Filtering) Export List Uses this access list to filter route information transmitted to OSPF peers |
| importlist | string (Route Filtering) Import List Uses this access list to filter route information received from OSPF peers |
| filterlist_out | string (Route Filtering) Filter List (Out) Uses a prefix list to filter route information transmitted to OSPF peers |
| filterlist_in | string (Route Filtering) Filter List (In) Uses a prefix list to filter route information received from OSPF peers |
| referencebandwidth | string (Advanced) Reference Bandwidth Base value, in Mbit/s, used to calculate automatic interface costs. Must be set the same on all OSPF routers (1-4294967, default 100). |
| distance | string (Advanced) Distance Administrative distance (1-255). |
| distance_external | string (Advanced) External Distance External route distance (1-255). |
| distance_interarea | string (Advanced) Inter-area Distance Inter-area route distance (1-255). |
| distance_intraarea | string (Advanced) Intra-area Distance Intra-area route distance (1-255). |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) |
{- "enable": true,
- "adjacencylog": true,
- "routerid": "string",
- "updatefib": "string",
- "spfholdtime": "string",
- "spfdelay": "string",
- "enablesnmpagentx": true,
- "defaultarea": "string",
- "defaultareatype": "string",
- "row": [
- {
- "routevalue": "string",
- "routearea": "string",
- "routecost": "string"
}
], - "redistributeconnectedsubnets": true,
- "redistributeconnectedsubnets_routemap": "string",
- "redistributekernel": true,
- "redistributekernel_routemap": "string",
- "redistributebgp": true,
- "redistributebgp_routemap": "string",
- "redistributestatic": true,
- "redistributestatic_routemap": "string",
- "exportlist": "string",
- "importlist": "string",
- "filterlist_out": "string",
- "filterlist_in": "string",
- "referencebandwidth": "string",
- "distance": "string",
- "distance_external": "string",
- "distance_interarea": "string",
- "distance_intraarea": "string",
- "redistributeconnectedsubnets_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributekernel_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributebgp_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributestatic_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "exportlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "importlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "filterlist_out_options": [
- {
- "value": "string",
- "text": "string"
}
], - "filterlist_in_options": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "enable": true,
- "adjacencylog": true,
- "routerid": "string",
- "updatefib": "string",
- "spfholdtime": "string",
- "spfdelay": "string",
- "enablesnmpagentx": true,
- "defaultarea": "string",
- "defaultareatype": "string",
- "row": [
- {
- "routevalue": "string",
- "routearea": "string",
- "routecost": "string"
}
], - "redistributeconnectedsubnets": true,
- "redistributeconnectedsubnets_routemap": "string",
- "redistributekernel": true,
- "redistributekernel_routemap": "string",
- "redistributebgp": true,
- "redistributebgp_routemap": "string",
- "redistributestatic": true,
- "redistributestatic_routemap": "string",
- "exportlist": "string",
- "importlist": "string",
- "filterlist_out": "string",
- "filterlist_in": "string",
- "referencebandwidth": "string",
- "distance": "string",
- "distance_external": "string",
- "distance_interarea": "string",
- "distance_intraarea": "string",
- "redistributeconnectedsubnets_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributekernel_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributebgp_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributestatic_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "exportlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "importlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "filterlist_out_options": [
- {
- "value": "string",
- "text": "string"
}
], - "filterlist_in_options": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "ospf6dinterfaces": [
- {
- "interface": "string",
- "descr": "string",
- "networktype": "string",
- "passive": true,
- "mtuignore": true,
- "interfacearea": "string",
- "instanceid": "string",
- "metric": "string",
- "routerpriorityelections": "string",
- "hellointervalinseconds": "string",
- "deadtimer": "string",
- "retransmitinterval": "string",
- "bfdenable": true,
- "id": "string"
}
], - "interface_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| interface | string (Interface Options) Interface Enter the desired participating interface here. If this interface has a gateway, rules on this interface will have "reply-to"
by default. This will interfere with the operation of OSPFv3 on the interface. Add
a rule at the top of the ruleset for this interface to pass IPv6 OSPF traffic with
Disable reply-to checked in |
| descr | string (Interface Options) Description |
| networktype | string (Interface Options) Network Type (, broadcast, point-to-point) Select OSPF6 Network Type of the interface. |
| passive | boolean (Interface Options) Interface is Passive Prevent transmission and reception of OSPF6 packets on this interface. The specified interface will be announced as a stub network. |
| mtuignore | boolean (Interface Options) Ignore MTU Ignore MTU values for OSPF6 peers on this interface. Allows OSPF6 to form full adjacencies even when there is an MTU mismatch. |
| interfacearea | string (OSPF6 Interface Handling) Area The area for this interface (leave blank for default). |
| instanceid | string (OSPF6 Interface Handling) Instance ID Instance ID for this OSPF6 interface (leave blank for default). |
| metric | string (OSPF6 Interface Handling) Metric Metric (cost) for this OSPF6 interface (leave blank for default). |
| routerpriorityelections | string (Advanced) Router Priority Router priority when participating in elections for DR (Default 1) Valid range is 0-255. 0 will cause the router to not participate in election. |
| hellointervalinseconds | string (Advanced) Hello Interval Hello Interval this OSPF6 interface in seconds (Default 10). |
| deadtimer | string (Advanced) Dead Timer Dead Timer for this OSPF6 interface in seconds (Default 40). |
| retransmitinterval | string (Advanced) Retransmit Interval Retransmit Interval this OSPF6 interface in seconds (Default 5). |
| bfdenable | boolean (BFD) BFD Enable Listen for BFD events on peers created on the interface. When OSPF6 finds a new neighbor, it creates a BFD peer to monitor the link status for fast convergence. |
| id | string (readonly) ID assigned to this entry |
{- "interface": "string",
- "descr": "string",
- "networktype": "string",
- "passive": true,
- "mtuignore": true,
- "interfacearea": "string",
- "instanceid": "string",
- "metric": "string",
- "routerpriorityelections": "string",
- "hellointervalinseconds": "string",
- "deadtimer": "string",
- "retransmitinterval": "string",
- "bfdenable": true,
- "id": "string"
}{- "interface": "string",
- "descr": "string",
- "networktype": "string",
- "passive": true,
- "mtuignore": true,
- "interfacearea": "string",
- "instanceid": "string",
- "metric": "string",
- "routerpriorityelections": "string",
- "hellointervalinseconds": "string",
- "deadtimer": "string",
- "retransmitinterval": "string",
- "bfdenable": true,
- "id": "string"
}| id required | string |
| interface | string (Interface Options) Interface Enter the desired participating interface here. If this interface has a gateway, rules on this interface will have "reply-to"
by default. This will interfere with the operation of OSPFv3 on the interface. Add
a rule at the top of the ruleset for this interface to pass IPv6 OSPF traffic with
Disable reply-to checked in |
| descr | string (Interface Options) Description |
| networktype | string (Interface Options) Network Type (, broadcast, point-to-point) Select OSPF6 Network Type of the interface. |
| passive | boolean (Interface Options) Interface is Passive Prevent transmission and reception of OSPF6 packets on this interface. The specified interface will be announced as a stub network. |
| mtuignore | boolean (Interface Options) Ignore MTU Ignore MTU values for OSPF6 peers on this interface. Allows OSPF6 to form full adjacencies even when there is an MTU mismatch. |
| interfacearea | string (OSPF6 Interface Handling) Area The area for this interface (leave blank for default). |
| instanceid | string (OSPF6 Interface Handling) Instance ID Instance ID for this OSPF6 interface (leave blank for default). |
| metric | string (OSPF6 Interface Handling) Metric Metric (cost) for this OSPF6 interface (leave blank for default). |
| routerpriorityelections | string (Advanced) Router Priority Router priority when participating in elections for DR (Default 1) Valid range is 0-255. 0 will cause the router to not participate in election. |
| hellointervalinseconds | string (Advanced) Hello Interval Hello Interval this OSPF6 interface in seconds (Default 10). |
| deadtimer | string (Advanced) Dead Timer Dead Timer for this OSPF6 interface in seconds (Default 40). |
| retransmitinterval | string (Advanced) Retransmit Interval Retransmit Interval this OSPF6 interface in seconds (Default 5). |
| bfdenable | boolean (BFD) BFD Enable Listen for BFD events on peers created on the interface. When OSPF6 finds a new neighbor, it creates a BFD peer to monitor the link status for fast convergence. |
| id | string (readonly) ID assigned to this entry |
{- "interface": "string",
- "descr": "string",
- "networktype": "string",
- "passive": true,
- "mtuignore": true,
- "interfacearea": "string",
- "instanceid": "string",
- "metric": "string",
- "routerpriorityelections": "string",
- "hellointervalinseconds": "string",
- "deadtimer": "string",
- "retransmitinterval": "string",
- "bfdenable": true,
- "id": "string"
}{- "interface": "string",
- "descr": "string",
- "networktype": "string",
- "passive": true,
- "mtuignore": true,
- "interfacearea": "string",
- "instanceid": "string",
- "metric": "string",
- "routerpriorityelections": "string",
- "hellointervalinseconds": "string",
- "deadtimer": "string",
- "retransmitinterval": "string",
- "bfdenable": true,
- "id": "string"
}{- "enable": true,
- "adjacencylog": true,
- "routerid": "string",
- "spfholdtime": "string",
- "spfdelay": "string",
- "enablesnmpagentx": true,
- "defaultarea": "string",
- "defaultareatype": "string",
- "row": [
- {
- "routevalue": "string",
- "routearea": "string"
}
], - "redistributeconnectedsubnets": true,
- "redistributeconnectedsubnets_metric": "string",
- "redistributeconnectedsubnets_metrictype": "string",
- "redistributeconnectedsubnets_routemap": "string",
- "redistributeconnectedsubnets_distlist": "string",
- "redistributekernel": true,
- "redistributekernel_metric": "string",
- "redistributekernel_metrictype": "string",
- "redistributekernel_routemap": "string",
- "redistributekernel_distlist": "string",
- "redistributebgp": true,
- "redistributebgp_metric": "string",
- "redistributebgp_metrictype": "string",
- "redistributebgp_routemap": "string",
- "redistributebgp_distlist": "string",
- "redistributerip": true,
- "redistributerip_metric": "string",
- "redistributerip_metrictype": "string",
- "redistributerip_routemap": "string",
- "redistributerip_distlist": "string",
- "redistributestatic": true,
- "redistributestatic_metric": "string",
- "redistributestatic_metrictype": "string",
- "redistributestatic_routemap": "string",
- "redistributestatic_distlist": "string",
- "redistributedefaultroute": true,
- "redistributedefaultroute_always": true,
- "redistributedefaultroute_metric": "string",
- "redistributedefaultroute_metrictype": "string",
- "redistributedefaultroute_routemap": "string",
- "rfc1583": true,
- "opaquelsa": true,
- "referencebandwidth": "string",
- "max_metric_administrative": true,
- "max_metric_startup": "string",
- "max_metric_shutdown": "string",
- "writemultiplier": "string",
- "abrtype": "string",
- "redistributeconnectedsubnets_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributeconnectedsubnets_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributekernel_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributekernel_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributebgp_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributebgp_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributerip_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributerip_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributestatic_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributestatic_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributedefaultroute_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| enable | boolean Enable Enable OSPF Routing |
| adjacencylog | boolean Log Adjacency Changes If set to yes, adjacency changes will be written via syslog. |
| routerid | string Router ID Override the default Router ID. RID is the highest logical (loopback) IP address configured on a router. For more information on router identifiers see http://en.wikipedia.org/wiki/Open_Shortest_Path_First. |
| spfholdtime | string SPF Hold Time Set the SPF holdtime in milliseconds. The minimum time between two consecutive shortest path first calculations. (0-60000, Default: 1000) |
| spfdelay | string SPF Delay Set SPF delay in milliseconds. The delay between receiving an update to the link state database and starting the shortest path first calculation. (0-600000, Default: 200) |
| enablesnmpagentx | boolean (Modules) Enable SNMP AgentX Enable agentx support for accessing FRR Zebra data via SNMP with the net-snmp package. |
| defaultarea | string (Default Area) Default Area Default OSPF area for this instance of OSPF. Used when an area is required but not defined elsewhere. For more information on Areas see http://en.wikipedia.org/wiki/Open_Shortest_Path_First#Area_types. |
| defaultareatype | string (Default Area) Default Area Type (none, stub, nosum, nssa, nssanosum) Defines how the default area behaves |
Array of objects (FrrOspfdRow) | |
| redistributeconnectedsubnets | boolean (Route Redistribution) Connected Networks Redistribute Connected Networks |
| redistributeconnectedsubnets_metric | string (Route Redistribution) Metric Metric |
| redistributeconnectedsubnets_metrictype | string (Route Redistribution) Metric Type Metric Type 1/2 |
| redistributeconnectedsubnets_routemap | string (Route Redistribution) Route Map |
| redistributeconnectedsubnets_distlist | string (Route Redistribution) Distribute List Distribute List |
| redistributekernel | boolean (Route Redistribution) pfSense Kernel Routes Redistribute pfSense Kernel |
| redistributekernel_metric | string (Route Redistribution) Metric Metric |
| redistributekernel_metrictype | string (Route Redistribution) Metric Type Metric Type 1/2 |
| redistributekernel_routemap | string (Route Redistribution) Route Map |
| redistributekernel_distlist | string (Route Redistribution) Distribute List Distribute List |
| redistributebgp | boolean (Route Redistribution) BGP Routes Redistribute BGP |
| redistributebgp_metric | string (Route Redistribution) Metric Metric |
| redistributebgp_metrictype | string (Route Redistribution) Metric Type Metric Type 1/2 |
| redistributebgp_routemap | string (Route Redistribution) Route Map |
| redistributebgp_distlist | string (Route Redistribution) Distribute List Distribute List |
| redistributerip | boolean (Route Redistribution) RIP Routes Redistribute RIP |
| redistributerip_metric | string (Route Redistribution) Metric Metric |
| redistributerip_metrictype | string (Route Redistribution) Metric Type Metric Type 1/2 |
| redistributerip_routemap | string (Route Redistribution) Route Map |
| redistributerip_distlist | string (Route Redistribution) Distribute List Distribute List |
| redistributestatic | boolean (Route Redistribution) FRR Static Routes Redistribute FRR Static |
| redistributestatic_metric | string (Route Redistribution) Metric Metric |
| redistributestatic_metrictype | string (Route Redistribution) Metric Type Metric Type 1/2 |
| redistributestatic_routemap | string (Route Redistribution) Route Map |
| redistributestatic_distlist | string (Route Redistribution) Distribute List Distribute List |
| redistributedefaultroute | boolean (Default Route Redistribution) Redistribute Default Redistribute a Default route to neighbors |
| redistributedefaultroute_always | boolean (Default Route Redistribution) Always Redistribute Always distribute a default route, even if routing table contains no default. |
| redistributedefaultroute_metric | string (Default Route Redistribution) Default Metric Default route metric (0-16777214) |
| redistributedefaultroute_metrictype | string (Default Route Redistribution) Default Metric Type Default Metric Type (1 or 2) |
| redistributedefaultroute_routemap | string (Default Route Redistribution) Route Map Route Map used to filter default route redistribution. |
| rfc1583 | boolean (Advanced) RFC 1583 Compatibility If enabled, decisions regarding AS-external routes are evaluated according to RFC 1583/RFC 2328 (Section G.2). The default is no. |
| opaquelsa | boolean (Advanced) Opaque LSA Enables support for Opaque LSA messages. |
| referencebandwidth | string (Advanced) Reference Bandwidth Base value, in Mbit/s, used to calculate automatic interface costs. Must be set the same on all OSPF routers (1-4294967, default 100). |
| max_metric_administrative | boolean (Advanced) Max Metric Administratively Enable Max Metric |
| max_metric_startup | string (Advanced) Startup Seconds Max Metric Seconds at Startup (5-86400, blank to disable) |
| max_metric_shutdown | string (Advanced) Shutdown Seconds Max Metric Seconds at Shutdown (5-86400, blank to disable) |
| writemultiplier | string (Advanced) Write Multiplier Interfaces to process per write, (1-100, default 20) |
| abrtype | string (Advanced) ABR type (cisco, ibm, shortcut, standard) Defines the standard used when acting as an ABR |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) |
{- "enable": true,
- "adjacencylog": true,
- "routerid": "string",
- "spfholdtime": "string",
- "spfdelay": "string",
- "enablesnmpagentx": true,
- "defaultarea": "string",
- "defaultareatype": "string",
- "row": [
- {
- "routevalue": "string",
- "routearea": "string"
}
], - "redistributeconnectedsubnets": true,
- "redistributeconnectedsubnets_metric": "string",
- "redistributeconnectedsubnets_metrictype": "string",
- "redistributeconnectedsubnets_routemap": "string",
- "redistributeconnectedsubnets_distlist": "string",
- "redistributekernel": true,
- "redistributekernel_metric": "string",
- "redistributekernel_metrictype": "string",
- "redistributekernel_routemap": "string",
- "redistributekernel_distlist": "string",
- "redistributebgp": true,
- "redistributebgp_metric": "string",
- "redistributebgp_metrictype": "string",
- "redistributebgp_routemap": "string",
- "redistributebgp_distlist": "string",
- "redistributerip": true,
- "redistributerip_metric": "string",
- "redistributerip_metrictype": "string",
- "redistributerip_routemap": "string",
- "redistributerip_distlist": "string",
- "redistributestatic": true,
- "redistributestatic_metric": "string",
- "redistributestatic_metrictype": "string",
- "redistributestatic_routemap": "string",
- "redistributestatic_distlist": "string",
- "redistributedefaultroute": true,
- "redistributedefaultroute_always": true,
- "redistributedefaultroute_metric": "string",
- "redistributedefaultroute_metrictype": "string",
- "redistributedefaultroute_routemap": "string",
- "rfc1583": true,
- "opaquelsa": true,
- "referencebandwidth": "string",
- "max_metric_administrative": true,
- "max_metric_startup": "string",
- "max_metric_shutdown": "string",
- "writemultiplier": "string",
- "abrtype": "string",
- "redistributeconnectedsubnets_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributeconnectedsubnets_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributekernel_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributekernel_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributebgp_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributebgp_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributerip_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributerip_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributestatic_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributestatic_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributedefaultroute_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "enable": true,
- "adjacencylog": true,
- "routerid": "string",
- "spfholdtime": "string",
- "spfdelay": "string",
- "enablesnmpagentx": true,
- "defaultarea": "string",
- "defaultareatype": "string",
- "row": [
- {
- "routevalue": "string",
- "routearea": "string"
}
], - "redistributeconnectedsubnets": true,
- "redistributeconnectedsubnets_metric": "string",
- "redistributeconnectedsubnets_metrictype": "string",
- "redistributeconnectedsubnets_routemap": "string",
- "redistributeconnectedsubnets_distlist": "string",
- "redistributekernel": true,
- "redistributekernel_metric": "string",
- "redistributekernel_metrictype": "string",
- "redistributekernel_routemap": "string",
- "redistributekernel_distlist": "string",
- "redistributebgp": true,
- "redistributebgp_metric": "string",
- "redistributebgp_metrictype": "string",
- "redistributebgp_routemap": "string",
- "redistributebgp_distlist": "string",
- "redistributerip": true,
- "redistributerip_metric": "string",
- "redistributerip_metrictype": "string",
- "redistributerip_routemap": "string",
- "redistributerip_distlist": "string",
- "redistributestatic": true,
- "redistributestatic_metric": "string",
- "redistributestatic_metrictype": "string",
- "redistributestatic_routemap": "string",
- "redistributestatic_distlist": "string",
- "redistributedefaultroute": true,
- "redistributedefaultroute_always": true,
- "redistributedefaultroute_metric": "string",
- "redistributedefaultroute_metrictype": "string",
- "redistributedefaultroute_routemap": "string",
- "rfc1583": true,
- "opaquelsa": true,
- "referencebandwidth": "string",
- "max_metric_administrative": true,
- "max_metric_startup": "string",
- "max_metric_shutdown": "string",
- "writemultiplier": "string",
- "abrtype": "string",
- "redistributeconnectedsubnets_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributeconnectedsubnets_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributekernel_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributekernel_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributebgp_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributebgp_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributerip_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributerip_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributestatic_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributestatic_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributedefaultroute_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "ospfd6areas": [
- {
- "area": "string",
- "descr": "string",
- "type": "string",
- "row": [
- {
- "rangeprefix": "string",
- "rangenotadvertise": "string",
- "rangecost": "string",
- "id": "string"
}
], - "exportlist": "string",
- "importlist": "string",
- "filterlist_out": "string",
- "filterlist_in": "string",
- "id": "string"
}
], - "exportlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "importlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "filterlist_out_options": [
- {
- "value": "string",
- "text": "string"
}
], - "filterlist_in_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| area | string (Area Options) Area The ID for this area. |
| descr | string (Area Options) Description |
| type | string (Area Options) Area Type (none, stub, nosum) Defines how this area behaves |
Array of objects (FrrOspfd6AreasRow) | |
| exportlist | string (ABR Summary Route Filtering) Export List Uses this access list to filter summary route information transmitted to OSPF peers when acting as an ABR |
| importlist | string (ABR Summary Route Filtering) Import List Uses this access list to filter summary route information received from OSPF peers when acting as an ABR |
| filterlist_out | string (ABR Summary Route Filtering) Filter List (Out) Uses a prefix list to filter summary route information transmitted to OSPF peers when acting as an ABR |
| filterlist_in | string (ABR Summary Route Filtering) Filter List (In) Uses a prefix list to filter summary route information received from OSPF peers when acting as an ABR |
| id | string (readonly) ID |
{- "area": "string",
- "descr": "string",
- "type": "string",
- "row": [
- {
- "rangeprefix": "string",
- "rangenotadvertise": "string",
- "rangecost": "string",
- "id": "string"
}
], - "exportlist": "string",
- "importlist": "string",
- "filterlist_out": "string",
- "filterlist_in": "string",
- "id": "string"
}{- "area": "string",
- "descr": "string",
- "type": "string",
- "row": [
- {
- "rangeprefix": "string",
- "rangenotadvertise": "string",
- "rangecost": "string",
- "id": "string"
}
], - "exportlist": "string",
- "importlist": "string",
- "filterlist_out": "string",
- "filterlist_in": "string",
- "id": "string"
}| id required | string |
| area | string (Area Options) Area The ID for this area. |
| descr | string (Area Options) Description |
| type | string (Area Options) Area Type (none, stub, nosum) Defines how this area behaves |
Array of objects (FrrOspfd6AreasRow) | |
| exportlist | string (ABR Summary Route Filtering) Export List Uses this access list to filter summary route information transmitted to OSPF peers when acting as an ABR |
| importlist | string (ABR Summary Route Filtering) Import List Uses this access list to filter summary route information received from OSPF peers when acting as an ABR |
| filterlist_out | string (ABR Summary Route Filtering) Filter List (Out) Uses a prefix list to filter summary route information transmitted to OSPF peers when acting as an ABR |
| filterlist_in | string (ABR Summary Route Filtering) Filter List (In) Uses a prefix list to filter summary route information received from OSPF peers when acting as an ABR |
| id | string (readonly) ID |
{- "area": "string",
- "descr": "string",
- "type": "string",
- "row": [
- {
- "rangeprefix": "string",
- "rangenotadvertise": "string",
- "rangecost": "string",
- "id": "string"
}
], - "exportlist": "string",
- "importlist": "string",
- "filterlist_out": "string",
- "filterlist_in": "string",
- "id": "string"
}{- "area": "string",
- "descr": "string",
- "type": "string",
- "row": [
- {
- "rangeprefix": "string",
- "rangenotadvertise": "string",
- "rangecost": "string",
- "id": "string"
}
], - "exportlist": "string",
- "importlist": "string",
- "filterlist_out": "string",
- "filterlist_in": "string",
- "id": "string"
}{- "ospfdareas": [
- {
- "area": "string",
- "descr": "string",
- "type": "string",
- "defaultcost": "string",
- "shortcut": "string",
- "authtype": "string",
- "row": [
- {
- "rangeprefix": "string",
- "rangenotadvertise": "string",
- "rangecost": "string",
- "subprefix": "string",
- "id": "string"
}
], - "exportlist": "string",
- "importlist": "string",
- "filterlist_out": "string",
- "filterlist_in": "string",
- "id": "string"
}
], - "exportlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "importlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "filterlist_out_options": [
- {
- "value": "string",
- "text": "string"
}
], - "filterlist_in_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| area | string (Area Options) Area The ID for this area. |
| descr | string (Area Options) Description |
| type | string (Area Options) Area Type (none, stub, nosum, nssa, nssanosum) Defines how this area behaves |
| defaultcost | string (Area Options) Default Route Cost Cost applied to default route summary LSA messages sent to stub areas (0-16777215) |
| shortcut | string (Area Options) ABR Shortcut (default, enable, disable) Advertises the area as capable of using ABR shortcut behavior, if enabled in the OSPF Advanced Settings |
| authtype | string (Authentication) Authentication Type (, digest, simple) The type of OSPF authentication used by all routers in this area. This type must match all neighbors. Using Message Digest is the best practice as Simple Password authentication is weak. |
Array of objects (FrrOspfdAreasRow) | |
| exportlist | string (ABR Summary Route Filtering) Export List Uses this access list to filter summary route information transmitted to OSPF peers when acting as an ABR |
| importlist | string (ABR Summary Route Filtering) Import List Uses this access list to filter summary route information received from OSPF peers when acting as an ABR |
| filterlist_out | string (ABR Summary Route Filtering) Filter List (Out) Uses a prefix list to filter summary route information transmitted to OSPF peers when acting as an ABR |
| filterlist_in | string (ABR Summary Route Filtering) Filter List (In) Uses a prefix list to filter summary route information received from OSPF peers when acting as an ABR |
| id | string (readonly) ID |
{- "area": "string",
- "descr": "string",
- "type": "string",
- "defaultcost": "string",
- "shortcut": "string",
- "authtype": "string",
- "row": [
- {
- "rangeprefix": "string",
- "rangenotadvertise": "string",
- "rangecost": "string",
- "subprefix": "string",
- "id": "string"
}
], - "exportlist": "string",
- "importlist": "string",
- "filterlist_out": "string",
- "filterlist_in": "string",
- "id": "string"
}{- "area": "string",
- "descr": "string",
- "type": "string",
- "defaultcost": "string",
- "shortcut": "string",
- "authtype": "string",
- "row": [
- {
- "rangeprefix": "string",
- "rangenotadvertise": "string",
- "rangecost": "string",
- "subprefix": "string",
- "id": "string"
}
], - "exportlist": "string",
- "importlist": "string",
- "filterlist_out": "string",
- "filterlist_in": "string",
- "id": "string"
}| id required | string |
| area | string (Area Options) Area The ID for this area. |
| descr | string (Area Options) Description |
| type | string (Area Options) Area Type (none, stub, nosum, nssa, nssanosum) Defines how this area behaves |
| defaultcost | string (Area Options) Default Route Cost Cost applied to default route summary LSA messages sent to stub areas (0-16777215) |
| shortcut | string (Area Options) ABR Shortcut (default, enable, disable) Advertises the area as capable of using ABR shortcut behavior, if enabled in the OSPF Advanced Settings |
| authtype | string (Authentication) Authentication Type (, digest, simple) The type of OSPF authentication used by all routers in this area. This type must match all neighbors. Using Message Digest is the best practice as Simple Password authentication is weak. |
Array of objects (FrrOspfdAreasRow) | |
| exportlist | string (ABR Summary Route Filtering) Export List Uses this access list to filter summary route information transmitted to OSPF peers when acting as an ABR |
| importlist | string (ABR Summary Route Filtering) Import List Uses this access list to filter summary route information received from OSPF peers when acting as an ABR |
| filterlist_out | string (ABR Summary Route Filtering) Filter List (Out) Uses a prefix list to filter summary route information transmitted to OSPF peers when acting as an ABR |
| filterlist_in | string (ABR Summary Route Filtering) Filter List (In) Uses a prefix list to filter summary route information received from OSPF peers when acting as an ABR |
| id | string (readonly) ID |
{- "area": "string",
- "descr": "string",
- "type": "string",
- "defaultcost": "string",
- "shortcut": "string",
- "authtype": "string",
- "row": [
- {
- "rangeprefix": "string",
- "rangenotadvertise": "string",
- "rangecost": "string",
- "subprefix": "string",
- "id": "string"
}
], - "exportlist": "string",
- "importlist": "string",
- "filterlist_out": "string",
- "filterlist_in": "string",
- "id": "string"
}{- "area": "string",
- "descr": "string",
- "type": "string",
- "defaultcost": "string",
- "shortcut": "string",
- "authtype": "string",
- "row": [
- {
- "rangeprefix": "string",
- "rangenotadvertise": "string",
- "rangecost": "string",
- "subprefix": "string",
- "id": "string"
}
], - "exportlist": "string",
- "importlist": "string",
- "filterlist_out": "string",
- "filterlist_in": "string",
- "id": "string"
}{- "ospfdinterfaces": [
- {
- "interface": "string",
- "descr": "string",
- "networktype": "string",
- "passive": true,
- "mtuignore": true,
- "metric": "string",
- "interfacearea": "string",
- "acceptfilter": true,
- "authtype": "string",
- "password": "string",
- "routerpriorityelections": "string",
- "retransmitinterval": "string",
- "hellointervalinseconds": "string",
- "deadtimer": "string",
- "minimalhello": "string",
- "bfdenable": true,
- "id": "string"
}
], - "interface_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| interface | string (Interface Options) Interface Enter the desired participating interface here. |
| descr | string (Interface Options) Description |
| networktype | string (Interface Options) Network Type (, broadcast, non-broadcast, point-to-multipoint, point-to-point) Select OSPF Network Type of the interface. |
| passive | boolean (Interface Options) Interface is Passive Prevent transmission and reception of OSPF packets on this interface. The specified interface will be announced as a stub network. |
| mtuignore | boolean (Interface Options) Ignore MTU Ignore MTU values for OSPF peers on this interface. Allows OSPF to form full adjacencies even when there is an MTU mismatch. |
| metric | string (OSPF Interface Handling) Metric Metric (Cost) for this OSPF interface (leave blank for default). |
| interfacearea | string (OSPF Interface Handling) Area The area for this interface (leave blank for default). |
| acceptfilter | boolean (OSPF Interface Handling) Accept Filter Prevent routes for this interface subnet or IP address from being distributed by OSPF (Suggested for Multi-WAN environments). |
| authtype | string (Authentication) Authentication Type (, digest, simple, null) The type of OSPF authentication to use on this interface. This type must match all neighbors reachable through this interface. Using Message Digest is the best practice as Simple Password authentication is weak. |
| password | string (Authentication) Password Password to use with Simple Password or Message Digest authentication. This value must match all neighbors reachable through this interface. Simple passwords may be up to 8 characters, Message Digest passwords (keys) may be up to 16 characters. |
| routerpriorityelections | string (Advanced) Router Priority Router priority when participating in elections for DR (0-255, Default 1) 0 will cause the router to not participate in election. |
| retransmitinterval | string (Advanced) Retransmit Interval Retransmit Interval this OSPF interface in seconds (3-65535, Default 5). |
| hellointervalinseconds | string (Advanced) Hello Interval Hello Interval this OSPF interface in seconds (1-65535, Default 10). |
| deadtimer | string (Advanced) Dead Interval Dead Interval for this OSPF interface in seconds (1-65535, Default 40). |
| minimalhello | string (Advanced) Minimal Hello Minimal Hello multiplier for this OSPF interface in seconds (1-10, Default disabled). Overrides the Hello Interval and Dead Interval and instead sends this number of Hello messages per second. |
| bfdenable | boolean (BFD) BFD Enable Listen for BFD events on peers created on the interface. When OSPF finds a new neighbor, it creates a BFD peer to monitor the link status for fast convergence. |
| id | string (readonly) ID assigned to this entry |
{- "interface": "string",
- "descr": "string",
- "networktype": "string",
- "passive": true,
- "mtuignore": true,
- "metric": "string",
- "interfacearea": "string",
- "acceptfilter": true,
- "authtype": "string",
- "password": "string",
- "routerpriorityelections": "string",
- "retransmitinterval": "string",
- "hellointervalinseconds": "string",
- "deadtimer": "string",
- "minimalhello": "string",
- "bfdenable": true,
- "id": "string"
}{- "interface": "string",
- "descr": "string",
- "networktype": "string",
- "passive": true,
- "mtuignore": true,
- "metric": "string",
- "interfacearea": "string",
- "acceptfilter": true,
- "authtype": "string",
- "password": "string",
- "routerpriorityelections": "string",
- "retransmitinterval": "string",
- "hellointervalinseconds": "string",
- "deadtimer": "string",
- "minimalhello": "string",
- "bfdenable": true,
- "id": "string"
}| id required | string |
| interface | string (Interface Options) Interface Enter the desired participating interface here. |
| descr | string (Interface Options) Description |
| networktype | string (Interface Options) Network Type (, broadcast, non-broadcast, point-to-multipoint, point-to-point) Select OSPF Network Type of the interface. |
| passive | boolean (Interface Options) Interface is Passive Prevent transmission and reception of OSPF packets on this interface. The specified interface will be announced as a stub network. |
| mtuignore | boolean (Interface Options) Ignore MTU Ignore MTU values for OSPF peers on this interface. Allows OSPF to form full adjacencies even when there is an MTU mismatch. |
| metric | string (OSPF Interface Handling) Metric Metric (Cost) for this OSPF interface (leave blank for default). |
| interfacearea | string (OSPF Interface Handling) Area The area for this interface (leave blank for default). |
| acceptfilter | boolean (OSPF Interface Handling) Accept Filter Prevent routes for this interface subnet or IP address from being distributed by OSPF (Suggested for Multi-WAN environments). |
| authtype | string (Authentication) Authentication Type (, digest, simple, null) The type of OSPF authentication to use on this interface. This type must match all neighbors reachable through this interface. Using Message Digest is the best practice as Simple Password authentication is weak. |
| password | string (Authentication) Password Password to use with Simple Password or Message Digest authentication. This value must match all neighbors reachable through this interface. Simple passwords may be up to 8 characters, Message Digest passwords (keys) may be up to 16 characters. |
| routerpriorityelections | string (Advanced) Router Priority Router priority when participating in elections for DR (0-255, Default 1) 0 will cause the router to not participate in election. |
| retransmitinterval | string (Advanced) Retransmit Interval Retransmit Interval this OSPF interface in seconds (3-65535, Default 5). |
| hellointervalinseconds | string (Advanced) Hello Interval Hello Interval this OSPF interface in seconds (1-65535, Default 10). |
| deadtimer | string (Advanced) Dead Interval Dead Interval for this OSPF interface in seconds (1-65535, Default 40). |
| minimalhello | string (Advanced) Minimal Hello Minimal Hello multiplier for this OSPF interface in seconds (1-10, Default disabled). Overrides the Hello Interval and Dead Interval and instead sends this number of Hello messages per second. |
| bfdenable | boolean (BFD) BFD Enable Listen for BFD events on peers created on the interface. When OSPF finds a new neighbor, it creates a BFD peer to monitor the link status for fast convergence. |
| id | string (readonly) ID assigned to this entry |
{- "interface": "string",
- "descr": "string",
- "networktype": "string",
- "passive": true,
- "mtuignore": true,
- "metric": "string",
- "interfacearea": "string",
- "acceptfilter": true,
- "authtype": "string",
- "password": "string",
- "routerpriorityelections": "string",
- "retransmitinterval": "string",
- "hellointervalinseconds": "string",
- "deadtimer": "string",
- "minimalhello": "string",
- "bfdenable": true,
- "id": "string"
}{- "interface": "string",
- "descr": "string",
- "networktype": "string",
- "passive": true,
- "mtuignore": true,
- "metric": "string",
- "interfacearea": "string",
- "acceptfilter": true,
- "authtype": "string",
- "password": "string",
- "routerpriorityelections": "string",
- "retransmitinterval": "string",
- "hellointervalinseconds": "string",
- "deadtimer": "string",
- "minimalhello": "string",
- "bfdenable": true,
- "id": "string"
}| neighbor | string (OSPF Neighbors) OSPF Neighbor IPv4 Address |
| descr | string (OSPF Neighbors) Description |
| priority | string (OSPF Neighbors) Neighbor Priority (0-255) Priority |
| pollinginterval | string (OSPF Neighbors) Dead Neighbor Polling interval (1-65535) Seconds |
| id | string (readonly) ID assigned to this entry |
{- "neighbor": "string",
- "descr": "string",
- "priority": "string",
- "pollinginterval": "string",
- "id": "string"
}{- "neighbor": "string",
- "descr": "string",
- "priority": "string",
- "pollinginterval": "string",
- "id": "string"
}| id required | string |
| neighbor | string (OSPF Neighbors) OSPF Neighbor IPv4 Address |
| descr | string (OSPF Neighbors) Description |
| priority | string (OSPF Neighbors) Neighbor Priority (0-255) Priority |
| pollinginterval | string (OSPF Neighbors) Dead Neighbor Polling interval (1-65535) Seconds |
| id | string (readonly) ID assigned to this entry |
{- "neighbor": "string",
- "descr": "string",
- "priority": "string",
- "pollinginterval": "string",
- "id": "string"
}{- "neighbor": "string",
- "descr": "string",
- "priority": "string",
- "pollinginterval": "string",
- "id": "string"
}{- "enable": true,
- "row": [
- {
- "routevalue": "string"
}
], - "redistributeconnectedsubnets": true,
- "redistributeconnectedsubnets_metric": "string",
- "redistributeconnectedsubnets_routemap": "string",
- "redistributeconnectedsubnets_distlist": "string",
- "redistributekernel": true,
- "redistributekernel_metric": "string",
- "redistributekernel_routemap": "string",
- "redistributekernel_distlist": "string",
- "redistributebgp": true,
- "redistributebgp_metric": "string",
- "redistributebgp_routemap": "string",
- "redistributebgp_distlist": "string",
- "redistributeospf": true,
- "redistributeospf_metric": "string",
- "redistributeospf_routemap": "string",
- "redistributeospf_distlist": "string",
- "redistributestatic": true,
- "redistributestatic_metric": "string",
- "redistributestatic_routemap": "string",
- "redistributestatic_distlist": "string",
- "redistributedefaultroute": true,
- "ripversion": "string",
- "inoffsetlist": "string",
- "inmetricvalue": "string",
- "outoffsetlist": "string",
- "outmetricvalue": "string",
- "redistributeconnectedsubnets_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributeconnectedsubnets_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributekernel_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributekernel_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributebgp_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributebgp_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributeospf_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributeospf_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributestatic_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributestatic_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "inoffsetlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "outoffsetlist_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| enable | boolean Enable Enable RIP Routing |
Array of objects (FrrRipdRow) | |
| redistributeconnectedsubnets | boolean (Route Redistribution) Connected Networks Redistribute Connected Networks |
| redistributeconnectedsubnets_metric | string (Route Redistribution) Metric (0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16) Metric |
| redistributeconnectedsubnets_routemap | string (Route Redistribution) Route Map |
| redistributeconnectedsubnets_distlist | string (Route Redistribution) Distribute List Distribute List |
| redistributekernel | boolean (Route Redistribution) pfSense Kernel Routes Redistribute pfSense Kernel |
| redistributekernel_metric | string (Route Redistribution) Metric (0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16) Metric |
| redistributekernel_routemap | string (Route Redistribution) Route Map |
| redistributekernel_distlist | string (Route Redistribution) Distribute List Distribute List |
| redistributebgp | boolean (Route Redistribution) BGP Routes Redistribute BGP |
| redistributebgp_metric | string (Route Redistribution) Metric (0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16) Metric |
| redistributebgp_routemap | string (Route Redistribution) Route Map |
| redistributebgp_distlist | string (Route Redistribution) Distribute List Distribute List |
| redistributeospf | boolean (Route Redistribution) OSPF Routes Redistribute OSPF |
| redistributeospf_metric | string (Route Redistribution) Metric (0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16) Metric |
| redistributeospf_routemap | string (Route Redistribution) Route Map |
| redistributeospf_distlist | string (Route Redistribution) Distribute List Distribute List |
| redistributestatic | boolean (Route Redistribution) FRR Static Routes Redistribute FRR Static |
| redistributestatic_metric | string (Route Redistribution) Metric (0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16) Metric |
| redistributestatic_routemap | string (Route Redistribution) Route Map |
| redistributestatic_distlist | string (Route Redistribution) Distribute List Distribute List |
| redistributedefaultroute | boolean (Default Route Redistribution) Redistribute Default Redistribute a Default route to neighbors |
| ripversion | string (Advanced) RIP Version (2, 1) Defines RIP version. |
| inoffsetlist | string (Advanced) Incoming Offset List Incoming Updates Offset List |
| inmetricvalue | string (Advanced) Metric Value (0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16) In Offset Metric Value |
| outoffsetlist | string (Advanced) Outgoing Offset List Outgoing Updates Offset List |
| outmetricvalue | string (Advanced) Metric Value (0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16) In Offset Metric Value |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) | |
Array of objects (TextValue) |
{- "enable": true,
- "row": [
- {
- "routevalue": "string"
}
], - "redistributeconnectedsubnets": true,
- "redistributeconnectedsubnets_metric": "string",
- "redistributeconnectedsubnets_routemap": "string",
- "redistributeconnectedsubnets_distlist": "string",
- "redistributekernel": true,
- "redistributekernel_metric": "string",
- "redistributekernel_routemap": "string",
- "redistributekernel_distlist": "string",
- "redistributebgp": true,
- "redistributebgp_metric": "string",
- "redistributebgp_routemap": "string",
- "redistributebgp_distlist": "string",
- "redistributeospf": true,
- "redistributeospf_metric": "string",
- "redistributeospf_routemap": "string",
- "redistributeospf_distlist": "string",
- "redistributestatic": true,
- "redistributestatic_metric": "string",
- "redistributestatic_routemap": "string",
- "redistributestatic_distlist": "string",
- "redistributedefaultroute": true,
- "ripversion": "string",
- "inoffsetlist": "string",
- "inmetricvalue": "string",
- "outoffsetlist": "string",
- "outmetricvalue": "string",
- "redistributeconnectedsubnets_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributeconnectedsubnets_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributekernel_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributekernel_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributebgp_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributebgp_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributeospf_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributeospf_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributestatic_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributestatic_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "inoffsetlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "outoffsetlist_options": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "enable": true,
- "row": [
- {
- "routevalue": "string"
}
], - "redistributeconnectedsubnets": true,
- "redistributeconnectedsubnets_metric": "string",
- "redistributeconnectedsubnets_routemap": "string",
- "redistributeconnectedsubnets_distlist": "string",
- "redistributekernel": true,
- "redistributekernel_metric": "string",
- "redistributekernel_routemap": "string",
- "redistributekernel_distlist": "string",
- "redistributebgp": true,
- "redistributebgp_metric": "string",
- "redistributebgp_routemap": "string",
- "redistributebgp_distlist": "string",
- "redistributeospf": true,
- "redistributeospf_metric": "string",
- "redistributeospf_routemap": "string",
- "redistributeospf_distlist": "string",
- "redistributestatic": true,
- "redistributestatic_metric": "string",
- "redistributestatic_routemap": "string",
- "redistributestatic_distlist": "string",
- "redistributedefaultroute": true,
- "ripversion": "string",
- "inoffsetlist": "string",
- "inmetricvalue": "string",
- "outoffsetlist": "string",
- "outmetricvalue": "string",
- "redistributeconnectedsubnets_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributeconnectedsubnets_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributekernel_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributekernel_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributebgp_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributebgp_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributeospf_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributeospf_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributestatic_routemap_options": [
- {
- "value": "string",
- "text": "string"
}
], - "redistributestatic_distlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "inoffsetlist_options": [
- {
- "value": "string",
- "text": "string"
}
], - "outoffsetlist_options": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "ripdinterfaces": [
- {
- "interface": "string",
- "descr": "string",
- "passive": true,
- "authtype": "string",
- "password": "string",
- "splithorizon": "string",
- "sendbroadcast": true,
- "sendversion": "string",
- "receiveversion": "string",
- "id": "string"
}
], - "interface_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| interface | string (Interface Options) Interface Enter the desired participating interface here. |
| descr | string (Interface Options) Description |
| passive | boolean (Interface Options) Interface is Passive Prevent transmission of RIP packets on this interface. |
| authtype | string (Authentication) Authentication Type (, digest, simple) The type of RIP authentication to use on this interface. This type must match all neighbors reachable through this interface. Using Message Digest is the best practice as Simple Password authentication is weak. |
| password | string (Authentication) Password Password to use with Simple Password or Message Digest authentication. This value must match all neighbors reachable through this interface. Passwords may be up to 16 characters. |
| splithorizon | string (Advanced) Split Horizon (none, splithorizon, reversepoison) Perform Split Horizon. |
| sendbroadcast | boolean (Advanced) Send Broadcast Send Broadcast updates instead of multicast for RIPv2. |
| sendversion | string (Advanced) Send Version (2, 1, 1 2, none) Advertisement transmission version. |
| receiveversion | string (Advanced) Receive Version (2, 1, 1 2, none) Advertisement reception version. |
| id | string (readonly) ID assigned to this entry |
{- "interface": "string",
- "descr": "string",
- "passive": true,
- "authtype": "string",
- "password": "string",
- "splithorizon": "string",
- "sendbroadcast": true,
- "sendversion": "string",
- "receiveversion": "string",
- "id": "string"
}{- "interface": "string",
- "descr": "string",
- "passive": true,
- "authtype": "string",
- "password": "string",
- "splithorizon": "string",
- "sendbroadcast": true,
- "sendversion": "string",
- "receiveversion": "string",
- "id": "string"
}| id required | string |
| interface | string (Interface Options) Interface Enter the desired participating interface here. |
| descr | string (Interface Options) Description |
| passive | boolean (Interface Options) Interface is Passive Prevent transmission of RIP packets on this interface. |
| authtype | string (Authentication) Authentication Type (, digest, simple) The type of RIP authentication to use on this interface. This type must match all neighbors reachable through this interface. Using Message Digest is the best practice as Simple Password authentication is weak. |
| password | string (Authentication) Password Password to use with Simple Password or Message Digest authentication. This value must match all neighbors reachable through this interface. Passwords may be up to 16 characters. |
| splithorizon | string (Advanced) Split Horizon (none, splithorizon, reversepoison) Perform Split Horizon. |
| sendbroadcast | boolean (Advanced) Send Broadcast Send Broadcast updates instead of multicast for RIPv2. |
| sendversion | string (Advanced) Send Version (2, 1, 1 2, none) Advertisement transmission version. |
| receiveversion | string (Advanced) Receive Version (2, 1, 1 2, none) Advertisement reception version. |
| id | string (readonly) ID assigned to this entry |
{- "interface": "string",
- "descr": "string",
- "passive": true,
- "authtype": "string",
- "password": "string",
- "splithorizon": "string",
- "sendbroadcast": true,
- "sendversion": "string",
- "receiveversion": "string",
- "id": "string"
}{- "interface": "string",
- "descr": "string",
- "passive": true,
- "authtype": "string",
- "password": "string",
- "splithorizon": "string",
- "sendbroadcast": true,
- "sendversion": "string",
- "receiveversion": "string",
- "id": "string"
}| neighbor | string (RIP Neighbors) RIP Neighbor IPv4 Address |
| descr | string (RIP Neighbors) Description |
| id | string (readonly) ID assigned to this entry |
{- "neighbor": "string",
- "descr": "string",
- "id": "string"
}{- "neighbor": "string",
- "descr": "string",
- "id": "string"
}| id required | string |
| neighbor | string (RIP Neighbors) RIP Neighbor IPv4 Address |
| descr | string (RIP Neighbors) Description |
| id | string (readonly) ID assigned to this entry |
{- "neighbor": "string",
- "descr": "string",
- "id": "string"
}{- "neighbor": "string",
- "descr": "string",
- "id": "string"
}| action | string (start, stop, restart, reload) action to perform on the FRR service |
{- "action": "string"
}{- "result": "string"
}| name | string File Name Unique name for this file. Used to reference it from error file configurations. |
| type | string File Type (errorfile, luascript, writetodisk) Type of HAProxy file.
|
| content | string File Content Content of the file. For error files, this should include the complete HTTP response including status line and headers. |
| id | string (readonly) ID assigned to this entry |
{- "name": "string",
- "type": "string",
- "content": "string",
- "id": "string"
}{- "name": "string",
- "type": "string",
- "content": "string",
- "id": "string"
}| id required | string |
| name | string File Name Unique name for this file. Used to reference it from error file configurations. |
| type | string File Type (errorfile, luascript, writetodisk) Type of HAProxy file.
|
| content | string File Content Content of the file. For error files, this should include the complete HTTP response including status line and headers. |
| id | string (readonly) ID assigned to this entry |
{- "name": "string",
- "type": "string",
- "content": "string",
- "id": "string"
}{- "name": "string",
- "type": "string",
- "content": "string",
- "id": "string"
}{- "frontends": [
- {
- "name": "string",
- "descr": "string",
- "status": "string",
- "type": "string",
- "secondary": true,
- "primary_frontend": "string",
- "backend_serverpool": "string",
- "maxconn": "string",
- "bind_addresses": [
- {
- "extaddr": "string",
- "extaddr_custom": "string",
- "extaddr_port": "string",
- "extaddr_ssl": true,
- "extaddr_advanced": "string"
}
], - "forwardfor": true,
- "httpclose": "string",
- "dontlognull": true,
- "dontlog_normal": true,
- "log_separate_errors": true,
- "log_detailed": true,
- "socket_stats": true,
- "client_timeout": "string",
- "ssloffload": true,
- "ssloffloadcert": "string",
- "sslsnifilter": "string",
- "ssl_crtlist_advanced": "string",
- "dcertadv": "string",
- "ssloffloadacl": true,
- "ssloffloadacl_an": true,
- "ssloffloadacladditional": true,
- "ssloffloadacladditional_an": true,
- "sslclientcert_none": true,
- "sslclientcert_invalid": true,
- "sslocsp": true,
- "ha_certificates": [
- {
- "ssl_certificate": "string"
}
], - "clientcert_ca": [
- {
- "cert_ca": "string"
}
], - "clientcert_crl": [
- {
- "cert_crl": "string"
}
], - "ha_acls": [
- {
- "name": "string",
- "expression": "string",
- "value": "string",
- "casesensitive": true,
- "not_flag": true
}
], - "a_actionitems": [
- {
- "action": "string",
- "acl": "string",
- "use_backendbackend": "string",
- "use_backendserver": "string",
- "map_use_backendbackend": "string",
- "http_request_auth_realm": "string",
- "http_request_redirect": "string",
- "customaction": "string",
- "lua_function": "string",
- "header_name": "string",
- "header_value": "string",
- "header_replace": "string",
- "set_var_name": "string",
- "set_var_expr": "string",
- "http_response_code": "string",
- "http_response_reason": "string",
- "set_path": "string",
- "set_uri": "string",
- "track_sc0_table": "string",
- "track_sc0_key": "string",
- "cache_name": "string",
- "map_file": "string",
- "map_keyfmt": "string",
- "map_valuefmt": "string"
}
], - "a_errorfiles": [
- {
- "errorcode": "string",
- "errorfile": "string"
}
], - "advanced_bind": "string",
- "advanced": "string",
- "id": "string"
}
], - "backend_serverpool_options": [
- {
- "value": "string",
- "text": "string"
}
], - "primary_frontend_options": [
- {
- "value": "string",
- "text": "string"
}
], - "ssl_certificate_options": [
- {
- "value": "string",
- "text": "string"
}
], - "client_ca_options": [
- {
- "value": "string",
- "text": "string"
}
], - "client_crl_options": [
- {
- "value": "string",
- "text": "string"
}
], - "extaddr_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| name | string Name Unique name for this frontend. Used as identifier in HAProxy configuration. |
| descr | string Description Optional description of this frontend's purpose. |
| status | string Status (active, disabled) Whether this frontend is active or disabled in the HAProxy configuration. |
| type | string Type (http, https, tcp) Protocol mode for this frontend.
|
| secondary | boolean Secondary Frontend When true, this frontend is a secondary that shares settings with a primary frontend. |
| primary_frontend | string Primary Frontend Name of the primary frontend this secondary frontend shares settings with. Only applicable when secondary is true. |
| backend_serverpool | string Default Backend Name of the default backend pool to use when no ACL-based action matches. |
| maxconn | string Maximum Connections Maximum number of concurrent connections for this frontend. |
Array of objects (HaproxyBindAddress) | |
| forwardfor | boolean X-Forwarded-For Add X-Forwarded-For header containing the client's IP address. |
| httpclose | string Connection Mode (http-keep-alive, http-tunnel, httpclose, http-server-close, forceclose) HTTP connection handling mode.
|
| dontlognull | boolean Don't Log Null Connections Skip logging for connections that transfer no data (probes, health checks). |
| dontlog_normal | boolean Don't Log Normal Skip logging for normal, successful connections. Only log errors. |
| log_separate_errors | boolean Log Separate Errors Log connection errors and timeouts to a separate log facility. |
| log_detailed | boolean Detailed Logging Enable verbose logging with additional connection and request details. |
| socket_stats | boolean Socket Statistics Enable per-socket statistics for this frontend. |
| client_timeout | string Client Timeout Maximum time to wait for data from the client, in milliseconds. |
| ssloffload | boolean SSL Offloading Enable SSL/TLS termination on this frontend. |
| ssloffloadcert | string SSL Certificate Reference ID of the primary SSL certificate for this frontend. |
| sslsnifilter | string SNI Filter Enable SNI-based certificate selection for this frontend. |
| ssl_crtlist_advanced | string Advanced Certificate List Raw crt-list directives for advanced certificate configuration. |
| dcertadv | string Default Certificate Advanced Advanced options appended to the default certificate's bind line. |
| ssloffloadacl | boolean SSL ACL Name Add ACL for certificate CommonName. (host header matches the "CN" of the certificate. |
| ssloffloadacl_an | boolean SSL ACL Additional Name Add ACL for certificate Subject Alternative Names. |
| ssloffloadacladditional | boolean SSL ACL Additional CN Add ACL for certificate CommonName. (host header matches the "CN" of the certificate) |
| ssloffloadacladditional_an | boolean SSL ACL Additional SAN Add ACL for certificate Subject Alternative Names. |
| sslclientcert_none | boolean Without client cert Allows clients without a certificate to connect. |
| sslclientcert_invalid | boolean Client Certificate Invalid Action Allows client with a invalid/expired/revoked or otherwise wrong certificate to connect. |
| sslocsp | boolean OCSP Certificate Load certificate OCSP responses for easy certificate validation by the client. |
Array of objects (HaproxyCertificate) | |
Array of objects (HaproxyClientCa) | |
Array of objects (HaproxyClientCrl) | |
Array of objects (HaproxyAcl) | |
Array of objects (HaproxyAction) | |
Array of objects (HaproxyErrorFile) | |
| advanced_bind | string Bind Pass Thru Additional parameters appended to all bind lines in this frontend. |
| advanced | string Advanced Pass Thru Base64-encoded raw HAProxy configuration appended to this frontend section. |
| id | string (readonly) ID assigned to this entry |
{- "name": "string",
- "descr": "string",
- "status": "string",
- "type": "string",
- "secondary": true,
- "primary_frontend": "string",
- "backend_serverpool": "string",
- "maxconn": "string",
- "bind_addresses": [
- {
- "extaddr": "string",
- "extaddr_custom": "string",
- "extaddr_port": "string",
- "extaddr_ssl": true,
- "extaddr_advanced": "string"
}
], - "forwardfor": true,
- "httpclose": "string",
- "dontlognull": true,
- "dontlog_normal": true,
- "log_separate_errors": true,
- "log_detailed": true,
- "socket_stats": true,
- "client_timeout": "string",
- "ssloffload": true,
- "ssloffloadcert": "string",
- "sslsnifilter": "string",
- "ssl_crtlist_advanced": "string",
- "dcertadv": "string",
- "ssloffloadacl": true,
- "ssloffloadacl_an": true,
- "ssloffloadacladditional": true,
- "ssloffloadacladditional_an": true,
- "sslclientcert_none": true,
- "sslclientcert_invalid": true,
- "sslocsp": true,
- "ha_certificates": [
- {
- "ssl_certificate": "string"
}
], - "clientcert_ca": [
- {
- "cert_ca": "string"
}
], - "clientcert_crl": [
- {
- "cert_crl": "string"
}
], - "ha_acls": [
- {
- "name": "string",
- "expression": "string",
- "value": "string",
- "casesensitive": true,
- "not_flag": true
}
], - "a_actionitems": [
- {
- "action": "string",
- "acl": "string",
- "use_backendbackend": "string",
- "use_backendserver": "string",
- "map_use_backendbackend": "string",
- "http_request_auth_realm": "string",
- "http_request_redirect": "string",
- "customaction": "string",
- "lua_function": "string",
- "header_name": "string",
- "header_value": "string",
- "header_replace": "string",
- "set_var_name": "string",
- "set_var_expr": "string",
- "http_response_code": "string",
- "http_response_reason": "string",
- "set_path": "string",
- "set_uri": "string",
- "track_sc0_table": "string",
- "track_sc0_key": "string",
- "cache_name": "string",
- "map_file": "string",
- "map_keyfmt": "string",
- "map_valuefmt": "string"
}
], - "a_errorfiles": [
- {
- "errorcode": "string",
- "errorfile": "string"
}
], - "advanced_bind": "string",
- "advanced": "string",
- "id": "string"
}{- "name": "string",
- "descr": "string",
- "status": "string",
- "type": "string",
- "secondary": true,
- "primary_frontend": "string",
- "backend_serverpool": "string",
- "maxconn": "string",
- "bind_addresses": [
- {
- "extaddr": "string",
- "extaddr_custom": "string",
- "extaddr_port": "string",
- "extaddr_ssl": true,
- "extaddr_advanced": "string"
}
], - "forwardfor": true,
- "httpclose": "string",
- "dontlognull": true,
- "dontlog_normal": true,
- "log_separate_errors": true,
- "log_detailed": true,
- "socket_stats": true,
- "client_timeout": "string",
- "ssloffload": true,
- "ssloffloadcert": "string",
- "sslsnifilter": "string",
- "ssl_crtlist_advanced": "string",
- "dcertadv": "string",
- "ssloffloadacl": true,
- "ssloffloadacl_an": true,
- "ssloffloadacladditional": true,
- "ssloffloadacladditional_an": true,
- "sslclientcert_none": true,
- "sslclientcert_invalid": true,
- "sslocsp": true,
- "ha_certificates": [
- {
- "ssl_certificate": "string"
}
], - "clientcert_ca": [
- {
- "cert_ca": "string"
}
], - "clientcert_crl": [
- {
- "cert_crl": "string"
}
], - "ha_acls": [
- {
- "name": "string",
- "expression": "string",
- "value": "string",
- "casesensitive": true,
- "not_flag": true
}
], - "a_actionitems": [
- {
- "action": "string",
- "acl": "string",
- "use_backendbackend": "string",
- "use_backendserver": "string",
- "map_use_backendbackend": "string",
- "http_request_auth_realm": "string",
- "http_request_redirect": "string",
- "customaction": "string",
- "lua_function": "string",
- "header_name": "string",
- "header_value": "string",
- "header_replace": "string",
- "set_var_name": "string",
- "set_var_expr": "string",
- "http_response_code": "string",
- "http_response_reason": "string",
- "set_path": "string",
- "set_uri": "string",
- "track_sc0_table": "string",
- "track_sc0_key": "string",
- "cache_name": "string",
- "map_file": "string",
- "map_keyfmt": "string",
- "map_valuefmt": "string"
}
], - "a_errorfiles": [
- {
- "errorcode": "string",
- "errorfile": "string"
}
], - "advanced_bind": "string",
- "advanced": "string",
- "id": "string"
}| id required | string |
| name | string Name Unique name for this frontend. Used as identifier in HAProxy configuration. |
| descr | string Description Optional description of this frontend's purpose. |
| status | string Status (active, disabled) Whether this frontend is active or disabled in the HAProxy configuration. |
| type | string Type (http, https, tcp) Protocol mode for this frontend.
|
| secondary | boolean Secondary Frontend When true, this frontend is a secondary that shares settings with a primary frontend. |
| primary_frontend | string Primary Frontend Name of the primary frontend this secondary frontend shares settings with. Only applicable when secondary is true. |
| backend_serverpool | string Default Backend Name of the default backend pool to use when no ACL-based action matches. |
| maxconn | string Maximum Connections Maximum number of concurrent connections for this frontend. |
Array of objects (HaproxyBindAddress) | |
| forwardfor | boolean X-Forwarded-For Add X-Forwarded-For header containing the client's IP address. |
| httpclose | string Connection Mode (http-keep-alive, http-tunnel, httpclose, http-server-close, forceclose) HTTP connection handling mode.
|
| dontlognull | boolean Don't Log Null Connections Skip logging for connections that transfer no data (probes, health checks). |
| dontlog_normal | boolean Don't Log Normal Skip logging for normal, successful connections. Only log errors. |
| log_separate_errors | boolean Log Separate Errors Log connection errors and timeouts to a separate log facility. |
| log_detailed | boolean Detailed Logging Enable verbose logging with additional connection and request details. |
| socket_stats | boolean Socket Statistics Enable per-socket statistics for this frontend. |
| client_timeout | string Client Timeout Maximum time to wait for data from the client, in milliseconds. |
| ssloffload | boolean SSL Offloading Enable SSL/TLS termination on this frontend. |
| ssloffloadcert | string SSL Certificate Reference ID of the primary SSL certificate for this frontend. |
| sslsnifilter | string SNI Filter Enable SNI-based certificate selection for this frontend. |
| ssl_crtlist_advanced | string Advanced Certificate List Raw crt-list directives for advanced certificate configuration. |
| dcertadv | string Default Certificate Advanced Advanced options appended to the default certificate's bind line. |
| ssloffloadacl | boolean SSL ACL Name Add ACL for certificate CommonName. (host header matches the "CN" of the certificate. |
| ssloffloadacl_an | boolean SSL ACL Additional Name Add ACL for certificate Subject Alternative Names. |
| ssloffloadacladditional | boolean SSL ACL Additional CN Add ACL for certificate CommonName. (host header matches the "CN" of the certificate) |
| ssloffloadacladditional_an | boolean SSL ACL Additional SAN Add ACL for certificate Subject Alternative Names. |
| sslclientcert_none | boolean Without client cert Allows clients without a certificate to connect. |
| sslclientcert_invalid | boolean Client Certificate Invalid Action Allows client with a invalid/expired/revoked or otherwise wrong certificate to connect. |
| sslocsp | boolean OCSP Certificate Load certificate OCSP responses for easy certificate validation by the client. |
Array of objects (HaproxyCertificate) | |
Array of objects (HaproxyClientCa) | |
Array of objects (HaproxyClientCrl) | |
Array of objects (HaproxyAcl) | |
Array of objects (HaproxyAction) | |
Array of objects (HaproxyErrorFile) | |
| advanced_bind | string Bind Pass Thru Additional parameters appended to all bind lines in this frontend. |
| advanced | string Advanced Pass Thru Base64-encoded raw HAProxy configuration appended to this frontend section. |
| id | string (readonly) ID assigned to this entry |
{- "name": "string",
- "descr": "string",
- "status": "string",
- "type": "string",
- "secondary": true,
- "primary_frontend": "string",
- "backend_serverpool": "string",
- "maxconn": "string",
- "bind_addresses": [
- {
- "extaddr": "string",
- "extaddr_custom": "string",
- "extaddr_port": "string",
- "extaddr_ssl": true,
- "extaddr_advanced": "string"
}
], - "forwardfor": true,
- "httpclose": "string",
- "dontlognull": true,
- "dontlog_normal": true,
- "log_separate_errors": true,
- "log_detailed": true,
- "socket_stats": true,
- "client_timeout": "string",
- "ssloffload": true,
- "ssloffloadcert": "string",
- "sslsnifilter": "string",
- "ssl_crtlist_advanced": "string",
- "dcertadv": "string",
- "ssloffloadacl": true,
- "ssloffloadacl_an": true,
- "ssloffloadacladditional": true,
- "ssloffloadacladditional_an": true,
- "sslclientcert_none": true,
- "sslclientcert_invalid": true,
- "sslocsp": true,
- "ha_certificates": [
- {
- "ssl_certificate": "string"
}
], - "clientcert_ca": [
- {
- "cert_ca": "string"
}
], - "clientcert_crl": [
- {
- "cert_crl": "string"
}
], - "ha_acls": [
- {
- "name": "string",
- "expression": "string",
- "value": "string",
- "casesensitive": true,
- "not_flag": true
}
], - "a_actionitems": [
- {
- "action": "string",
- "acl": "string",
- "use_backendbackend": "string",
- "use_backendserver": "string",
- "map_use_backendbackend": "string",
- "http_request_auth_realm": "string",
- "http_request_redirect": "string",
- "customaction": "string",
- "lua_function": "string",
- "header_name": "string",
- "header_value": "string",
- "header_replace": "string",
- "set_var_name": "string",
- "set_var_expr": "string",
- "http_response_code": "string",
- "http_response_reason": "string",
- "set_path": "string",
- "set_uri": "string",
- "track_sc0_table": "string",
- "track_sc0_key": "string",
- "cache_name": "string",
- "map_file": "string",
- "map_keyfmt": "string",
- "map_valuefmt": "string"
}
], - "a_errorfiles": [
- {
- "errorcode": "string",
- "errorfile": "string"
}
], - "advanced_bind": "string",
- "advanced": "string",
- "id": "string"
}{- "name": "string",
- "descr": "string",
- "status": "string",
- "type": "string",
- "secondary": true,
- "primary_frontend": "string",
- "backend_serverpool": "string",
- "maxconn": "string",
- "bind_addresses": [
- {
- "extaddr": "string",
- "extaddr_custom": "string",
- "extaddr_port": "string",
- "extaddr_ssl": true,
- "extaddr_advanced": "string"
}
], - "forwardfor": true,
- "httpclose": "string",
- "dontlognull": true,
- "dontlog_normal": true,
- "log_separate_errors": true,
- "log_detailed": true,
- "socket_stats": true,
- "client_timeout": "string",
- "ssloffload": true,
- "ssloffloadcert": "string",
- "sslsnifilter": "string",
- "ssl_crtlist_advanced": "string",
- "dcertadv": "string",
- "ssloffloadacl": true,
- "ssloffloadacl_an": true,
- "ssloffloadacladditional": true,
- "ssloffloadacladditional_an": true,
- "sslclientcert_none": true,
- "sslclientcert_invalid": true,
- "sslocsp": true,
- "ha_certificates": [
- {
- "ssl_certificate": "string"
}
], - "clientcert_ca": [
- {
- "cert_ca": "string"
}
], - "clientcert_crl": [
- {
- "cert_crl": "string"
}
], - "ha_acls": [
- {
- "name": "string",
- "expression": "string",
- "value": "string",
- "casesensitive": true,
- "not_flag": true
}
], - "a_actionitems": [
- {
- "action": "string",
- "acl": "string",
- "use_backendbackend": "string",
- "use_backendserver": "string",
- "map_use_backendbackend": "string",
- "http_request_auth_realm": "string",
- "http_request_redirect": "string",
- "customaction": "string",
- "lua_function": "string",
- "header_name": "string",
- "header_value": "string",
- "header_replace": "string",
- "set_var_name": "string",
- "set_var_expr": "string",
- "http_response_code": "string",
- "http_response_reason": "string",
- "set_path": "string",
- "set_uri": "string",
- "track_sc0_table": "string",
- "track_sc0_key": "string",
- "cache_name": "string",
- "map_file": "string",
- "map_keyfmt": "string",
- "map_valuefmt": "string"
}
], - "a_errorfiles": [
- {
- "errorcode": "string",
- "errorfile": "string"
}
], - "advanced_bind": "string",
- "advanced": "string",
- "id": "string"
}{- "enable": true,
- "terminate_on_reload": true,
- "enablesync": true,
- "maxconn": "string",
- "nbthread": "string",
- "hard_stop_after": "string",
- "localstatsport": "string",
- "localstats_refreshtime": "string",
- "localstats_sticktable_refreshtime": "string",
- "remotesyslog": "string",
- "logfacility": "string",
- "loglevel": "string",
- "log_send_hostname": "string",
- "carpdev": "string",
- "sslcompatibilitymode": "string",
- "ssldefaultdhparam": "string",
- "email_level": "string",
- "email_myhostname": "string",
- "email_from": "string",
- "email_to": "string",
- "resolver_retries": "string",
- "resolver_timeoutretry": "string",
- "resolver_holdvalid": "string",
- "advanced": "string",
- "version": "string"
}| enable | boolean (General Settings) Enable HAProxy Master switch to enable/disable the HAProxy service. |
| terminate_on_reload | boolean (General Settings) Terminate on Reload Force termination of old process on reload instead of graceful stop. |
| enablesync | boolean (General Settings) CARP XMLRpc Sync Enable XMLRPC configuration synchronization for CARP failover. |
| maxconn | string (General Settings) Maximum Connections Maximum per-process number of concurrent connections. (Default: uses HAProxy compiled default) |
| nbthread | string (General Settings) Number of Threads Number of threads to use. Each thread handles connections independently. (Default: 1) |
| hard_stop_after | string (General Settings) Hard Stop After Maximum time to wait for all connections to close during a soft stop, after which the process is killed. Format: time with suffix (e.g. 30s, 5m). |
| localstatsport | string (Stats Settings) Internal Stats Port Port for the internal statistics socket. Used for local stats page access. |
| localstats_refreshtime | string (Stats Settings) Internal Stats Refresh Time Refresh interval in seconds for the internal statistics page. |
| localstats_sticktable_refreshtime | string (Stats Settings) Stick Table Refresh Time Refresh interval in seconds for stick-table statistics. |
| remotesyslog | string (Logging) Remote Syslog Host IP address or hostname of a remote syslog server. HAProxy sends logs via UDP. |
| logfacility | string (Logging) Syslog Facility (local0, local1, local2, local3, local4, local5, local6, local7, kern, user, mail, daemon, auth) Syslog facility to use for HAProxy log messages. (Default: local0) |
| loglevel | string (Logging) Log Level (emerg, alert, crit, err, warning, notice, info, debug) Minimum log level for messages to be sent to syslog. (Default: info) |
| log_send_hostname | string (Logging) Log Hostname Hostname to use in syslog messages. If set, this value appears in the syslog header instead of the system hostname. |
| carpdev | string (Tuning) CARP Device IP IP address of the CARP device to monitor. HAProxy will only run when the CARP interface is in MASTER state. |
| sslcompatibilitymode | string (SSL) SSL Compatibility Mode (auto, modern, intermediate, old) Predefined SSL cipher suite and protocol settings.
|
| ssldefaultdhparam | string (SSL) SSL Default DH Parameter Size Size of the Diffie-Hellman parameters for DHE key exchanges. (Default: 2048) |
| email_level | string (Email) Email Alert Level (emerg, alert, crit, err, warning, notice, info, debug) Minimum severity level for email notifications. |
| email_myhostname | string (Email) Email Hostname Hostname used in SMTP HELO/EHLO when sending email alerts. |
| email_from | string (Email) Email From Address Sender email address for alert notifications. |
| email_to | string (Email) Email To Address Recipient email address for alert notifications. |
| resolver_retries | string (DNS) Resolver Retries Number of DNS resolution retry attempts before giving up. (Default: 3) |
| resolver_timeoutretry | string (DNS) Resolver Timeout Retry Timeout between DNS resolution retries. Format: time with suffix (e.g. 1s). (Default: 1s) |
| resolver_holdvalid | string (DNS) Resolver Hold Valid Duration to keep a valid DNS result in cache. Format: time with suffix (e.g. 10s). (Default: 10s) |
| advanced | string (Advanced) Custom Global Configuration Base64-encoded raw HAProxy configuration appended to the global section. Use with caution - invalid entries may prevent HAProxy from starting. |
| version | string (readonly) HAProxy version |
{- "enable": true,
- "terminate_on_reload": true,
- "enablesync": true,
- "maxconn": "string",
- "nbthread": "string",
- "hard_stop_after": "string",
- "localstatsport": "string",
- "localstats_refreshtime": "string",
- "localstats_sticktable_refreshtime": "string",
- "remotesyslog": "string",
- "logfacility": "string",
- "loglevel": "string",
- "log_send_hostname": "string",
- "carpdev": "string",
- "sslcompatibilitymode": "string",
- "ssldefaultdhparam": "string",
- "email_level": "string",
- "email_myhostname": "string",
- "email_from": "string",
- "email_to": "string",
- "resolver_retries": "string",
- "resolver_timeoutretry": "string",
- "resolver_holdvalid": "string",
- "advanced": "string",
- "version": "string"
}{- "enable": true,
- "terminate_on_reload": true,
- "enablesync": true,
- "maxconn": "string",
- "nbthread": "string",
- "hard_stop_after": "string",
- "localstatsport": "string",
- "localstats_refreshtime": "string",
- "localstats_sticktable_refreshtime": "string",
- "remotesyslog": "string",
- "logfacility": "string",
- "loglevel": "string",
- "log_send_hostname": "string",
- "carpdev": "string",
- "sslcompatibilitymode": "string",
- "ssldefaultdhparam": "string",
- "email_level": "string",
- "email_myhostname": "string",
- "email_from": "string",
- "email_to": "string",
- "resolver_retries": "string",
- "resolver_timeoutretry": "string",
- "resolver_holdvalid": "string",
- "advanced": "string",
- "version": "string"
}| name | string Mailer Name Unique name for this mailer entry. |
| mailserver | string Mail Server Hostname or IP address of the SMTP server. |
| mailserverport | string Mail Server Port TCP port of the SMTP server. (Default: 25) |
| id | string (readonly) ID assigned to this entry |
{- "name": "string",
- "mailserver": "string",
- "mailserverport": "string",
- "id": "string"
}{- "name": "string",
- "mailserver": "string",
- "mailserverport": "string",
- "id": "string"
}| id required | string |
| name | string Mailer Name Unique name for this mailer entry. |
| mailserver | string Mail Server Hostname or IP address of the SMTP server. |
| mailserverport | string Mail Server Port TCP port of the SMTP server. (Default: 25) |
| id | string (readonly) ID assigned to this entry |
{- "name": "string",
- "mailserver": "string",
- "mailserverport": "string",
- "id": "string"
}{- "name": "string",
- "mailserver": "string",
- "mailserverport": "string",
- "id": "string"
}{- "pools": [
- {
- "name": "string",
- "balance": "string",
- "balance_urilen": "string",
- "balance_uridepth": "string",
- "balance_uriwhole": true,
- "transparent_clientip": true,
- "transparent_interface": "string",
- "check_type": "string",
- "checkinter": "string",
- "log_health_checks": true,
- "httpcheck_method": "string",
- "monitor_uri": "string",
- "monitor_httpversion": "string",
- "monitor_username": "string",
- "monitor_domain": "string",
- "monitor_agentport": "string",
- "agent_check": true,
- "agent_port": "string",
- "agent_inter": "string",
- "connection_timeout": "string",
- "server_timeout": "string",
- "retries": "string",
- "persist_cookie_enabled": true,
- "persist_cookie_name": "string",
- "persist_cookie_mode": "string",
- "persist_cookie_cachable": true,
- "persist_cookie_postonly": true,
- "persist_cookie_httponly": true,
- "persist_cookie_secure": true,
- "haproxy_cookie_maxidle": "string",
- "haproxy_cookie_maxlife": "string",
- "haproxy_cookie_domains": "string",
- "haproxy_cookie_dynamic_cookie_key": "string",
- "persist_sticky_type": "string",
- "persist_stick_expire": "string",
- "persist_stick_tablesize": "string",
- "persist_stick_length": "string",
- "persist_stick_cookiename": "string",
- "stats_enabled": true,
- "stats_username": "string",
- "stats_password": "string",
- "stats_uri": "string",
- "stats_scope": "string",
- "stats_realm": "string",
- "stats_admin": "string",
- "stats_node": "string",
- "stats_desc": "string",
- "stats_refresh": "string",
- "strict_transport_security": "string",
- "cookie_attribute_secure": true,
- "email_level": "string",
- "email_to": "string",
- "ha_servers": [
- {
- "name": "string",
- "status": "string",
- "address": "string",
- "port": "string",
- "forwardto": "string",
- "ssl": true,
- "checkssl": true,
- "weight": "string",
- "cookie": "string",
- "maxconn": "string",
- "sslserververify": true,
- "verifyhost": "string",
- "ssl_server_ca": "string",
- "ssl_server_crl": "string",
- "ssl_server_clientcert": "string",
- "istemplate": "string",
- "advanced": "string"
}
], - "a_acl": [
- {
- "name": "string",
- "expression": "string",
- "value": "string",
- "casesensitive": true,
- "not_flag": true
}
], - "a_actionitems": [
- {
- "action": "string",
- "acl": "string",
- "use_backendbackend": "string",
- "use_backendserver": "string",
- "map_use_backendbackend": "string",
- "http_request_auth_realm": "string",
- "http_request_redirect": "string",
- "customaction": "string",
- "lua_function": "string",
- "header_name": "string",
- "header_value": "string",
- "header_replace": "string",
- "set_var_name": "string",
- "set_var_expr": "string",
- "http_response_code": "string",
- "http_response_reason": "string",
- "set_path": "string",
- "set_uri": "string",
- "track_sc0_table": "string",
- "track_sc0_key": "string",
- "cache_name": "string",
- "map_file": "string",
- "map_keyfmt": "string",
- "map_valuefmt": "string"
}
], - "errorfiles": [
- {
- "errorcode": "string",
- "errorfile": "string"
}
], - "advanced": "string",
- "advanced_backend": "string",
- "id": "string"
}
], - "transparent_interface_options": [
- {
- "value": "string",
- "text": "string"
}
], - "ssl_server_ca_options": [
- {
- "value": "string",
- "text": "string"
}
], - "ssl_server_crl_options": [
- {
- "value": "string",
- "text": "string"
}
], - "ssl_server_clientcert_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| name | string Name Unique name for this backend pool. Referenced by frontends and actions. |
| balance | string Balance Algorithm (roundrobin, static-rr, leastconn, source, uri, url_param, hdr, random, rdp-cookie) Load balancing algorithm used to select a server for each connection.
|
| balance_urilen | string URI Balance Length Maximum URI length to consider for URI-based hashing. |
| balance_uridepth | string URI Balance Depth Maximum directory depth to consider for URI-based hashing. |
| balance_uriwhole | boolean Whole URI Hash the entire URI including query string instead of path only. |
| transparent_clientip | boolean Transparent Client IP Enable transparent proxy mode using the client's source IP. |
| transparent_interface | string Transparent Interface Interface to use for transparent proxy mode. |
| check_type | string Health Check Type (none, Basic, HTTP, LDAP, MySQL, PostgreSQL, Redis, SMTP, ESMTP, SSL, Agent) Type of health check to perform on backend servers.
|
| checkinter | string Check Interval Interval between health checks in milliseconds. (Default: 1000) |
| log_health_checks | boolean Log Health Checks Log health check status changes to syslog. |
| httpcheck_method | string HTTP Check Method (OPTIONS, HEAD, GET, POST, PUT, DELETE, TRACE) HTTP method to use for HTTP health checks. (Default: OPTIONS) |
| monitor_uri | string Monitor URI URI path to request for HTTP health checks. (Default: /) |
| monitor_httpversion | string Monitor HTTP Version HTTP version string to use in health check requests. (Default: HTTP/1.0) |
| monitor_username | string Monitor Username Username for MySQL/PostgreSQL health check authentication. |
| monitor_domain | string Monitor Domain Domain name for SMTP/ESMTP health check HELO command. |
| monitor_agentport | string Agent Check Port Port to use for agent health checks. |
| agent_check | boolean Enable Agent Check Enable an auxiliary agent-based health check in addition to the primary check. |
| agent_port | string Agent Port Port for the auxiliary agent check. |
| agent_inter | string Agent Check Interval Interval between agent checks in milliseconds. |
| connection_timeout | string Connection Timeout Maximum time to wait for a connection to a backend server, in milliseconds. |
| server_timeout | string Server Timeout Maximum time to wait for a response from a backend server, in milliseconds. |
| retries | string Retries Number of connection retry attempts after a failure. (Default: 3) |
| persist_cookie_enabled | boolean Cookie Persistence Enable cookie-based session persistence. |
| persist_cookie_name | string Cookie Name Name of the persistence cookie. |
| persist_cookie_mode | string Cookie Mode (passive, passive-silent, reset, set, set-silent, insert-only, insert-only-silent, session-prefix, passive-session-prefix) How the persistence cookie is managed.
|
| persist_cookie_cachable | boolean Cookie Cacheable Allow caching of responses with persistence cookies. |
| persist_cookie_postonly | boolean Cookie POST Only Only set the persistence cookie on POST responses. |
| persist_cookie_httponly | boolean Cookie HttpOnly Set the HttpOnly flag on the persistence cookie. |
| persist_cookie_secure | boolean Cookie Secure Set the Secure flag on the persistence cookie. |
| haproxy_cookie_maxidle | string Cookie Max Idle Maximum idle time for the persistence cookie. |
| haproxy_cookie_maxlife | string Cookie Max Life Maximum lifetime for the persistence cookie. |
| haproxy_cookie_domains | string Cookie Domains Domain(s) to set on the persistence cookie. |
| haproxy_cookie_dynamic_cookie_key | string Dynamic Cookie Key Secret key for dynamic cookie value generation. |
| persist_sticky_type | string Sticky Table Type (none, stick_sslsessionid, stick_sourceipv4, stick_sourceipv6, stick_cookie_value, stick_rdp_cookie) Type of stick-table persistence to use.
|
| persist_stick_expire | string Stick Table Expiration Time after which idle entries are removed from the stick table. |
| persist_stick_tablesize | string Stick Table Size Maximum number of entries in the stick table (e.g. 50k, 10m). |
| persist_stick_length | string Stick Pattern Length Maximum length of the stick pattern. |
| persist_stick_cookiename | string Stick Cookie Name Cookie name for cookie-value based stick-table persistence. |
| stats_enabled | boolean Enable Statistics Enable the HAProxy statistics page for this backend. |
| stats_username | string Stats Username Username for HTTP basic authentication on the statistics page. |
| stats_password | string Stats Password Password for HTTP basic authentication on the statistics page. |
| stats_uri | string Stats URI URI path for the statistics page. (Default: /) |
| stats_scope | string Stats Scope Restrict the stats page to specific backends (comma-separated names). |
| stats_realm | string Stats Realm HTTP authentication realm for the statistics page. |
| stats_admin | string Stats Admin ACL expression to enable admin mode on the statistics page. |
| stats_node | string Stats Node Node name displayed on the statistics page. |
| stats_desc | string Stats Description Description shown on the statistics page. |
| stats_refresh | string Stats Refresh Auto-refresh interval for the statistics page in seconds. |
| strict_transport_security | string HSTS Header Strict-Transport-Security header value (e.g. max-age=31536000). |
| cookie_attribute_secure | boolean Cookie Protection Set "secure" attribute on cookies (only used on "http" frontends). |
| email_level | string Email Alert Level (emerg, alert, crit, err, warning, notice, info, debug) Minimum severity level for email notifications for this backend. |
| email_to | string Email To Recipient email address for alerts from this backend. |
Array of objects (HaproxyServer) | |
Array of objects (HaproxyAcl) | |
Array of objects (HaproxyAction) | |
Array of objects (HaproxyErrorFile) | |
| advanced | string Advanced Frontend Pass Thru Base64-encoded raw configuration for the frontend-like section of this backend. |
| advanced_backend | string Advanced Backend Pass Thru Base64-encoded raw configuration appended to this backend section. |
| id | string (readonly) ID assigned to this entry |
{- "name": "string",
- "balance": "string",
- "balance_urilen": "string",
- "balance_uridepth": "string",
- "balance_uriwhole": true,
- "transparent_clientip": true,
- "transparent_interface": "string",
- "check_type": "string",
- "checkinter": "string",
- "log_health_checks": true,
- "httpcheck_method": "string",
- "monitor_uri": "string",
- "monitor_httpversion": "string",
- "monitor_username": "string",
- "monitor_domain": "string",
- "monitor_agentport": "string",
- "agent_check": true,
- "agent_port": "string",
- "agent_inter": "string",
- "connection_timeout": "string",
- "server_timeout": "string",
- "retries": "string",
- "persist_cookie_enabled": true,
- "persist_cookie_name": "string",
- "persist_cookie_mode": "string",
- "persist_cookie_cachable": true,
- "persist_cookie_postonly": true,
- "persist_cookie_httponly": true,
- "persist_cookie_secure": true,
- "haproxy_cookie_maxidle": "string",
- "haproxy_cookie_maxlife": "string",
- "haproxy_cookie_domains": "string",
- "haproxy_cookie_dynamic_cookie_key": "string",
- "persist_sticky_type": "string",
- "persist_stick_expire": "string",
- "persist_stick_tablesize": "string",
- "persist_stick_length": "string",
- "persist_stick_cookiename": "string",
- "stats_enabled": true,
- "stats_username": "string",
- "stats_password": "string",
- "stats_uri": "string",
- "stats_scope": "string",
- "stats_realm": "string",
- "stats_admin": "string",
- "stats_node": "string",
- "stats_desc": "string",
- "stats_refresh": "string",
- "strict_transport_security": "string",
- "cookie_attribute_secure": true,
- "email_level": "string",
- "email_to": "string",
- "ha_servers": [
- {
- "name": "string",
- "status": "string",
- "address": "string",
- "port": "string",
- "forwardto": "string",
- "ssl": true,
- "checkssl": true,
- "weight": "string",
- "cookie": "string",
- "maxconn": "string",
- "sslserververify": true,
- "verifyhost": "string",
- "ssl_server_ca": "string",
- "ssl_server_crl": "string",
- "ssl_server_clientcert": "string",
- "istemplate": "string",
- "advanced": "string"
}
], - "a_acl": [
- {
- "name": "string",
- "expression": "string",
- "value": "string",
- "casesensitive": true,
- "not_flag": true
}
], - "a_actionitems": [
- {
- "action": "string",
- "acl": "string",
- "use_backendbackend": "string",
- "use_backendserver": "string",
- "map_use_backendbackend": "string",
- "http_request_auth_realm": "string",
- "http_request_redirect": "string",
- "customaction": "string",
- "lua_function": "string",
- "header_name": "string",
- "header_value": "string",
- "header_replace": "string",
- "set_var_name": "string",
- "set_var_expr": "string",
- "http_response_code": "string",
- "http_response_reason": "string",
- "set_path": "string",
- "set_uri": "string",
- "track_sc0_table": "string",
- "track_sc0_key": "string",
- "cache_name": "string",
- "map_file": "string",
- "map_keyfmt": "string",
- "map_valuefmt": "string"
}
], - "errorfiles": [
- {
- "errorcode": "string",
- "errorfile": "string"
}
], - "advanced": "string",
- "advanced_backend": "string",
- "id": "string"
}{- "name": "string",
- "balance": "string",
- "balance_urilen": "string",
- "balance_uridepth": "string",
- "balance_uriwhole": true,
- "transparent_clientip": true,
- "transparent_interface": "string",
- "check_type": "string",
- "checkinter": "string",
- "log_health_checks": true,
- "httpcheck_method": "string",
- "monitor_uri": "string",
- "monitor_httpversion": "string",
- "monitor_username": "string",
- "monitor_domain": "string",
- "monitor_agentport": "string",
- "agent_check": true,
- "agent_port": "string",
- "agent_inter": "string",
- "connection_timeout": "string",
- "server_timeout": "string",
- "retries": "string",
- "persist_cookie_enabled": true,
- "persist_cookie_name": "string",
- "persist_cookie_mode": "string",
- "persist_cookie_cachable": true,
- "persist_cookie_postonly": true,
- "persist_cookie_httponly": true,
- "persist_cookie_secure": true,
- "haproxy_cookie_maxidle": "string",
- "haproxy_cookie_maxlife": "string",
- "haproxy_cookie_domains": "string",
- "haproxy_cookie_dynamic_cookie_key": "string",
- "persist_sticky_type": "string",
- "persist_stick_expire": "string",
- "persist_stick_tablesize": "string",
- "persist_stick_length": "string",
- "persist_stick_cookiename": "string",
- "stats_enabled": true,
- "stats_username": "string",
- "stats_password": "string",
- "stats_uri": "string",
- "stats_scope": "string",
- "stats_realm": "string",
- "stats_admin": "string",
- "stats_node": "string",
- "stats_desc": "string",
- "stats_refresh": "string",
- "strict_transport_security": "string",
- "cookie_attribute_secure": true,
- "email_level": "string",
- "email_to": "string",
- "ha_servers": [
- {
- "name": "string",
- "status": "string",
- "address": "string",
- "port": "string",
- "forwardto": "string",
- "ssl": true,
- "checkssl": true,
- "weight": "string",
- "cookie": "string",
- "maxconn": "string",
- "sslserververify": true,
- "verifyhost": "string",
- "ssl_server_ca": "string",
- "ssl_server_crl": "string",
- "ssl_server_clientcert": "string",
- "istemplate": "string",
- "advanced": "string"
}
], - "a_acl": [
- {
- "name": "string",
- "expression": "string",
- "value": "string",
- "casesensitive": true,
- "not_flag": true
}
], - "a_actionitems": [
- {
- "action": "string",
- "acl": "string",
- "use_backendbackend": "string",
- "use_backendserver": "string",
- "map_use_backendbackend": "string",
- "http_request_auth_realm": "string",
- "http_request_redirect": "string",
- "customaction": "string",
- "lua_function": "string",
- "header_name": "string",
- "header_value": "string",
- "header_replace": "string",
- "set_var_name": "string",
- "set_var_expr": "string",
- "http_response_code": "string",
- "http_response_reason": "string",
- "set_path": "string",
- "set_uri": "string",
- "track_sc0_table": "string",
- "track_sc0_key": "string",
- "cache_name": "string",
- "map_file": "string",
- "map_keyfmt": "string",
- "map_valuefmt": "string"
}
], - "errorfiles": [
- {
- "errorcode": "string",
- "errorfile": "string"
}
], - "advanced": "string",
- "advanced_backend": "string",
- "id": "string"
}| id required | string |
| name | string Name Unique name for this backend pool. Referenced by frontends and actions. |
| balance | string Balance Algorithm (roundrobin, static-rr, leastconn, source, uri, url_param, hdr, random, rdp-cookie) Load balancing algorithm used to select a server for each connection.
|
| balance_urilen | string URI Balance Length Maximum URI length to consider for URI-based hashing. |
| balance_uridepth | string URI Balance Depth Maximum directory depth to consider for URI-based hashing. |
| balance_uriwhole | boolean Whole URI Hash the entire URI including query string instead of path only. |
| transparent_clientip | boolean Transparent Client IP Enable transparent proxy mode using the client's source IP. |
| transparent_interface | string Transparent Interface Interface to use for transparent proxy mode. |
| check_type | string Health Check Type (none, Basic, HTTP, LDAP, MySQL, PostgreSQL, Redis, SMTP, ESMTP, SSL, Agent) Type of health check to perform on backend servers.
|
| checkinter | string Check Interval Interval between health checks in milliseconds. (Default: 1000) |
| log_health_checks | boolean Log Health Checks Log health check status changes to syslog. |
| httpcheck_method | string HTTP Check Method (OPTIONS, HEAD, GET, POST, PUT, DELETE, TRACE) HTTP method to use for HTTP health checks. (Default: OPTIONS) |
| monitor_uri | string Monitor URI URI path to request for HTTP health checks. (Default: /) |
| monitor_httpversion | string Monitor HTTP Version HTTP version string to use in health check requests. (Default: HTTP/1.0) |
| monitor_username | string Monitor Username Username for MySQL/PostgreSQL health check authentication. |
| monitor_domain | string Monitor Domain Domain name for SMTP/ESMTP health check HELO command. |
| monitor_agentport | string Agent Check Port Port to use for agent health checks. |
| agent_check | boolean Enable Agent Check Enable an auxiliary agent-based health check in addition to the primary check. |
| agent_port | string Agent Port Port for the auxiliary agent check. |
| agent_inter | string Agent Check Interval Interval between agent checks in milliseconds. |
| connection_timeout | string Connection Timeout Maximum time to wait for a connection to a backend server, in milliseconds. |
| server_timeout | string Server Timeout Maximum time to wait for a response from a backend server, in milliseconds. |
| retries | string Retries Number of connection retry attempts after a failure. (Default: 3) |
| persist_cookie_enabled | boolean Cookie Persistence Enable cookie-based session persistence. |
| persist_cookie_name | string Cookie Name Name of the persistence cookie. |
| persist_cookie_mode | string Cookie Mode (passive, passive-silent, reset, set, set-silent, insert-only, insert-only-silent, session-prefix, passive-session-prefix) How the persistence cookie is managed.
|
| persist_cookie_cachable | boolean Cookie Cacheable Allow caching of responses with persistence cookies. |
| persist_cookie_postonly | boolean Cookie POST Only Only set the persistence cookie on POST responses. |
| persist_cookie_httponly | boolean Cookie HttpOnly Set the HttpOnly flag on the persistence cookie. |
| persist_cookie_secure | boolean Cookie Secure Set the Secure flag on the persistence cookie. |
| haproxy_cookie_maxidle | string Cookie Max Idle Maximum idle time for the persistence cookie. |
| haproxy_cookie_maxlife | string Cookie Max Life Maximum lifetime for the persistence cookie. |
| haproxy_cookie_domains | string Cookie Domains Domain(s) to set on the persistence cookie. |
| haproxy_cookie_dynamic_cookie_key | string Dynamic Cookie Key Secret key for dynamic cookie value generation. |
| persist_sticky_type | string Sticky Table Type (none, stick_sslsessionid, stick_sourceipv4, stick_sourceipv6, stick_cookie_value, stick_rdp_cookie) Type of stick-table persistence to use.
|
| persist_stick_expire | string Stick Table Expiration Time after which idle entries are removed from the stick table. |
| persist_stick_tablesize | string Stick Table Size Maximum number of entries in the stick table (e.g. 50k, 10m). |
| persist_stick_length | string Stick Pattern Length Maximum length of the stick pattern. |
| persist_stick_cookiename | string Stick Cookie Name Cookie name for cookie-value based stick-table persistence. |
| stats_enabled | boolean Enable Statistics Enable the HAProxy statistics page for this backend. |
| stats_username | string Stats Username Username for HTTP basic authentication on the statistics page. |
| stats_password | string Stats Password Password for HTTP basic authentication on the statistics page. |
| stats_uri | string Stats URI URI path for the statistics page. (Default: /) |
| stats_scope | string Stats Scope Restrict the stats page to specific backends (comma-separated names). |
| stats_realm | string Stats Realm HTTP authentication realm for the statistics page. |
| stats_admin | string Stats Admin ACL expression to enable admin mode on the statistics page. |
| stats_node | string Stats Node Node name displayed on the statistics page. |
| stats_desc | string Stats Description Description shown on the statistics page. |
| stats_refresh | string Stats Refresh Auto-refresh interval for the statistics page in seconds. |
| strict_transport_security | string HSTS Header Strict-Transport-Security header value (e.g. max-age=31536000). |
| cookie_attribute_secure | boolean Cookie Protection Set "secure" attribute on cookies (only used on "http" frontends). |
| email_level | string Email Alert Level (emerg, alert, crit, err, warning, notice, info, debug) Minimum severity level for email notifications for this backend. |
| email_to | string Email To Recipient email address for alerts from this backend. |
Array of objects (HaproxyServer) | |
Array of objects (HaproxyAcl) | |
Array of objects (HaproxyAction) | |
Array of objects (HaproxyErrorFile) | |
| advanced | string Advanced Frontend Pass Thru Base64-encoded raw configuration for the frontend-like section of this backend. |
| advanced_backend | string Advanced Backend Pass Thru Base64-encoded raw configuration appended to this backend section. |
| id | string (readonly) ID assigned to this entry |
{- "name": "string",
- "balance": "string",
- "balance_urilen": "string",
- "balance_uridepth": "string",
- "balance_uriwhole": true,
- "transparent_clientip": true,
- "transparent_interface": "string",
- "check_type": "string",
- "checkinter": "string",
- "log_health_checks": true,
- "httpcheck_method": "string",
- "monitor_uri": "string",
- "monitor_httpversion": "string",
- "monitor_username": "string",
- "monitor_domain": "string",
- "monitor_agentport": "string",
- "agent_check": true,
- "agent_port": "string",
- "agent_inter": "string",
- "connection_timeout": "string",
- "server_timeout": "string",
- "retries": "string",
- "persist_cookie_enabled": true,
- "persist_cookie_name": "string",
- "persist_cookie_mode": "string",
- "persist_cookie_cachable": true,
- "persist_cookie_postonly": true,
- "persist_cookie_httponly": true,
- "persist_cookie_secure": true,
- "haproxy_cookie_maxidle": "string",
- "haproxy_cookie_maxlife": "string",
- "haproxy_cookie_domains": "string",
- "haproxy_cookie_dynamic_cookie_key": "string",
- "persist_sticky_type": "string",
- "persist_stick_expire": "string",
- "persist_stick_tablesize": "string",
- "persist_stick_length": "string",
- "persist_stick_cookiename": "string",
- "stats_enabled": true,
- "stats_username": "string",
- "stats_password": "string",
- "stats_uri": "string",
- "stats_scope": "string",
- "stats_realm": "string",
- "stats_admin": "string",
- "stats_node": "string",
- "stats_desc": "string",
- "stats_refresh": "string",
- "strict_transport_security": "string",
- "cookie_attribute_secure": true,
- "email_level": "string",
- "email_to": "string",
- "ha_servers": [
- {
- "name": "string",
- "status": "string",
- "address": "string",
- "port": "string",
- "forwardto": "string",
- "ssl": true,
- "checkssl": true,
- "weight": "string",
- "cookie": "string",
- "maxconn": "string",
- "sslserververify": true,
- "verifyhost": "string",
- "ssl_server_ca": "string",
- "ssl_server_crl": "string",
- "ssl_server_clientcert": "string",
- "istemplate": "string",
- "advanced": "string"
}
], - "a_acl": [
- {
- "name": "string",
- "expression": "string",
- "value": "string",
- "casesensitive": true,
- "not_flag": true
}
], - "a_actionitems": [
- {
- "action": "string",
- "acl": "string",
- "use_backendbackend": "string",
- "use_backendserver": "string",
- "map_use_backendbackend": "string",
- "http_request_auth_realm": "string",
- "http_request_redirect": "string",
- "customaction": "string",
- "lua_function": "string",
- "header_name": "string",
- "header_value": "string",
- "header_replace": "string",
- "set_var_name": "string",
- "set_var_expr": "string",
- "http_response_code": "string",
- "http_response_reason": "string",
- "set_path": "string",
- "set_uri": "string",
- "track_sc0_table": "string",
- "track_sc0_key": "string",
- "cache_name": "string",
- "map_file": "string",
- "map_keyfmt": "string",
- "map_valuefmt": "string"
}
], - "errorfiles": [
- {
- "errorcode": "string",
- "errorfile": "string"
}
], - "advanced": "string",
- "advanced_backend": "string",
- "id": "string"
}{- "name": "string",
- "balance": "string",
- "balance_urilen": "string",
- "balance_uridepth": "string",
- "balance_uriwhole": true,
- "transparent_clientip": true,
- "transparent_interface": "string",
- "check_type": "string",
- "checkinter": "string",
- "log_health_checks": true,
- "httpcheck_method": "string",
- "monitor_uri": "string",
- "monitor_httpversion": "string",
- "monitor_username": "string",
- "monitor_domain": "string",
- "monitor_agentport": "string",
- "agent_check": true,
- "agent_port": "string",
- "agent_inter": "string",
- "connection_timeout": "string",
- "server_timeout": "string",
- "retries": "string",
- "persist_cookie_enabled": true,
- "persist_cookie_name": "string",
- "persist_cookie_mode": "string",
- "persist_cookie_cachable": true,
- "persist_cookie_postonly": true,
- "persist_cookie_httponly": true,
- "persist_cookie_secure": true,
- "haproxy_cookie_maxidle": "string",
- "haproxy_cookie_maxlife": "string",
- "haproxy_cookie_domains": "string",
- "haproxy_cookie_dynamic_cookie_key": "string",
- "persist_sticky_type": "string",
- "persist_stick_expire": "string",
- "persist_stick_tablesize": "string",
- "persist_stick_length": "string",
- "persist_stick_cookiename": "string",
- "stats_enabled": true,
- "stats_username": "string",
- "stats_password": "string",
- "stats_uri": "string",
- "stats_scope": "string",
- "stats_realm": "string",
- "stats_admin": "string",
- "stats_node": "string",
- "stats_desc": "string",
- "stats_refresh": "string",
- "strict_transport_security": "string",
- "cookie_attribute_secure": true,
- "email_level": "string",
- "email_to": "string",
- "ha_servers": [
- {
- "name": "string",
- "status": "string",
- "address": "string",
- "port": "string",
- "forwardto": "string",
- "ssl": true,
- "checkssl": true,
- "weight": "string",
- "cookie": "string",
- "maxconn": "string",
- "sslserververify": true,
- "verifyhost": "string",
- "ssl_server_ca": "string",
- "ssl_server_crl": "string",
- "ssl_server_clientcert": "string",
- "istemplate": "string",
- "advanced": "string"
}
], - "a_acl": [
- {
- "name": "string",
- "expression": "string",
- "value": "string",
- "casesensitive": true,
- "not_flag": true
}
], - "a_actionitems": [
- {
- "action": "string",
- "acl": "string",
- "use_backendbackend": "string",
- "use_backendserver": "string",
- "map_use_backendbackend": "string",
- "http_request_auth_realm": "string",
- "http_request_redirect": "string",
- "customaction": "string",
- "lua_function": "string",
- "header_name": "string",
- "header_value": "string",
- "header_replace": "string",
- "set_var_name": "string",
- "set_var_expr": "string",
- "http_response_code": "string",
- "http_response_reason": "string",
- "set_path": "string",
- "set_uri": "string",
- "track_sc0_table": "string",
- "track_sc0_key": "string",
- "cache_name": "string",
- "map_file": "string",
- "map_keyfmt": "string",
- "map_valuefmt": "string"
}
], - "errorfiles": [
- {
- "errorcode": "string",
- "errorfile": "string"
}
], - "advanced": "string",
- "advanced_backend": "string",
- "id": "string"
}| name | string Resolver Name Unique name for this DNS resolver entry. |
| server | string DNS Server IP address of the DNS server. |
| port | string DNS Port TCP/UDP port of the DNS server. (Default: 53) |
| id | string (readonly) ID assigned to this entry |
{- "name": "string",
- "server": "string",
- "port": "string",
- "id": "string"
}{- "name": "string",
- "server": "string",
- "port": "string",
- "id": "string"
}| id required | string |
| name | string Resolver Name Unique name for this DNS resolver entry. |
| server | string DNS Server IP address of the DNS server. |
| port | string DNS Port TCP/UDP port of the DNS server. (Default: 53) |
| id | string (readonly) ID assigned to this entry |
{- "name": "string",
- "server": "string",
- "port": "string",
- "id": "string"
}{- "name": "string",
- "server": "string",
- "port": "string",
- "id": "string"
}| action | string (start, stop, restart) action to perform on the haproxy service |
{- "action": "string"
}{- "result": "string"
}{- "frontends": [
- {
- "pxname": "string",
- "status": "string",
- "scur": 0,
- "slim": 0
}
], - "backends": [
- {
- "pxname": "string",
- "status": "string",
- "scur": 0,
- "slim": 0
}
], - "servers": [
- {
- "pxname": "string",
- "svname": "string",
- "status": "string",
- "scur": 0
}
]
}| hostnames | string Space-separated target IP addresses, hostnames, ranges, or networks to scan |
| scan_type | string Scan type (syn, connect, ack, window, udp, icmp, arp, ipscan, sctpinit, sctpecho, listscan) |
| iface | string Interface friendly name to use as the source interface |
| udp_scan | boolean Combine UDP scan (-sU) with a TCP scan method |
| no_ping | boolean Treat all hosts as online, skip host discovery (-Pn) |
| service_version | boolean Attempt to identify service versions (-sV) |
| os_detect | boolean Enable operating system detection (-O) |
| exclude_hosts | string Comma-separated IP addresses, hostnames, or ranges to exclude from scan |
| ports | string Port specification in nmap -p format (e.g. 22,80,443 or T:21-25,80,U:53) |
| top_ports | integer Only scan the N most common ports (1-65535) |
| no_dns | boolean Disable DNS resolution (-n) |
| traceroute | boolean Trace hop path to each host (--traceroute) |
{- "hostnames": "string",
- "scan_type": "string",
- "iface": "string",
- "udp_scan": true,
- "no_ping": true,
- "service_version": true,
- "os_detect": true,
- "exclude_hosts": "string",
- "ports": "string",
- "top_ports": 0,
- "no_dns": true,
- "traceroute": true
}{- "stdout": "string"
}{- "enable": true,
- "keepdata": true,
- "redis_password": "string",
- "redis_passwordagain": "string",
- "server_interface": "string",
- "server_ipv4": true,
- "server_ipv6": true,
- "interface_array": [
- "string"
], - "promiscuous": true,
- "dns_mode": "string",
- "local_nets": [
- {
- "cidr": "string",
- "cidr_name": "string"
}
], - "custom_config": "string",
- "maxmind_account": "string",
- "maxmind_key": "string",
- "delete_data": true,
- "reset_ntopng": true,
- "update_geodb": true,
- "server_interface_options": [
- {
- "value": "string",
- "text": "string"
}
], - "interface_array_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| enable | boolean Enable ntopng Check this to enable ntopng. |
| keepdata | boolean Keep Data/Settings Note: If disabled, all settings and data will be wiped on package uninstall/reinstall/upgrade! Keep ntopng settings, graphs and traffic data. |
| redis_password | string ntopng Admin Password Enter the password for the ntopng admin user. Minimum 5 characters. |
| redis_passwordagain | string Confirm ntopng Admin Password |
| server_interface | string (HTTP(S) Server Options) Server Interface Interface for the ntopng http(s) server to listen on. |
| server_ipv4 | boolean (HTTP(S) Server Options) Server IPv4 Enable listening on IPv4. Note that ntopng currently allows IPv4 or IPv6, but not both. |
| server_ipv6 | boolean (HTTP(S) Server Options) Server IPv6 Enable listening on IPv6. This setting is currently ignored if IPv4 is enabled. |
| interface_array | Array of strings |
| promiscuous | boolean (Monitoring Options) Promiscuous Mode Enable promiscuous mode on all monitored interfaces. |
| dns_mode | string (Monitoring Options) DNS Mode (0, 1, 2, 3) Configures how name resolution is handled. |
Array of objects (NtopngLocalnet) | |
| custom_config | string (Advanced configuration) Additional configuration for ntopng.conf Additional configuration lines to be added directly to the ntopng configuration file.
Each option must be on a separate line and in the form of |
| maxmind_account | string (Geolocation support) GeoLite2 Account ID |
| maxmind_key | string (Geolocation support) GeoLite2 License Key GeoLite2 provides location information about IP addresses. To utilize the free MaxMind GeoLite2 GeoIP functionality, you must register for a free MaxMind user account |
| delete_data | boolean Delete ntopng traffic data and alerts (useful if you are running out of disk space). |
| reset_ntopng | boolean Delete all ntopng data and perform a complete reset of ntopng configuration. |
| update_geodb | boolean Update the Geolocation database from the maxmind account |
Array of objects (TextValue) | |
Array of objects (TextValue) |
{- "enable": true,
- "keepdata": true,
- "redis_password": "string",
- "redis_passwordagain": "string",
- "server_interface": "string",
- "server_ipv4": true,
- "server_ipv6": true,
- "interface_array": [
- "string"
], - "promiscuous": true,
- "dns_mode": "string",
- "local_nets": [
- {
- "cidr": "string",
- "cidr_name": "string"
}
], - "custom_config": "string",
- "maxmind_account": "string",
- "maxmind_key": "string",
- "delete_data": true,
- "reset_ntopng": true,
- "update_geodb": true,
- "server_interface_options": [
- {
- "value": "string",
- "text": "string"
}
], - "interface_array_options": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "enable": true,
- "keepdata": true,
- "redis_password": "string",
- "redis_passwordagain": "string",
- "server_interface": "string",
- "server_ipv4": true,
- "server_ipv6": true,
- "interface_array": [
- "string"
], - "promiscuous": true,
- "dns_mode": "string",
- "local_nets": [
- {
- "cidr": "string",
- "cidr_name": "string"
}
], - "custom_config": "string",
- "maxmind_account": "string",
- "maxmind_key": "string",
- "delete_data": true,
- "reset_ntopng": true,
- "update_geodb": true,
- "server_interface_options": [
- {
- "value": "string",
- "text": "string"
}
], - "interface_array_options": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "enable": true,
- "interfacemode": "string",
- "loglevel": "string",
- "carpstatusvip": "string",
- "default_route_distance": "string",
- "default_route_metric": "string",
- "igmp_query_interval": "string",
- "igmp_querier_timeout": "string",
- "hello_interval": "string",
- "spt_type": "string",
- "spt_value": "string",
- "spt_interval": "string",
- "carp_vip_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| enable | boolean (Service Control) Enable |
| interfacemode | string (Service Control) Default Bind (none, all) Default interface binding behavior. Per-interface behavior can be set on the Interfaces tab. |
| loglevel | string (Service Control) Log Level (none, error, warning, notice, info, debug) Default Logging Level |
| carpstatusvip | string (Service Control) CARP Status VIP Used to determine the CARP status. When the CARP vhid is in BACKUP status, pimd will not be started. |
| default_route_distance | string (General Settings) Default Route Distance Default value for unicast routing protocol administrative distance. It is used in PIM Assert elections to determine upstream routers. The router advertising the lowest assert preference will be selected as the forwarder and upstream router for the LAN. (1-255, Default: 101) |
| default_route_metric | string (General Settings) Default Route Metric The default cost for sending data through this router. Only PIM-SM data should to go to this daemon; so a high value is recommended to prevent accidental usage. (1-1024, Default: 1024) |
| igmp_query_interval | string (General Settings) IGMP Query Interval The interval, in seconds, between IGMP queries when elected as querier. (1-65535, Default: 12) |
| igmp_querier_timeout | string (General Settings) IGMP Querier Timeout The timeout, in seconds, after which PIMD will take over for a failed elected querier. (8-65535, Default: 42) |
| hello_interval | string (General Settings) Hello Interval The interval, in seconds, between PIM Hello messages sent by pimd. This value also affects the Hold Time, which is 3.5x this value. (30-18724, Default: 30) |
| spt_type | string (Tree Switch Threshold) Threshold Type (default, rate, packets, infinity) Type of check to perform when making SPT decisions. |
| spt_value | string (Tree Switch Threshold) Threshold Value When Threshold Type is set to Rate, this value is a rate in Kbit/s. When set to Packets, this value is a specific number of packets. When set to Default or Infinity, this value is ignored. |
| spt_interval | string (Tree Switch Threshold) SPT Interval The interval, in seconds, after which PIMD will switch from the shared tree to the shortest-path source tree. (Default: 100) |
Array of objects (TextValue) |
{- "enable": true,
- "interfacemode": "string",
- "loglevel": "string",
- "carpstatusvip": "string",
- "default_route_distance": "string",
- "default_route_metric": "string",
- "igmp_query_interval": "string",
- "igmp_querier_timeout": "string",
- "hello_interval": "string",
- "spt_type": "string",
- "spt_value": "string",
- "spt_interval": "string",
- "carp_vip_options": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "enable": true,
- "interfacemode": "string",
- "loglevel": "string",
- "carpstatusvip": "string",
- "default_route_distance": "string",
- "default_route_metric": "string",
- "igmp_query_interval": "string",
- "igmp_querier_timeout": "string",
- "hello_interval": "string",
- "spt_type": "string",
- "spt_value": "string",
- "spt_interval": "string",
- "carp_vip_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| address | string RP Address Static rendezvous point (RP) for a given group, or range or groups, to bypass elections. May be a unicast address or multicast group. All static RP entries are advertised with a priority of 1. |
| descr | string Description |
| mcgroup | string Multicast Group Optional group address and prefix for this static RP. Default group is 224.0.0.0/16. |
| id | string (readonly) ID assigned to this entry |
{- "address": "string",
- "descr": "string",
- "mcgroup": "string",
- "id": "string"
}{- "address": "string",
- "descr": "string",
- "mcgroup": "string",
- "id": "string"
}| id required | string |
| address | string RP Address Static rendezvous point (RP) for a given group, or range or groups, to bypass elections. May be a unicast address or multicast group. All static RP entries are advertised with a priority of 1. |
| descr | string Description |
| mcgroup | string Multicast Group Optional group address and prefix for this static RP. Default group is 224.0.0.0/16. |
| id | string (readonly) ID assigned to this entry |
{- "address": "string",
- "descr": "string",
- "mcgroup": "string",
- "id": "string"
}{- "address": "string",
- "descr": "string",
- "mcgroup": "string",
- "id": "string"
}| intf_ident | string Interface The interface or address on which to enable Bootstrap Router (BSR) candidate election participation. When set to "default", the feature is enabled without a specific interface, which will default to the highest available IP address. |
| descr | string Description |
| priority | string Priority Priority of this router when electing a BSR. Higher values are preferred by participating routers. (0-255, Default: 0) |
| id | string (readonly) ID assigned to this entry |
{- "intf_ident": "string",
- "descr": "string",
- "priority": "string",
- "id": "string"
}{- "intf_ident": "string",
- "descr": "string",
- "priority": "string",
- "id": "string"
}| id required | string |
| intf_ident | string Interface The interface or address on which to enable Bootstrap Router (BSR) candidate election participation. When set to "default", the feature is enabled without a specific interface, which will default to the highest available IP address. |
| descr | string Description |
| priority | string Priority Priority of this router when electing a BSR. Higher values are preferred by participating routers. (0-255, Default: 0) |
| id | string (readonly) ID assigned to this entry |
{- "intf_ident": "string",
- "descr": "string",
- "priority": "string",
- "id": "string"
}{- "intf_ident": "string",
- "descr": "string",
- "priority": "string",
- "id": "string"
}{- "interfaces": [
- {
- "intf_ident": "string",
- "descr": "string",
- "binding": "string",
- "igmpversion": "string",
- "dr_priority": "string",
- "ttl_threshold": "string",
- "distance": "string",
- "metric": "string",
- "altnet": "string",
- "scoped": "string",
- "id": "string"
}
], - "intf_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| intf_ident | string (Interface Options) Interface Select the interface or address to bind. Multiple entries may be added for the same interface to specify multiple values for items such as Alternative Networks and Multicast Scope. Note: A firewall rule with enabled advanced option 'Allow IP options' must exist to allow multicast traffic. |
| descr | string (Interface Options) Description |
| binding | string (Interface Options) Interface Binding (default, enable, disable) Binding behavior for this interface. Combines with Default Bind setting on the General tab to determine whether or not this interface will be used by PIMD. |
| igmpversion | string (Interface Options) IGMP Version (default, 3, 2) The IGMP version to use on this interface. |
| dr_priority | string (Interface Options) DR Priority Priority to use for Designated Router (DR) election. Highest advertised priority wins the election. Ties are given to the router with the highest IP address in the subnet. (1-4294967294, Default: 1) |
| ttl_threshold | string (Interface Options) TTL Threshold The TTL threshold for multicast frames to be forwarded from this interface. (1-255, Default: 1) |
| distance | string (Interface Options) Route Distance Default administrative distance for routes on this interface. Overrides the global Default Route Distance value. (1-255, Default: Default Route Distance on General tab) |
| metric | string (Interface Options) Route Metric Default metric for routes on this interface. Overrides the global Default Route Metric value. (1-1024, Default: Default Route Metric on General tab) |
| altnet | string (Interface Options) Alternative Network Alternative host or network to accept as a locally attached multicast source. |
| scoped | string (Interface Options) Multicast Scope Multicast streams belonging to this scoped group will not be forwarded. Allows interfaces to be configured as an administrative boundary for the specified group. |
| id | string (readonly) ID assigned to this entry |
{- "intf_ident": "string",
- "descr": "string",
- "binding": "string",
- "igmpversion": "string",
- "dr_priority": "string",
- "ttl_threshold": "string",
- "distance": "string",
- "metric": "string",
- "altnet": "string",
- "scoped": "string",
- "id": "string"
}{- "intf_ident": "string",
- "descr": "string",
- "binding": "string",
- "igmpversion": "string",
- "dr_priority": "string",
- "ttl_threshold": "string",
- "distance": "string",
- "metric": "string",
- "altnet": "string",
- "scoped": "string",
- "id": "string"
}| id required | string |
| intf_ident | string (Interface Options) Interface Select the interface or address to bind. Multiple entries may be added for the same interface to specify multiple values for items such as Alternative Networks and Multicast Scope. Note: A firewall rule with enabled advanced option 'Allow IP options' must exist to allow multicast traffic. |
| descr | string (Interface Options) Description |
| binding | string (Interface Options) Interface Binding (default, enable, disable) Binding behavior for this interface. Combines with Default Bind setting on the General tab to determine whether or not this interface will be used by PIMD. |
| igmpversion | string (Interface Options) IGMP Version (default, 3, 2) The IGMP version to use on this interface. |
| dr_priority | string (Interface Options) DR Priority Priority to use for Designated Router (DR) election. Highest advertised priority wins the election. Ties are given to the router with the highest IP address in the subnet. (1-4294967294, Default: 1) |
| ttl_threshold | string (Interface Options) TTL Threshold The TTL threshold for multicast frames to be forwarded from this interface. (1-255, Default: 1) |
| distance | string (Interface Options) Route Distance Default administrative distance for routes on this interface. Overrides the global Default Route Distance value. (1-255, Default: Default Route Distance on General tab) |
| metric | string (Interface Options) Route Metric Default metric for routes on this interface. Overrides the global Default Route Metric value. (1-1024, Default: Default Route Metric on General tab) |
| altnet | string (Interface Options) Alternative Network Alternative host or network to accept as a locally attached multicast source. |
| scoped | string (Interface Options) Multicast Scope Multicast streams belonging to this scoped group will not be forwarded. Allows interfaces to be configured as an administrative boundary for the specified group. |
| id | string (readonly) ID assigned to this entry |
{- "intf_ident": "string",
- "descr": "string",
- "binding": "string",
- "igmpversion": "string",
- "dr_priority": "string",
- "ttl_threshold": "string",
- "distance": "string",
- "metric": "string",
- "altnet": "string",
- "scoped": "string",
- "id": "string"
}{- "intf_ident": "string",
- "descr": "string",
- "binding": "string",
- "igmpversion": "string",
- "dr_priority": "string",
- "ttl_threshold": "string",
- "distance": "string",
- "metric": "string",
- "altnet": "string",
- "scoped": "string",
- "id": "string"
}| intf_ident | string Interface The interface or address on which to enable Rendezvous Point (RP) candidate election participation. When set to "default", the feature is enabled without a specific interface, which will default to the highest available IP address. |
| descr | string Description |
| priority | string Priority Priority of this router when electing an RP. Lower values are preferred by participating routers. (0-255, Default: 0) |
| time | string Time The number of seconds to wait between RP advertisements. Lower values allow for faster convergence. (10-16383, Default: 30) |
| group_prefixes | Array of strings |
| id | string (readonly) ID assigned to this entry |
{- "intf_ident": "string",
- "descr": "string",
- "priority": "string",
- "time": "string",
- "group_prefixes": [
- "string"
], - "id": "string"
}{- "intf_ident": "string",
- "descr": "string",
- "priority": "string",
- "time": "string",
- "group_prefixes": [
- "string"
], - "id": "string"
}| id required | string |
| intf_ident | string Interface The interface or address on which to enable Rendezvous Point (RP) candidate election participation. When set to "default", the feature is enabled without a specific interface, which will default to the highest available IP address. |
| descr | string Description |
| priority | string Priority Priority of this router when electing an RP. Lower values are preferred by participating routers. (0-255, Default: 0) |
| time | string Time The number of seconds to wait between RP advertisements. Lower values allow for faster convergence. (10-16383, Default: 30) |
| group_prefixes | Array of strings |
| id | string (readonly) ID assigned to this entry |
{- "intf_ident": "string",
- "descr": "string",
- "priority": "string",
- "time": "string",
- "group_prefixes": [
- "string"
], - "id": "string"
}{- "intf_ident": "string",
- "descr": "string",
- "priority": "string",
- "time": "string",
- "group_prefixes": [
- "string"
], - "id": "string"
}| cmd | string (Shellcmd Configuration) Command Enter the command to run. |
| cmdtype | string (Shellcmd Configuration) Shellcmd Type (shellcmd, earlyshellcmd, afterfilterchangeshellcmd, disabled) shellcmd: Will run the command specified towards the end of the boot process. earlyshellcmd: Will run the command specified at the beginning of the boot process. afterfilterchangeshellcmd: Will run after each filter_configure() call. Note: Only one entry of this type can be configured! disabledWill save the command in package configuration but it will NOT run on boot. See https://docs.netgate.com/pfsense/en/latest/development/boot-commands.html (Executing commands at boot time) for detailed explanation. |
| description | string (Shellcmd Configuration) Description Enter a description for this command. (This is for your reference only.) |
| id | string (readonly) ID assigned to this entry |
{- "cmd": "string",
- "cmdtype": "string",
- "description": "string",
- "id": "string"
}{- "cmd": "string",
- "cmdtype": "string",
- "description": "string",
- "id": "string"
}| id required | string |
| cmd | string (Shellcmd Configuration) Command Enter the command to run. |
| cmdtype | string (Shellcmd Configuration) Shellcmd Type (shellcmd, earlyshellcmd, afterfilterchangeshellcmd, disabled) shellcmd: Will run the command specified towards the end of the boot process. earlyshellcmd: Will run the command specified at the beginning of the boot process. afterfilterchangeshellcmd: Will run after each filter_configure() call. Note: Only one entry of this type can be configured! disabledWill save the command in package configuration but it will NOT run on boot. See https://docs.netgate.com/pfsense/en/latest/development/boot-commands.html (Executing commands at boot time) for detailed explanation. |
| description | string (Shellcmd Configuration) Description Enter a description for this command. (This is for your reference only.) |
| id | string (readonly) ID assigned to this entry |
{- "cmd": "string",
- "cmdtype": "string",
- "description": "string",
- "id": "string"
}{- "cmd": "string",
- "cmdtype": "string",
- "description": "string",
- "id": "string"
}{- "sipenable": true,
- "if_inbound": "string",
- "if_outbound": "string",
- "port": "string",
- "hosts_allow_reg": "string",
- "hosts_allow_sip": "string",
- "hosts_deny_sip": "string",
- "defaulttimeout": "string",
- "ua_string": "string",
- "use_rport": "string",
- "tcp_timeout": "string",
- "tcp_connect_timeout": "string",
- "tcp_keepalive": "string",
- "rtpenable": "string",
- "rtplower": "string",
- "rtpupper": "string",
- "rtptimeout": "string",
- "rtp_input_dejitter": "string",
- "rtp_output_dejitter": "string",
- "authentication": true,
- "outboundproxyhost": "string",
- "outboundproxyport": "string",
- "expeditedsipforwarding": true,
- "expeditedforwarding": true,
- "plugin_defaulttarget": true,
- "plugin_defaulttarget_target": "string",
- "plugin_defaulttarget_log": true,
- "plugin_fix_bogus_via": true,
- "plugin_fix_bogus_via_networks": "string",
- "plugin_stun": true,
- "plugin_stun_server": "string",
- "plugin_stun_port": "string",
- "plugin_stun_period": "string",
- "plugin_fix_dtag": true,
- "plugin_fix_dtag_networks": "string",
- "plugin_stripheader": true,
- "plugin_stripheader_remove1": "string",
- "plugin_stripheader_remove2": "string",
- "plugin_stripheader_remove3": "string",
- "plugin_codecfilter": true,
- "plugin_codecfilter_blacklist1": "string",
- "plugin_codecfilter_blacklist2": "string",
- "plugin_codecfilter_blacklist3": "string",
- "plugin_fix_fbox_anoncall": true,
- "plugin_fix_fbox_anoncall_networks": "string",
- "plugin_siptrunk": true,
- "plugin_siptrunk_account": "string",
- "plugin_siptrunk_numbers_regex": "string",
- "debug_level": "string",
- "debug_port": "string",
- "if_inbound_options": [
- {
- "value": "string",
- "text": "string"
}
], - "if_outbound_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| sipenable | boolean Enable siproxd |
| if_inbound | string Inbound Interface Select the inbound interface. |
| if_outbound | string Outbound Interface Select the outbound interface. |
| port | string (SIP Settings) Listening Port Enter the port on which to listen for SIP traffic (default 5060). WARNING: Do not change this unless you know what you're doing. |
| hosts_allow_reg | string (SIP Settings) Allow Registration from List of etworks from which we accept registrations. Empty means, allow from everywhere. Note that registrations are ONLY allowed from INBOUND! (Default: allow all) |
| hosts_allow_sip | string (SIP Settings) Allow SIP Traffic from List of networks from which we accept SIP traffic. Empty means, allow from everywhere. (Default: allow all) |
| hosts_deny_sip | string (SIP Settings) Deny SIP Traffic from List of networks from which we deny SIP traffic. Empty means, no blocked networks. Note: The DENY list takes precedence over the ALLOW lists. (Default: no deny list) |
| defaulttimeout | string (SIP Settings) Default Expiration Timeout If a REGISTER request does not contain an Expires header or expires= parameter, this number of seconds will be used and reported back to the UA in the answer. |
| ua_string | string (SIP Settings) User-Agent Masquerading Siproxd can masquerade the User Agent string of your local UAs. Useful for Providers that do not work with some specific UAs (e.g. sipcall.ch - it does not work if your outgoing SIP traffic contains an Asterisk UA string...). Default is to do no replacement. Masquerade all User-Agent identifiers from local UAs with the string provided here. Empty means no substitution. |
| use_rport | string (SIP Settings) Use ;rport in via header (0, 1, 2, 3) Add a ;rport targ to Via headers. May be required in some cases where you have a NAT router that remaps the source port 5060 to something different and the registrar sends back the responses to port 5060. Options:
|
| tcp_timeout | string (SIP over TCP Settings) TCP Inactivity Timeout Inactivity timeout (seconds). After that an idling TCP connection is disconnected. NOTE: Making this too short may cause multiple parallel registrations for the same phone. This timeout must be set larger than the used registration interval. Default: 600 sec |
| tcp_connect_timeout | string (SIP over TCP Settings) TCP Connect Timeout Defines how many msecs siproxd will wait for a successful connect when establishing an outgoing SIP signalling connection. This should be kept as short as possible as waiting for an TCP connection to establish is a BLOCKING operation - no other SIP messages are processed while waiting for a connect to succeed (RTP is not affected). Default: 500 msec |
| tcp_keepalive | string (SIP over TCP Settings) TCP Keepalive For TCP SIP signalling, if > 0 empty SIP packets will be sent every 'n' seconds to keep the connection alive. Default is off. |
| rtpenable | string (RTP Settings) Enable RTP Proxy (1, 0) 1: Enable or, 0: Disable the RTP proxy. Default is enabled. |
| rtplower | string (RTP Settings) RTP Port Range (Lower) Enter the bottom edge of the port range siproxd will allocate for incoming RTP traffic. This range must not be blocked by the firewall. (Default: 7070) |
| rtpupper | string (RTP Settings) RTP Port Range (Upper) Enter the top edge of the port range siproxd will allocate for incoming RTP traffic. This range must not be blocked by the firewall. (Default: 7079) |
| rtptimeout | string (RTP Settings) RTP Stream Timeout After this number of seconds, an RTP stream is considered dead and proxying it will be stopped. (Default: 300sec) |
| rtp_input_dejitter | string (Dejittering Settings) Input Dejitter Artificial delay to be used to de-jitter RTP data streams. This time is in microseconds. 0 - completely disable dejitter (default) |
| rtp_output_dejitter | string (Dejittering Settings) Output Dejitter Artificial delay to be used to de-jitter RTP data streams. This time is in microseconds. 0 - completely disable dejitter (default) |
| authentication | boolean (Proxy Settings) Proxy Authentication If checked, clients will be forced to authenticate themselves at the proxy (for registration only). Enable Proxy Authentication |
| outboundproxyhost | string (Proxy Settings) Outbound Proxy Hostname Enter the hostname of an outbound proxy to send all traffic to. This is only useful if you have multiple masquerading firewalls to cross. |
| outboundproxyport | string (Proxy Settings) Outbound Proxy Port Enter the port of the outbound proxy to send all traffic to. This is only useful if you have multiple masquerading firewalls to cross. |
| expeditedsipforwarding | boolean (DSCP Settings) Expedited SIP Forwarding This service is designed to allow ISPs to offer a service with attributes similar to a "leased line". This service offers the ULTIMATE IN LOW LOSS, LOW LATENCY AND LOW JITTER by ensuring that there is always sufficient room in output queues for the contracted expedited forwarding traffic. Enable DSCP tagging of SIP traffic |
| expeditedforwarding | boolean (DSCP Settings) Expedited RTP Forwarding This service is designed to allow ISPs to offer a service with attributes similar to a "leased line". This service offers the ULTIMATE IN LOW LOSS, LOW LATENCY AND LOW JITTER by ensuring that there is always sufficient room in output queues for the contracted expedited forwarding traffic. Enable DSCP tagging of RTP traffic |
| plugin_defaulttarget | boolean (Plugin Settings - Default Target) Enable Default Target Plugin Redirect unknown calls to a specified target. |
| plugin_defaulttarget_target | string (Plugin Settings - Default Target) Default Target Target must be a full SIP URI with the syntax sip:user@host[:port] |
| plugin_defaulttarget_log | boolean (Plugin Settings - Default Target) Log Redirected Calls Log redirected calls. |
| plugin_fix_bogus_via | boolean (Plugin Settings - Fix bogus VIA Headers) Enable Bogus Via Plugin If enabled, incoming (from public network) SIP messages are checked for broken SIP Via headers. If the IP address in the latest Via Header is part of the list below, it will be replaced by the IP address where the SIP message has been received from. Enable the Fix Bogus Via Plugin |
| plugin_fix_bogus_via_networks | string (Plugin Settings - Fix bogus VIA Headers) Bogus Via Networks Comma separated list of networks which should have their via headers rewritten. Example: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 |
| plugin_stun | boolean (Plugin Settings - STUN) STUN Plugin Uses an external STUN server to determine the public IP address of siproxd. Useful for "in-front-of-NAT-router" scenarios. Enable STUN Plugin |
| plugin_stun_server | string (Plugin Settings - STUN) STUN Hostname External STUN server hostname. |
| plugin_stun_port | string (Plugin Settings - STUN) STUN Port External STUN server port. |
| plugin_stun_period | string (Plugin Settings - STUN) STUN Period Period in seconds to request IP info from STUN server. |
| plugin_fix_dtag | boolean (Plugin Settings - Fix DTAG) Enable fix_DTAG Plugin Work around some issues with DTAG (Deutsche Telekom AG) as REGISTRAR. |
| plugin_fix_dtag_networks | string (Plugin Settings - Fix DTAG) List of remote Networks to apply DTAG workaround Comma separated list of networks where DTAG REGISTRARs are located. Example: 217.0.23.100/32 |
| plugin_stripheader | boolean (Plugin Settings - Strip Headers) Enable Strip Header Plugin Unconditionally strip the specified SIP header from the packet. |
| plugin_stripheader_remove1 | string (Plugin Settings - Strip Headers) Header to remove (1) Unconditionally strip the specified SIP header from the packet. May be used to workaround IP fragmentation by removing "unimportant" SIP headers - this is clearly a ugly hack but sometimes saves one from headache. Format is |
| plugin_stripheader_remove2 | string (Plugin Settings - Strip Headers) Header to remove (2) |
| plugin_stripheader_remove3 | string (Plugin Settings - Strip Headers) Header to remove (3) |
| plugin_codecfilter | boolean (Plugin Settings - Codec Filter) Enable Codec Filter Plugin Removes blacklisted codecs from any passing SDP payload in both (incoming and outgoing) directions. |
| plugin_codecfilter_blacklist1 | string (Plugin Settings - Codec Filter) Codec to remove (1) Removes blacklisted (plugin_codecfilter_blacklist) codecs from any passing SDP payload in both (incoming and outgoing) directions. This allows the proxy to force the exclusion of particular codecs in the negotiation between a local UA and a remote side. The match is done as case-insensitive substring match. The config string "726" would match the codecs "G726-32/800", "g726", etc. |
| plugin_codecfilter_blacklist2 | string (Plugin Settings - Codec Filter) Codec to remove (2) |
| plugin_codecfilter_blacklist3 | string (Plugin Settings - Codec Filter) Codec to remove (3) |
| plugin_fix_fbox_anoncall | boolean (Plugin Settings - Fix Anonymous Calls on Fritzboxes) fix_fbox_anoncall Plugin Fixes incoming anonymous phone calls with local Fritzbox UAs Enable fix_fbox_anoncall Plugin |
| plugin_fix_fbox_anoncall_networks | string (Plugin Settings - Fix Anonymous Calls on Fritzboxes) Local Networks to apply workaround Comma separated list of local networks which contain Fritzbox UAs that need fixing. Example: 192.168.0.0/16,10.0.0.0/8,172.16.0.0/20 |
| plugin_siptrunk | boolean (Plugin Settings - SIP Trunk) SIP Trunk Plugin to handle SIP Trunks where using one single SIP account to which a whole number block is routed. This means an incoming INVITE does carry the target number (in SIP URI or To: header field) but does not really carry any clear indications to which account it belongs to. Enable SIP Trunk Plugin |
| plugin_siptrunk_account | string (Plugin Settings - SIP Trunk) SIP account SIP account in the form of 'sip:user@host', identical as used for registration. |
| plugin_siptrunk_numbers_regex | string (Plugin Settings - SIP Trunk) REGEX number Regular expression that matches the whole number block associated with this account. Example: ^555123(10[0-9]|11[012])$ |
| debug_level | string (Debug Options) Debug Level options (flags):
|
| debug_port | string (Debug Options) TCP Debug Port You may connect to this port from a remote machine and receive debug output. This allows better creation of debug output on embedded systems that do not have enough memory for large disk files. NOTE: Port number 0 means this feature is disabled. |
Array of objects (TextValue) | |
Array of objects (TextValue) |
{- "sipenable": true,
- "if_inbound": "string",
- "if_outbound": "string",
- "port": "string",
- "hosts_allow_reg": "string",
- "hosts_allow_sip": "string",
- "hosts_deny_sip": "string",
- "defaulttimeout": "string",
- "ua_string": "string",
- "use_rport": "string",
- "tcp_timeout": "string",
- "tcp_connect_timeout": "string",
- "tcp_keepalive": "string",
- "rtpenable": "string",
- "rtplower": "string",
- "rtpupper": "string",
- "rtptimeout": "string",
- "rtp_input_dejitter": "string",
- "rtp_output_dejitter": "string",
- "authentication": true,
- "outboundproxyhost": "string",
- "outboundproxyport": "string",
- "expeditedsipforwarding": true,
- "expeditedforwarding": true,
- "plugin_defaulttarget": true,
- "plugin_defaulttarget_target": "string",
- "plugin_defaulttarget_log": true,
- "plugin_fix_bogus_via": true,
- "plugin_fix_bogus_via_networks": "string",
- "plugin_stun": true,
- "plugin_stun_server": "string",
- "plugin_stun_port": "string",
- "plugin_stun_period": "string",
- "plugin_fix_dtag": true,
- "plugin_fix_dtag_networks": "string",
- "plugin_stripheader": true,
- "plugin_stripheader_remove1": "string",
- "plugin_stripheader_remove2": "string",
- "plugin_stripheader_remove3": "string",
- "plugin_codecfilter": true,
- "plugin_codecfilter_blacklist1": "string",
- "plugin_codecfilter_blacklist2": "string",
- "plugin_codecfilter_blacklist3": "string",
- "plugin_fix_fbox_anoncall": true,
- "plugin_fix_fbox_anoncall_networks": "string",
- "plugin_siptrunk": true,
- "plugin_siptrunk_account": "string",
- "plugin_siptrunk_numbers_regex": "string",
- "debug_level": "string",
- "debug_port": "string",
- "if_inbound_options": [
- {
- "value": "string",
- "text": "string"
}
], - "if_outbound_options": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "sipenable": true,
- "if_inbound": "string",
- "if_outbound": "string",
- "port": "string",
- "hosts_allow_reg": "string",
- "hosts_allow_sip": "string",
- "hosts_deny_sip": "string",
- "defaulttimeout": "string",
- "ua_string": "string",
- "use_rport": "string",
- "tcp_timeout": "string",
- "tcp_connect_timeout": "string",
- "tcp_keepalive": "string",
- "rtpenable": "string",
- "rtplower": "string",
- "rtpupper": "string",
- "rtptimeout": "string",
- "rtp_input_dejitter": "string",
- "rtp_output_dejitter": "string",
- "authentication": true,
- "outboundproxyhost": "string",
- "outboundproxyport": "string",
- "expeditedsipforwarding": true,
- "expeditedforwarding": true,
- "plugin_defaulttarget": true,
- "plugin_defaulttarget_target": "string",
- "plugin_defaulttarget_log": true,
- "plugin_fix_bogus_via": true,
- "plugin_fix_bogus_via_networks": "string",
- "plugin_stun": true,
- "plugin_stun_server": "string",
- "plugin_stun_port": "string",
- "plugin_stun_period": "string",
- "plugin_fix_dtag": true,
- "plugin_fix_dtag_networks": "string",
- "plugin_stripheader": true,
- "plugin_stripheader_remove1": "string",
- "plugin_stripheader_remove2": "string",
- "plugin_stripheader_remove3": "string",
- "plugin_codecfilter": true,
- "plugin_codecfilter_blacklist1": "string",
- "plugin_codecfilter_blacklist2": "string",
- "plugin_codecfilter_blacklist3": "string",
- "plugin_fix_fbox_anoncall": true,
- "plugin_fix_fbox_anoncall_networks": "string",
- "plugin_siptrunk": true,
- "plugin_siptrunk_account": "string",
- "plugin_siptrunk_numbers_regex": "string",
- "debug_level": "string",
- "debug_port": "string",
- "if_inbound_options": [
- {
- "value": "string",
- "text": "string"
}
], - "if_outbound_options": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "phones": [
- {
- "expires": 0,
- "real": {
- "type": "string",
- "user": "string",
- "host": "string",
- "port": "string"
}, - "nat": {
- "type": "string",
- "user": "string",
- "host": "string",
- "port": "string"
}, - "registered": {
- "type": "string",
- "user": "string",
- "host": "string",
- "port": "string"
}
}
]
}| action | string (start, stop, restart, reload) action to perform on the siproxd service |
{- "action": "string"
}{- "result": "string"
}| username | string Username Enter the username here. |
| password | string Password Enter the password here. |
| description | string Username Description Enter the description of the user here. |
| id | string (readonly) ID assigned to this entry |
{- "username": "string",
- "password": "string",
- "description": "string",
- "id": "string"
}{- "username": "string",
- "password": "string",
- "description": "string",
- "id": "string"
}| id required | string |
| username | string Username Enter the username here. |
| password | string Password Enter the password here. |
| description | string Username Description Enter the description of the user here. |
| id | string (readonly) ID assigned to this entry |
{- "username": "string",
- "password": "string",
- "description": "string",
- "id": "string"
}{- "username": "string",
- "password": "string",
- "description": "string",
- "id": "string"
}{- "config": {
- "encryption_password": "string",
- "enable": true,
- "hint": "string",
- "frequency": "string",
- "minute": "string",
- "hour": "string",
- "month": "string",
- "day": "string",
- "dow": "string",
- "numman": "string",
- "reverse": "string"
}, - "userkey": "string"
}When updating ACB, if ACBConfigInfo.userkey is provided, then the device's key will be updated and all future backups will use the new key. ACBConfigInfo.config is optional if ACBConfigInfo.userkey is provided.
object (ACBConfig) valid values: frequency = "cron", "every" reverse = "yes", "no" | |
| userkey | string hexidecimal encoded 32-byte random bytes |
{- "config": {
- "encryption_password": "string",
- "enable": true,
- "hint": "string",
- "frequency": "string",
- "minute": "string",
- "hour": "string",
- "month": "string",
- "day": "string",
- "dow": "string",
- "numman": "string",
- "reverse": "string"
}, - "userkey": "string"
}{- "result": "string"
}{- "account_keys": [
- {
- "name": "string",
- "desc": "string",
- "email": "string",
- "acme_server": "string",
- "key_type": "rsa2048",
- "account_key": "string",
- "registration": {
- "uri": "string",
- "status": "string",
- "contact": [
- "string"
], - "termsOfServiceAgreed": true,
- "orders": "string",
- "onlyReturnExisting": true,
- "externalAccountBinding": "string"
}
}
], - "certs": [
- {
- "name": "string",
- "desc": "string",
- "enabled": true,
- "acme_account": "string",
- "key_type": "rsa2048",
- "custom_key": "string",
- "preferred_chain": "string",
- "profile": "string",
- "dns_wait": 0,
- "domain_list": [
- {
- "name": "string",
- "enabled": true,
- "method": "string",
- "config": {
- "credentials": {
- "property1": "string",
- "property2": "string"
}, - "additional": {
- "property1": "string",
- "property2": "string"
}
}
}
], - "action_list": [
- {
- "command": "string",
- "enabled": true,
- "method": "string"
}
], - "issued_cert": {
- "domain": "string",
- "certURL": "string",
- "certStableURL": "string",
- "privateKey": "string",
- "certificate": "string",
- "issuerCertificate": "string",
- "csr": "string"
}, - "ari_disable": true,
- "renew_before": 0,
- "lastrenewal": "string"
}
], - "servers": [
- {
- "name": "string",
- "url": "string",
- "custom": true
}
], - "settings": {
- "renew_certs": true,
- "write_certs": true
}
}| renew_certs | boolean whether to auto renew acme certs |
| write_certs | boolean write acme cert in various format |
{- "renew_certs": true,
- "write_certs": true
}{- "result": "string"
}| name | string name of this account key |
| desc | string |
string e-mail address to register for account key | |
| acme_server | string the acme server which will be used to issue certificates using this account key |
| key_type | string Enum: "rsa2048" "rsa3072" "rsa4096" "rsa8192" "ec256" "ec384" "custom" type of the cert's private key valid value = rsa2048, rsa3072, rsa4096, rsa8192, ec256, ec384, custom |
| account_key | string <byte> if key_type is not "custom", system will overwrite this field with generated private key |
object (ACMERegistration) Read only info about the account created on a ACME server |
{- "name": "string",
- "desc": "string",
- "email": "string",
- "acme_server": "string",
- "key_type": "rsa2048",
- "account_key": "string",
- "registration": {
- "uri": "string",
- "status": "string",
- "contact": [
- "string"
], - "termsOfServiceAgreed": true,
- "orders": "string",
- "onlyReturnExisting": true,
- "externalAccountBinding": "string"
}
}{- "result": "string"
}| name required | string |
| name | string name of this account key |
| desc | string |
string e-mail address to register for account key | |
| acme_server | string the acme server which will be used to issue certificates using this account key |
| key_type | string Enum: "rsa2048" "rsa3072" "rsa4096" "rsa8192" "ec256" "ec384" "custom" type of the cert's private key valid value = rsa2048, rsa3072, rsa4096, rsa8192, ec256, ec384, custom |
| account_key | string <byte> if key_type is not "custom", system will overwrite this field with generated private key |
object (ACMERegistration) Read only info about the account created on a ACME server |
{- "name": "string",
- "desc": "string",
- "email": "string",
- "acme_server": "string",
- "key_type": "rsa2048",
- "account_key": "string",
- "registration": {
- "uri": "string",
- "status": "string",
- "contact": [
- "string"
], - "termsOfServiceAgreed": true,
- "orders": "string",
- "onlyReturnExisting": true,
- "externalAccountBinding": "string"
}
}{- "result": "string"
}| name | string this name will also be used to create or overwrite a certificate that might already exist in the pfSense Certificate Manager |
| desc | string description of this acme certificate |
| enabled | boolean whether this certificate enabled for acme operation |
| acme_account | string name of the corresponding acme account key |
| key_type | string Enum: "rsa2048" "rsa3072" "rsa4096" "rsa8192" "ec256" "ec384" "custom" type of the certificate's private key valid value = rsa2048, rsa3072, rsa4096, rsa8192, ec256, ec384, custom |
| custom_key | string <byte> if key_type is not "custom", custom_key will be ignored |
| preferred_chain | string chooses an alternate preferred chain |
| profile | string chooses a profile the acme server supported |
| dns_wait | integer disables all the dns propagation checks of the TXT record and uses a wait duration instead (in second) |
Array of objects (ACMEDomain) | |
Array of objects (ACMEAction) | |
object (ACMEIssuedCert) | |
| ari_disable | boolean disable the use of acme renewal information extension to check if the certificate needs to be renewed |
| renew_before | integer number of days before the certificate expires to renew the certificate if the use of acme renewal information extension is failed or disabled, this value will be used to determine whether the certificate should be renewed (default: 30) |
| lastrenewal | string read only timestamp of last issue/renew of certificate |
{- "name": "string",
- "desc": "string",
- "enabled": true,
- "acme_account": "string",
- "key_type": "rsa2048",
- "custom_key": "string",
- "preferred_chain": "string",
- "profile": "string",
- "dns_wait": 0,
- "domain_list": [
- {
- "name": "string",
- "enabled": true,
- "method": "string",
- "config": {
- "credentials": {
- "property1": "string",
- "property2": "string"
}, - "additional": {
- "property1": "string",
- "property2": "string"
}
}
}
], - "action_list": [
- {
- "command": "string",
- "enabled": true,
- "method": "string"
}
], - "issued_cert": {
- "domain": "string",
- "certURL": "string",
- "certStableURL": "string",
- "privateKey": "string",
- "certificate": "string",
- "issuerCertificate": "string",
- "csr": "string"
}, - "ari_disable": true,
- "renew_before": 0,
- "lastrenewal": "string"
}{- "result": "string"
}| name required | string |
| name | string this name will also be used to create or overwrite a certificate that might already exist in the pfSense Certificate Manager |
| desc | string description of this acme certificate |
| enabled | boolean whether this certificate enabled for acme operation |
| acme_account | string name of the corresponding acme account key |
| key_type | string Enum: "rsa2048" "rsa3072" "rsa4096" "rsa8192" "ec256" "ec384" "custom" type of the certificate's private key valid value = rsa2048, rsa3072, rsa4096, rsa8192, ec256, ec384, custom |
| custom_key | string <byte> if key_type is not "custom", custom_key will be ignored |
| preferred_chain | string chooses an alternate preferred chain |
| profile | string chooses a profile the acme server supported |
| dns_wait | integer disables all the dns propagation checks of the TXT record and uses a wait duration instead (in second) |
Array of objects (ACMEDomain) | |
Array of objects (ACMEAction) | |
object (ACMEIssuedCert) | |
| ari_disable | boolean disable the use of acme renewal information extension to check if the certificate needs to be renewed |
| renew_before | integer number of days before the certificate expires to renew the certificate if the use of acme renewal information extension is failed or disabled, this value will be used to determine whether the certificate should be renewed (default: 30) |
| lastrenewal | string read only timestamp of last issue/renew of certificate |
{- "name": "string",
- "desc": "string",
- "enabled": true,
- "acme_account": "string",
- "key_type": "rsa2048",
- "custom_key": "string",
- "preferred_chain": "string",
- "profile": "string",
- "dns_wait": 0,
- "domain_list": [
- {
- "name": "string",
- "enabled": true,
- "method": "string",
- "config": {
- "credentials": {
- "property1": "string",
- "property2": "string"
}, - "additional": {
- "property1": "string",
- "property2": "string"
}
}
}
], - "action_list": [
- {
- "command": "string",
- "enabled": true,
- "method": "string"
}
], - "issued_cert": {
- "domain": "string",
- "certURL": "string",
- "certStableURL": "string",
- "privateKey": "string",
- "certificate": "string",
- "issuerCertificate": "string",
- "csr": "string"
}, - "ari_disable": true,
- "renew_before": 0,
- "lastrenewal": "string"
}{- "result": "string"
}| key_type | string Enum: "rsa2048" "rsa3072" "rsa4096" "rsa8192" "ec256" "ec384" type of the cert's private key valid value = rsa2048, rsa3072, rsa4096, rsa8192, ec256, ec384 |
{- "key_type": "rsa2048"
}{- "key": "string"
}| name | string name used to reference the acme server |
| url | string url of the acme server |
| custom | boolean read only value indicate is this a custom server added by user |
{- "name": "string",
- "url": "string",
- "custom": true
}{- "result": "string"
}| name required | string |
| name | string name used to reference the acme server |
| url | string url of the acme server |
| custom | boolean read only value indicate is this a custom server added by user |
{- "name": "string",
- "url": "string",
- "custom": true
}{- "result": "string"
}{- "methods": {
- "property1": {
- "credentials": {
- "property1": "string",
- "property2": "string"
}, - "additional": {
- "property1": "string",
- "property2": "string"
}
}, - "property2": {
- "credentials": {
- "property1": "string",
- "property2": "string"
}, - "additional": {
- "property1": "string",
- "property2": "string"
}
}
}
}object (ServicesActionParams) valid values: action = "start", "stop", "restart" |
{- "params": {
- "service": "string",
- "action": "string",
- "vpnid": "string",
- "mode": "string",
- "zone": "string"
}
}{- "result": "string"
}{- "interfaces": {
- "property1": {
- "monitoring": true,
- "macs": {
- "property1": {
- "mac": "string",
- "ip4_addresses": [
- {
- "address": "string",
- "time_ms": 0
}
], - "ip6_addresses": [
- {
- "address": "string",
- "time_ms": 0
}
]
}, - "property2": {
- "mac": "string",
- "ip4_addresses": [
- {
- "address": "string",
- "time_ms": 0
}
], - "ip6_addresses": [
- {
- "address": "string",
- "time_ms": 0
}
]
}
}
}, - "property2": {
- "monitoring": true,
- "macs": {
- "property1": {
- "mac": "string",
- "ip4_addresses": [
- {
- "address": "string",
- "time_ms": 0
}
], - "ip6_addresses": [
- {
- "address": "string",
- "time_ms": 0
}
]
}, - "property2": {
- "mac": "string",
- "ip4_addresses": [
- {
- "address": "string",
- "time_ms": 0
}
], - "ip6_addresses": [
- {
- "address": "string",
- "time_ms": 0
}
]
}
}
}
}, - "intf_names": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "monitoring": true,
- "macs": {
- "property1": {
- "mac": "string",
- "ip4_addresses": [
- {
- "address": "string",
- "time_ms": 0
}
], - "ip6_addresses": [
- {
- "address": "string",
- "time_ms": 0
}
]
}, - "property2": {
- "mac": "string",
- "ip4_addresses": [
- {
- "address": "string",
- "time_ms": 0
}
], - "ip6_addresses": [
- {
- "address": "string",
- "time_ms": 0
}
]
}
}
}| intf required | string |
| action | string start, stop, reset |
{- "action": "string"
}{- "result": "string"
}{- "config": [
- {
- "zone": "string",
- "interface": "string",
- "descr": "string",
- "users": 0
}
], - "interfaces": [
- {
- "name": "string",
- "if": "string",
- "assigned_name": "string",
- "device_name": "string",
- "identity": "string",
- "enable": true,
- "blockbogons": true,
- "pseudo": true,
- "blockpriv": true,
- "slaacusev4iface": true,
- "descr": "string",
- "type": "string",
- "type6": "string",
- "mtu": 0,
- "mss": 0,
- "pcp": 0,
- "promisc": true,
- "ipaddr": "string",
- "member": "string",
- "media": "string",
- "mac": "string",
- "mediaopt": "string",
- "spoofmac": "string",
- "tag": 0,
- "gateway": "string",
- "ipaddrv6": "string",
- "ipv6usev4iface": true,
- "gatewayv6": "string",
- "alias_address": "string",
- "dhcphostname": "string",
- "dhcprejectfrom": "string",
- "dhcprejectfromarray": [
- "string"
], - "dhcpvlanenable": true,
- "dhcp6usev4iface": true,
- "dhcp6prefixonly": true,
- "dhcp6_ia_pd_send_hint": true,
- "dhcp6debug": true,
- "dhcp6withoutra": true,
- "dhcp6norelease": true,
- "dhcpcvpt": "string",
- "dhcp6cvpt": "string",
- "prefix_6rd": "string",
- "gateway_6rd": "string",
- "dhcp6_ia_pd_len": "string",
- "prefix_6rd_v4plen": "string",
- "track6_interface": "string",
- "track6_prefix_id": "string",
- "adv_dhcp_config_advanced": true,
- "adv_dhcp_config_file_override": true,
- "adv_dhcp_pt_timeout": "string",
- "adv_dhcp_pt_retry": "string",
- "adv_dhcp_pt_select_timeout": "string",
- "adv_dhcp_pt_reboot": "string",
- "adv_dhcp_pt_backoff_cutoff": "string",
- "adv_dhcp_pt_initial_interval": "string",
- "adv_dhcp_pt_values": "string",
- "adv_dhcp_config_file_override_path": "string",
- "adv_dhcp_send_options": "string",
- "adv_dhcp_request_options": "string",
- "adv_dhcp_required_options": "string",
- "adv_dhcp_option_modifiers": "string",
- "adv_dhcp6_config_advanced": true,
- "adv_dhcp6_config_file_override": true,
- "adv_dhcp6_prefix_selected_interface": "string",
- "adv_dhcp6_config_file_override_path": "string",
- "adv_dhcp6_interface_statement_information_only_enable": true,
- "adv_dhcp6_interface_statement_send_options": "string",
- "adv_dhcp6_interface_statement_request_options": "string",
- "adv_dhcp6_interface_statement_script": "string",
- "adv_dhcp6_id_assoc_statement_address_enable": true,
- "adv_dhcp6_id_assoc_statement_address_id": "string",
- "adv_dhcp6_id_assoc_statement_address": "string",
- "adv_dhcp6_id_assoc_statement_address_pltime": "string",
- "adv_dhcp6_id_assoc_statement_address_vltime": "string",
- "adv_dhcp6_id_assoc_statement_prefix_enable": true,
- "adv_dhcp6_id_assoc_statement_prefix_id": "string",
- "adv_dhcp6_id_assoc_statement_prefix": "string",
- "adv_dhcp6_id_assoc_statement_prefix_pltime": "string",
- "adv_dhcp6_id_assoc_statement_prefix_vltime": "string",
- "adv_dhcp6_prefix_interface_statement_sla_id": "string",
- "adv_dhcp6_prefix_interface_statement_sla_len": "string",
- "adv_dhcp6_authentication_statement_authname": "string",
- "adv_dhcp6_authentication_statement_protocol": "string",
- "adv_dhcp6_authentication_statement_algorithm": "string",
- "adv_dhcp6_authentication_statement_rdm": "string",
- "adv_dhcp6_key_info_statement_keyname": "string",
- "adv_dhcp6_key_info_statement_realm": "string",
- "adv_dhcp6_key_info_statement_keyid": "string",
- "adv_dhcp6_key_info_statement_secret": "string",
- "adv_dhcp6_key_info_statement_expire": "string"
}
]
}| zone required | string |
| zoneid | string optional, 0-57535 |
| descr | string |
| localauth_priv | boolean |
| interface | string |
| maxproc | string |
| maxprocperip | string |
| timeout | string |
| idletimeout | string |
| trafficquota | string |
| freelogins_count | string |
| freelogins_resettimeout | string |
| freelogins_updatetimeouts | boolean |
| logoutwin_enable | boolean |
| enable | boolean |
| auth_method | string |
| auth_server | string |
| auth_server2 | string |
| radmac_secret | string |
| radmac_fallback | boolean |
| radiussession_timeout | boolean |
| radiustraffic_quota | boolean |
| radiusperuserbw | boolean |
| radacct_enable | boolean |
| radacct_server | string |
| reverseacct | boolean |
| includeidletime | boolean |
| reauthenticate | boolean |
| preservedb | boolean |
| reauthenticateacct | string |
| httpslogin | boolean |
| httpsname | string |
| preauthurl | string |
| blockedmacsurl | string |
| certref | string |
| nohttpsforwards | boolean |
| nomacfilter | boolean |
| redirurl | string |
| passthrumacadd | boolean |
| radmac_format | string |
| radiusnasid | string |
| customlogo | boolean |
| customlogo_image | string <byte> base64 encoded jpeg/gif/png/webp logo image |
| custombg | boolean |
| custombg_image | string <byte> base64 encoded jpeg/gif/png/webp background image |
| customhtml | boolean if enabled, the provided customhtml_* page(s) are used |
| customhtml_html | string custom portal HTML page |
| customhtml_err | string custom error page |
| customhtml_logout | string custom logout page |
| termsconditions | string |
| noconcurrentlogins | string |
| peruserbw | boolean |
| bwdefaultdn | string |
| bwdefaultup | string |
| enablebackwardsync | boolean |
| backwardsyncip | string |
| backwardsyncuser | string |
| backwardsyncpassword | string |
Array of objects (CaptivePassthruMac) | |
Array of objects (CaptiveAllowedIP) | |
Array of objects (CaptiveAllowedHost) | |
Array of objects (CaptiveElement) |
{- "zone": "string",
- "zoneid": "string",
- "descr": "string",
- "localauth_priv": true,
- "interface": "string",
- "maxproc": "string",
- "maxprocperip": "string",
- "timeout": "string",
- "idletimeout": "string",
- "trafficquota": "string",
- "freelogins_count": "string",
- "freelogins_resettimeout": "string",
- "freelogins_updatetimeouts": true,
- "logoutwin_enable": true,
- "enable": true,
- "auth_method": "string",
- "auth_server": "string",
- "auth_server2": "string",
- "radmac_secret": "string",
- "radmac_fallback": true,
- "radiussession_timeout": true,
- "radiustraffic_quota": true,
- "radiusperuserbw": true,
- "radacct_enable": true,
- "radacct_server": "string",
- "reverseacct": true,
- "includeidletime": true,
- "reauthenticate": true,
- "preservedb": true,
- "reauthenticateacct": "string",
- "httpslogin": true,
- "httpsname": "string",
- "preauthurl": "string",
- "blockedmacsurl": "string",
- "certref": "string",
- "nohttpsforwards": true,
- "nomacfilter": true,
- "redirurl": "string",
- "passthrumacadd": true,
- "radmac_format": "string",
- "radiusnasid": "string",
- "customlogo": true,
- "customlogo_image": "string",
- "custombg": true,
- "custombg_image": "string",
- "customhtml": true,
- "customhtml_html": "string",
- "customhtml_err": "string",
- "customhtml_logout": "string",
- "termsconditions": "string",
- "noconcurrentlogins": "string",
- "peruserbw": true,
- "bwdefaultdn": "string",
- "bwdefaultup": "string",
- "enablebackwardsync": true,
- "backwardsyncip": "string",
- "backwardsyncuser": "string",
- "backwardsyncpassword": "string",
- "passthrumac": [
- {
- "action": "string",
- "mac": "string",
- "bw_up": "string",
- "bw_down": "string",
- "descr": "string"
}
], - "allowedip": [
- {
- "ip": "string",
- "sn": "string",
- "descr": "string",
- "dir": "string",
- "bw_up": "string",
- "bw_down": "string"
}
], - "allowedhostname": [
- {
- "hostname": "string",
- "sn": "string",
- "descr": "string",
- "dir": "string",
- "bw_up": "string",
- "bw_down": "string"
}
], - "element": [
- {
- "name": "string",
- "size": "string",
- "nocontent": true
}
]
}{- "result": "string"
}| id required | string |
| all | boolean |
| session_id | string |
{- "all": true,
- "session_id": "string"
}{- "result": "string"
}{- "users": [
- {
- "ip_address": "string",
- "mac_address": "string",
- "mac_manufacturer": "string",
- "username": "string",
- "session_id": "string",
- "session_start_unix": 0,
- "session_duration_seconds": 0,
- "session_remaining_seconds": 0,
- "idle_time_seconds": 0,
- "bytes_sent": 0,
- "bytes_received": 0,
- "packets_sent": 0,
- "packets_received": 0,
- "last_activity": 0,
- "zone": "string"
}
]
}{- "config": {
- "zone": "string",
- "zoneid": "string",
- "descr": "string",
- "localauth_priv": true,
- "interface": "string",
- "maxproc": "string",
- "maxprocperip": "string",
- "timeout": "string",
- "idletimeout": "string",
- "trafficquota": "string",
- "freelogins_count": "string",
- "freelogins_resettimeout": "string",
- "freelogins_updatetimeouts": true,
- "logoutwin_enable": true,
- "enable": true,
- "auth_method": "string",
- "auth_server": "string",
- "auth_server2": "string",
- "radmac_secret": "string",
- "radmac_fallback": true,
- "radiussession_timeout": true,
- "radiustraffic_quota": true,
- "radiusperuserbw": true,
- "radacct_enable": true,
- "radacct_server": "string",
- "reverseacct": true,
- "includeidletime": true,
- "reauthenticate": true,
- "preservedb": true,
- "reauthenticateacct": "string",
- "httpslogin": true,
- "httpsname": "string",
- "preauthurl": "string",
- "blockedmacsurl": "string",
- "certref": "string",
- "nohttpsforwards": true,
- "nomacfilter": true,
- "redirurl": "string",
- "passthrumacadd": true,
- "radmac_format": "string",
- "radiusnasid": "string",
- "customlogo": true,
- "customlogo_image": "string",
- "custombg": true,
- "custombg_image": "string",
- "customhtml": true,
- "customhtml_html": "string",
- "customhtml_err": "string",
- "customhtml_logout": "string",
- "termsconditions": "string",
- "noconcurrentlogins": "string",
- "peruserbw": true,
- "bwdefaultdn": "string",
- "bwdefaultup": "string",
- "enablebackwardsync": true,
- "backwardsyncip": "string",
- "backwardsyncuser": "string",
- "backwardsyncpassword": "string",
- "passthrumac": [
- {
- "action": "string",
- "mac": "string",
- "bw_up": "string",
- "bw_down": "string",
- "descr": "string"
}
], - "allowedip": [
- {
- "ip": "string",
- "sn": "string",
- "descr": "string",
- "dir": "string",
- "bw_up": "string",
- "bw_down": "string"
}
], - "allowedhostname": [
- {
- "hostname": "string",
- "sn": "string",
- "descr": "string",
- "dir": "string",
- "bw_up": "string",
- "bw_down": "string"
}
], - "element": [
- {
- "name": "string",
- "size": "string",
- "nocontent": true
}
]
}, - "interfaces": [
- "string"
], - "certificates": [
- {
- "name": "string",
- "ident": "string"
}
], - "vouch": {
- "enable": true,
- "charset": "string",
- "rollbits": 0,
- "ticketbits": 0,
- "checksumbits": 0,
- "magic": 0,
- "exponent": 0,
- "publickey": "string",
- "privatekey": "string",
- "descrmsgnoaccess": "string",
- "descrmsgexpired": "string",
- "roll": [
- {
- "zone": "string",
- "number": 0,
- "minutes": 0,
- "descr": "string",
- "count": "string",
- "used": "string",
- "active": true,
- "lastsync": 0
}
]
}
}{- "enabled": true,
- "maintenancemode_enabled": true,
- "my_hostid": "string",
- "state_sync_hostids": [
- "string"
], - "vips": [
- {
- "interface": "string",
- "virtual_ip": "string",
- "virtual_aliases": [
- "string"
], - "mode": "string",
- "peer": "string",
- "description": "string",
- "status": "string"
}
]
}{- "enabled": true,
- "maintenancemode_enabled": true,
- "my_hostid": "string",
- "state_sync_hostids": [
- "string"
], - "vips": [
- {
- "interface": "string",
- "virtual_ip": "string",
- "virtual_aliases": [
- "string"
], - "mode": "string",
- "peer": "string",
- "description": "string",
- "status": "string"
}
]
}{- "enabled": true,
- "maintenancemode_enabled": true,
- "my_hostid": "string",
- "state_sync_hostids": [
- "string"
], - "vips": [
- {
- "interface": "string",
- "virtual_ip": "string",
- "virtual_aliases": [
- "string"
], - "mode": "string",
- "peer": "string",
- "description": "string",
- "status": "string"
}
]
}{- "enabled": true,
- "high_security": true,
- "listen_port": "string",
- "global_ruleset": {
- "allow_fallback": true,
- "prefix": "string",
- "defaults": [
- "string"
], - "block": [
- "string"
], - "forward": {
- "property1": {
- "address_ports": [
- "string"
]
}, - "property2": {
- "address_ports": [
- "string"
]
}
}, - "resolve": {
- "property1": {
- "addresses": [
- "string"
], - "domains": [
- "string"
]
}, - "property2": {
- "addresses": [
- "string"
], - "domains": [
- "string"
]
}
}
}, - "groups": {
- "property1": {
- "allow_fallback": true,
- "prefix": "string",
- "defaults": [
- "string"
], - "block": [
- "string"
], - "forward": {
- "property1": {
- "address_ports": [
- "string"
]
}, - "property2": {
- "address_ports": [
- "string"
]
}
}, - "resolve": {
- "property1": {
- "addresses": [
- "string"
], - "domains": [
- "string"
]
}, - "property2": {
- "addresses": [
- "string"
], - "domains": [
- "string"
]
}
}
}, - "property2": {
- "allow_fallback": true,
- "prefix": "string",
- "defaults": [
- "string"
], - "block": [
- "string"
], - "forward": {
- "property1": {
- "address_ports": [
- "string"
]
}, - "property2": {
- "address_ports": [
- "string"
]
}
}, - "resolve": {
- "property1": {
- "addresses": [
- "string"
], - "domains": [
- "string"
]
}, - "property2": {
- "addresses": [
- "string"
], - "domains": [
- "string"
]
}
}
}
}
}{- "enabled": true,
- "high_security": true,
- "listen_port": "string",
- "global_ruleset": {
- "allow_fallback": true,
- "prefix": "string",
- "defaults": [
- "string"
], - "block": [
- "string"
], - "forward": {
- "property1": {
- "address_ports": [
- "string"
]
}, - "property2": {
- "address_ports": [
- "string"
]
}
}, - "resolve": {
- "property1": {
- "addresses": [
- "string"
], - "domains": [
- "string"
]
}, - "property2": {
- "addresses": [
- "string"
], - "domains": [
- "string"
]
}
}
}, - "groups": {
- "property1": {
- "allow_fallback": true,
- "prefix": "string",
- "defaults": [
- "string"
], - "block": [
- "string"
], - "forward": {
- "property1": {
- "address_ports": [
- "string"
]
}, - "property2": {
- "address_ports": [
- "string"
]
}
}, - "resolve": {
- "property1": {
- "addresses": [
- "string"
], - "domains": [
- "string"
]
}, - "property2": {
- "addresses": [
- "string"
], - "domains": [
- "string"
]
}
}
}, - "property2": {
- "allow_fallback": true,
- "prefix": "string",
- "defaults": [
- "string"
], - "block": [
- "string"
], - "forward": {
- "property1": {
- "address_ports": [
- "string"
]
}, - "property2": {
- "address_ports": [
- "string"
]
}
}, - "resolve": {
- "property1": {
- "addresses": [
- "string"
], - "domains": [
- "string"
]
}, - "property2": {
- "addresses": [
- "string"
], - "domains": [
- "string"
]
}
}
}
}
}Fetch the list of available OUI prefixes as a gzip compressed CSV dataset, where:
If the OUI dataset is not available from the OS, then a short default list is returned
{- "errcode": 0,
- "errlevel": "string",
- "errmsg": "string",
- "alerts": {
- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}
}{- "enable": true,
- "interfaces": [
- "string"
], - "carp_status_vip": "string",
- "append_circuit_agent_ids": true,
- "upstream_servers": [
- "string"
], - "carp_status_vip_entries": [
- {
- "value": "string",
- "text": "string"
}
], - "interfaces_entries": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "enable": true,
- "interfaces": [
- "string"
], - "carp_status_vip": "string",
- "append_circuit_agent_ids": true,
- "upstream_servers": [
- "string"
], - "carp_status_vip_entries": [
- {
- "value": "string",
- "text": "string"
}
], - "interfaces_entries": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "service": {
- "backend": "string",
- "radvd_debug": true,
- "dhcp6_debug": true,
- "address_release": true,
- "ignore_isc_warn": true,
- "ipv6_duid_type": "0",
- "ipv6_duid_raw": "string",
- "ipv6_duid_llt_time": "string",
- "ipv6_duid_llt_ll": "string",
- "ipv6_duid_en_en": "string",
- "ipv6_duid_en_id": "string",
- "ipv6_duid_ll": "string",
- "ipv6_duid_uuid": "string"
}, - "dhcpd": {
- "high_availability": {
- "enable": true,
- "role": "string",
- "local_name": "string",
- "local_address": "string",
- "remote_name": "string",
- "remote_address": "string",
- "advance_options": {
- "heartbeat_delay": 0,
- "max_response_delay": 0,
- "max_ack_delay": 0,
- "max_unacked_clients": 0,
- "max_rejected_updates": 0
}, - "enable_tls": true,
- "tls_server_cert_refid": "string",
- "enable_mutual_tls": true,
- "mutual_client_cert_refid": "string",
- "available_tls_server_certs": [
- "string"
], - "available_mutual_client_certs": [
- "string"
]
}, - "dns_reg": true,
- "early_dns_reg": true,
- "loglevel": "string",
- "loglevel_leases": "string",
- "interfaces": {
- "property1": {
- "if_ident": "string",
- "if_assigned_name": "string",
- "enabled": true,
- "deny_unknown_clients": "string",
- "ignore_client_identifiers": true,
- "dns_reg": "string",
- "early_dns_reg": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "additional_pools": [
- {
- "id": "string",
- "deny_unknown_clients": "string",
- "description": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string"
}
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "default_lease_time": 0,
- "maximum_lease_time": 0,
- "staticarp": true,
- "failover_peerip": "string",
- "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "static_mappings": [
- {
- "id": "string",
- "mac_address": "string",
- "client_identifier": "string",
- "ip_address": "string",
- "arp_table_static_entry": true,
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "filename": "string",
- "rootpath": "string",
- "custom_kea_config": "string"
}
], - "static_mappings_v6": [
- {
- "id": "string",
- "backend": "string",
- "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "custom_kea_config": "string"
}
], - "pdprefix": "string",
- "pddellen": 0,
- "custom_kea_config": "string",
- "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string",
- "backend": "string"
}, - "property2": {
- "if_ident": "string",
- "if_assigned_name": "string",
- "enabled": true,
- "deny_unknown_clients": "string",
- "ignore_client_identifiers": true,
- "dns_reg": "string",
- "early_dns_reg": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "additional_pools": [
- {
- "id": "string",
- "deny_unknown_clients": "string",
- "description": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string"
}
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "default_lease_time": 0,
- "maximum_lease_time": 0,
- "staticarp": true,
- "failover_peerip": "string",
- "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "static_mappings": [
- {
- "id": "string",
- "mac_address": "string",
- "client_identifier": "string",
- "ip_address": "string",
- "arp_table_static_entry": true,
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "filename": "string",
- "rootpath": "string",
- "custom_kea_config": "string"
}
], - "static_mappings_v6": [
- {
- "id": "string",
- "backend": "string",
- "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "custom_kea_config": "string"
}
], - "pdprefix": "string",
- "pddellen": 0,
- "custom_kea_config": "string",
- "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string",
- "backend": "string"
}
}, - "custom_kea_config": "string"
}, - "dhcpdv6": {
- "high_availability": {
- "enable": true,
- "role": "string",
- "local_name": "string",
- "local_address": "string",
- "remote_name": "string",
- "remote_address": "string",
- "advance_options": {
- "heartbeat_delay": 0,
- "max_response_delay": 0,
- "max_ack_delay": 0,
- "max_unacked_clients": 0,
- "max_rejected_updates": 0
}, - "enable_tls": true,
- "tls_server_cert_refid": "string",
- "enable_mutual_tls": true,
- "mutual_client_cert_refid": "string",
- "available_tls_server_certs": [
- "string"
], - "available_mutual_client_certs": [
- "string"
]
}, - "dns_reg": true,
- "early_dns_reg": true,
- "loglevel": "string",
- "loglevel_leases": "string",
- "interfaces": {
- "property1": {
- "if_ident": "string",
- "if_assigned_name": "string",
- "enabled": true,
- "deny_unknown_clients": "string",
- "ignore_client_identifiers": true,
- "dns_reg": "string",
- "early_dns_reg": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "additional_pools": [
- {
- "id": "string",
- "deny_unknown_clients": "string",
- "description": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string"
}
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "default_lease_time": 0,
- "maximum_lease_time": 0,
- "staticarp": true,
- "failover_peerip": "string",
- "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "static_mappings": [
- {
- "id": "string",
- "mac_address": "string",
- "client_identifier": "string",
- "ip_address": "string",
- "arp_table_static_entry": true,
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "filename": "string",
- "rootpath": "string",
- "custom_kea_config": "string"
}
], - "static_mappings_v6": [
- {
- "id": "string",
- "backend": "string",
- "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "custom_kea_config": "string"
}
], - "pdprefix": "string",
- "pddellen": 0,
- "custom_kea_config": "string",
- "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string",
- "backend": "string"
}, - "property2": {
- "if_ident": "string",
- "if_assigned_name": "string",
- "enabled": true,
- "deny_unknown_clients": "string",
- "ignore_client_identifiers": true,
- "dns_reg": "string",
- "early_dns_reg": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "additional_pools": [
- {
- "id": "string",
- "deny_unknown_clients": "string",
- "description": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string"
}
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "default_lease_time": 0,
- "maximum_lease_time": 0,
- "staticarp": true,
- "failover_peerip": "string",
- "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "static_mappings": [
- {
- "id": "string",
- "mac_address": "string",
- "client_identifier": "string",
- "ip_address": "string",
- "arp_table_static_entry": true,
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "filename": "string",
- "rootpath": "string",
- "custom_kea_config": "string"
}
], - "static_mappings_v6": [
- {
- "id": "string",
- "backend": "string",
- "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "custom_kea_config": "string"
}
], - "pdprefix": "string",
- "pddellen": 0,
- "custom_kea_config": "string",
- "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string",
- "backend": "string"
}
}, - "custom_kea_config": "string"
}
}object (DhcpGlobalSettings) | |
object (DhcpServiceConfig) Per IP version DHCP service setting | |
object (DhcpServiceConfig) Per IP version DHCP service setting |
{- "service": {
- "backend": "string",
- "radvd_debug": true,
- "dhcp6_debug": true,
- "address_release": true,
- "ignore_isc_warn": true,
- "ipv6_duid_type": "0",
- "ipv6_duid_raw": "string",
- "ipv6_duid_llt_time": "string",
- "ipv6_duid_llt_ll": "string",
- "ipv6_duid_en_en": "string",
- "ipv6_duid_en_id": "string",
- "ipv6_duid_ll": "string",
- "ipv6_duid_uuid": "string"
}, - "dhcpd": {
- "high_availability": {
- "enable": true,
- "role": "string",
- "local_name": "string",
- "local_address": "string",
- "remote_name": "string",
- "remote_address": "string",
- "advance_options": {
- "heartbeat_delay": 0,
- "max_response_delay": 0,
- "max_ack_delay": 0,
- "max_unacked_clients": 0,
- "max_rejected_updates": 0
}, - "enable_tls": true,
- "tls_server_cert_refid": "string",
- "enable_mutual_tls": true,
- "mutual_client_cert_refid": "string",
- "available_tls_server_certs": [
- "string"
], - "available_mutual_client_certs": [
- "string"
]
}, - "dns_reg": true,
- "early_dns_reg": true,
- "loglevel": "string",
- "loglevel_leases": "string",
- "interfaces": {
- "property1": {
- "if_ident": "string",
- "if_assigned_name": "string",
- "enabled": true,
- "deny_unknown_clients": "string",
- "ignore_client_identifiers": true,
- "dns_reg": "string",
- "early_dns_reg": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "additional_pools": [
- {
- "id": "string",
- "deny_unknown_clients": "string",
- "description": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string"
}
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "default_lease_time": 0,
- "maximum_lease_time": 0,
- "staticarp": true,
- "failover_peerip": "string",
- "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "static_mappings": [
- {
- "id": "string",
- "mac_address": "string",
- "client_identifier": "string",
- "ip_address": "string",
- "arp_table_static_entry": true,
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "filename": "string",
- "rootpath": "string",
- "custom_kea_config": "string"
}
], - "static_mappings_v6": [
- {
- "id": "string",
- "backend": "string",
- "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "custom_kea_config": "string"
}
], - "pdprefix": "string",
- "pddellen": 0,
- "custom_kea_config": "string",
- "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string",
- "backend": "string"
}, - "property2": {
- "if_ident": "string",
- "if_assigned_name": "string",
- "enabled": true,
- "deny_unknown_clients": "string",
- "ignore_client_identifiers": true,
- "dns_reg": "string",
- "early_dns_reg": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "additional_pools": [
- {
- "id": "string",
- "deny_unknown_clients": "string",
- "description": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string"
}
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "default_lease_time": 0,
- "maximum_lease_time": 0,
- "staticarp": true,
- "failover_peerip": "string",
- "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "static_mappings": [
- {
- "id": "string",
- "mac_address": "string",
- "client_identifier": "string",
- "ip_address": "string",
- "arp_table_static_entry": true,
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "filename": "string",
- "rootpath": "string",
- "custom_kea_config": "string"
}
], - "static_mappings_v6": [
- {
- "id": "string",
- "backend": "string",
- "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "custom_kea_config": "string"
}
], - "pdprefix": "string",
- "pddellen": 0,
- "custom_kea_config": "string",
- "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string",
- "backend": "string"
}
}, - "custom_kea_config": "string"
}, - "dhcpdv6": {
- "high_availability": {
- "enable": true,
- "role": "string",
- "local_name": "string",
- "local_address": "string",
- "remote_name": "string",
- "remote_address": "string",
- "advance_options": {
- "heartbeat_delay": 0,
- "max_response_delay": 0,
- "max_ack_delay": 0,
- "max_unacked_clients": 0,
- "max_rejected_updates": 0
}, - "enable_tls": true,
- "tls_server_cert_refid": "string",
- "enable_mutual_tls": true,
- "mutual_client_cert_refid": "string",
- "available_tls_server_certs": [
- "string"
], - "available_mutual_client_certs": [
- "string"
]
}, - "dns_reg": true,
- "early_dns_reg": true,
- "loglevel": "string",
- "loglevel_leases": "string",
- "interfaces": {
- "property1": {
- "if_ident": "string",
- "if_assigned_name": "string",
- "enabled": true,
- "deny_unknown_clients": "string",
- "ignore_client_identifiers": true,
- "dns_reg": "string",
- "early_dns_reg": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "additional_pools": [
- {
- "id": "string",
- "deny_unknown_clients": "string",
- "description": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string"
}
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "default_lease_time": 0,
- "maximum_lease_time": 0,
- "staticarp": true,
- "failover_peerip": "string",
- "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "static_mappings": [
- {
- "id": "string",
- "mac_address": "string",
- "client_identifier": "string",
- "ip_address": "string",
- "arp_table_static_entry": true,
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "filename": "string",
- "rootpath": "string",
- "custom_kea_config": "string"
}
], - "static_mappings_v6": [
- {
- "id": "string",
- "backend": "string",
- "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "custom_kea_config": "string"
}
], - "pdprefix": "string",
- "pddellen": 0,
- "custom_kea_config": "string",
- "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string",
- "backend": "string"
}, - "property2": {
- "if_ident": "string",
- "if_assigned_name": "string",
- "enabled": true,
- "deny_unknown_clients": "string",
- "ignore_client_identifiers": true,
- "dns_reg": "string",
- "early_dns_reg": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "additional_pools": [
- {
- "id": "string",
- "deny_unknown_clients": "string",
- "description": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string"
}
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "default_lease_time": 0,
- "maximum_lease_time": 0,
- "staticarp": true,
- "failover_peerip": "string",
- "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "static_mappings": [
- {
- "id": "string",
- "mac_address": "string",
- "client_identifier": "string",
- "ip_address": "string",
- "arp_table_static_entry": true,
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "filename": "string",
- "rootpath": "string",
- "custom_kea_config": "string"
}
], - "static_mappings_v6": [
- {
- "id": "string",
- "backend": "string",
- "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "custom_kea_config": "string"
}
], - "pdprefix": "string",
- "pddellen": 0,
- "custom_kea_config": "string",
- "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string",
- "backend": "string"
}
}, - "custom_kea_config": "string"
}
}{- "result": "string"
}| iface required | string |
| version required | string |
{- "entries": [
- {
- "id": "string",
- "deny_unknown_clients": "string",
- "description": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string"
}
]
}| iface required | string |
| version required | string |
| id | string readonly (index) |
| deny_unknown_clients | string disabled | enabled | class |
| description | string |
| address_pool_range_from | string |
| address_pool_range_to | string |
| wins_servers | Array of strings |
| dns_servers | Array of strings |
| gateway | string |
| domain_name | string |
| domain_search_list | Array of strings |
| mac_allow | Array of strings |
| mac_deny | Array of strings |
| ntp_servers | Array of strings |
| tftp_server | string |
| ldap_server_uri | string |
object (DhcpNetworkBooting) | |
| subnet | string |
| subnet_range_from | string |
| subnet_range_to | string |
{- "id": "string",
- "deny_unknown_clients": "string",
- "description": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string"
}{- "id": "string",
- "deny_unknown_clients": "string",
- "description": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string"
}| iface required | string |
| id required | string |
| version required | string |
| id | string readonly (index) |
| deny_unknown_clients | string disabled | enabled | class |
| description | string |
| address_pool_range_from | string |
| address_pool_range_to | string |
| wins_servers | Array of strings |
| dns_servers | Array of strings |
| gateway | string |
| domain_name | string |
| domain_search_list | Array of strings |
| mac_allow | Array of strings |
| mac_deny | Array of strings |
| ntp_servers | Array of strings |
| tftp_server | string |
| ldap_server_uri | string |
object (DhcpNetworkBooting) | |
| subnet | string |
| subnet_range_from | string |
| subnet_range_to | string |
{- "id": "string",
- "deny_unknown_clients": "string",
- "description": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string"
}{- "result": "string"
}| iface required | string |
| version required | string |
{- "if_ident": "string",
- "if_assigned_name": "string",
- "enabled": true,
- "deny_unknown_clients": "string",
- "ignore_client_identifiers": true,
- "dns_reg": "string",
- "early_dns_reg": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "additional_pools": [
- {
- "id": "string",
- "deny_unknown_clients": "string",
- "description": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string"
}
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "default_lease_time": 0,
- "maximum_lease_time": 0,
- "staticarp": true,
- "failover_peerip": "string",
- "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "static_mappings": [
- {
- "id": "string",
- "mac_address": "string",
- "client_identifier": "string",
- "ip_address": "string",
- "arp_table_static_entry": true,
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "filename": "string",
- "rootpath": "string",
- "custom_kea_config": "string"
}
], - "static_mappings_v6": [
- {
- "id": "string",
- "backend": "string",
- "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "custom_kea_config": "string"
}
], - "pdprefix": "string",
- "pddellen": 0,
- "custom_kea_config": "string",
- "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string",
- "backend": "string"
}| iface required | string |
| version required | string |
| if_ident | string |
| if_assigned_name | string |
| enabled | boolean |
| deny_unknown_clients | string |
| ignore_client_identifiers | boolean |
| dns_reg | string |
| early_dns_reg | string |
| address_pool_range_from | string |
| address_pool_range_to | string |
| wins_servers | Array of strings |
| dns_servers | Array of strings |
Array of objects (DhcpAddressPool) | |
| gateway | string |
| domain_name | string |
| domain_search_list | Array of strings |
| default_lease_time | integer set as 0 to use default value (7200 seconds) |
| maximum_lease_time | integer set as 0 to use default value (86400 seconds) |
| staticarp | boolean |
| failover_peerip | string |
| mac_allow | Array of strings |
| mac_deny | Array of strings |
| ntp_servers | Array of strings |
| tftp_server | string |
| ldap_server_uri | string |
object (DhcpNetworkBooting) | |
Array of objects (DhcpStaticMapping) | |
Array of objects (Dhcpv6StaticMapping) | |
| pdprefix | string IPv6 PD prefix (ipv6/mask CIDR) |
| pddellen | integer IPv6 PD delegated length |
| custom_kea_config | string JSON custom Kea config for interface |
| subnet | string |
| subnet_range_from | string |
| subnet_range_to | string |
| backend | string |
{- "if_ident": "string",
- "if_assigned_name": "string",
- "enabled": true,
- "deny_unknown_clients": "string",
- "ignore_client_identifiers": true,
- "dns_reg": "string",
- "early_dns_reg": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "additional_pools": [
- {
- "id": "string",
- "deny_unknown_clients": "string",
- "description": "string",
- "address_pool_range_from": "string",
- "address_pool_range_to": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string"
}
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "default_lease_time": 0,
- "maximum_lease_time": 0,
- "staticarp": true,
- "failover_peerip": "string",
- "mac_allow": [
- "string"
], - "mac_deny": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "static_mappings": [
- {
- "id": "string",
- "mac_address": "string",
- "client_identifier": "string",
- "ip_address": "string",
- "arp_table_static_entry": true,
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "filename": "string",
- "rootpath": "string",
- "custom_kea_config": "string"
}
], - "static_mappings_v6": [
- {
- "id": "string",
- "backend": "string",
- "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "custom_kea_config": "string"
}
], - "pdprefix": "string",
- "pddellen": 0,
- "custom_kea_config": "string",
- "subnet": "string",
- "subnet_range_from": "string",
- "subnet_range_to": "string",
- "backend": "string"
}{- "result": "string"
}| iface required | string |
| version required | string |
{- "entries": [
- {
- "id": "string",
- "mac_address": "string",
- "client_identifier": "string",
- "ip_address": "string",
- "arp_table_static_entry": true,
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "filename": "string",
- "rootpath": "string",
- "custom_kea_config": "string"
}
], - "entriesv6": [
- {
- "id": "string",
- "backend": "string",
- "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "custom_kea_config": "string"
}
]
}| iface required | string |
| version required | string |
| id | string |
| mac_address | string |
| client_identifier | string |
| ip_address | string |
| arp_table_static_entry | boolean |
| hostname | string |
| description | string |
| early_dns_reg | string |
| wins_servers | Array of strings |
| dns_servers | Array of strings |
| gateway | string |
| domain_name | string |
| domain_search_list | Array of strings |
| ntp_servers | Array of strings |
| tftp_server | string |
| ldap_server_uri | string |
object (DhcpNetworkBooting) | |
| duid | string |
| ipv6_address | string |
| delegated_prefix | string |
| filename | string |
| rootpath | string |
| custom_kea_config | string JSON custom Kea config for static mapping |
{- "id": "string",
- "mac_address": "string",
- "client_identifier": "string",
- "ip_address": "string",
- "arp_table_static_entry": true,
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "filename": "string",
- "rootpath": "string",
- "custom_kea_config": "string"
}{- "id": "string",
- "mac_address": "string",
- "client_identifier": "string",
- "ip_address": "string",
- "arp_table_static_entry": true,
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "filename": "string",
- "rootpath": "string",
- "custom_kea_config": "string"
}| iface required | string |
| id required | string |
| version required | string |
| id | string |
| mac_address | string |
| client_identifier | string |
| ip_address | string |
| arp_table_static_entry | boolean |
| hostname | string |
| description | string |
| early_dns_reg | string |
| wins_servers | Array of strings |
| dns_servers | Array of strings |
| gateway | string |
| domain_name | string |
| domain_search_list | Array of strings |
| ntp_servers | Array of strings |
| tftp_server | string |
| ldap_server_uri | string |
object (DhcpNetworkBooting) | |
| duid | string |
| ipv6_address | string |
| delegated_prefix | string |
| filename | string |
| rootpath | string |
| custom_kea_config | string JSON custom Kea config for static mapping |
{- "id": "string",
- "mac_address": "string",
- "client_identifier": "string",
- "ip_address": "string",
- "arp_table_static_entry": true,
- "hostname": "string",
- "description": "string",
- "early_dns_reg": "string",
- "wins_servers": [
- "string"
], - "dns_servers": [
- "string"
], - "gateway": "string",
- "domain_name": "string",
- "domain_search_list": [
- "string"
], - "ntp_servers": [
- "string"
], - "tftp_server": "string",
- "ldap_server_uri": "string",
- "network_booting": {
- "enable": true,
- "next_server": "string",
- "default_bios_name": "string",
- "uefi_32_filename": "string",
- "uefi_64_filename": "string",
- "arm_32_filename": "string",
- "arm_64_filename": "string",
- "uefi_http_boot_url": "string",
- "root_path": "string",
- "bootfile_url": "string"
}, - "duid": "string",
- "ipv6_address": "string",
- "delegated_prefix": "string",
- "filename": "string",
- "rootpath": "string",
- "custom_kea_config": "string"
}{- "result": "string"
}{- "v4leases": [
- {
- "type": "string",
- "host": "string",
- "lifetime": 0,
- "ip": "string",
- "mac": "string",
- "cltt": "string",
- "cid": "string",
- "state": "string",
- "start": "string",
- "end": "string",
- "iaid": "string",
- "duid": "string",
- "online_status": "string",
- "descr": "string",
- "assigned_intf": "string",
- "routed_to": "string",
- "dnsreg": true
}
], - "v6leases": [
- {
- "type": "string",
- "host": "string",
- "lifetime": 0,
- "ip": "string",
- "mac": "string",
- "cltt": "string",
- "cid": "string",
- "state": "string",
- "start": "string",
- "end": "string",
- "iaid": "string",
- "duid": "string",
- "online_status": "string",
- "descr": "string",
- "assigned_intf": "string",
- "routed_to": "string",
- "dnsreg": true
}
], - "prefixes": [
- {
- "type": "string",
- "host": "string",
- "lifetime": 0,
- "ip": "string",
- "mac": "string",
- "cltt": "string",
- "cid": "string",
- "state": "string",
- "start": "string",
- "end": "string",
- "iaid": "string",
- "duid": "string",
- "online_status": "string",
- "descr": "string",
- "assigned_intf": "string",
- "routed_to": "string",
- "dnsreg": true
}
], - "interfaces": [
- {
- "name": "string",
- "start": "string",
- "end": "string",
- "num": 0,
- "capacity": 0
}
], - "interfacesv6": [
- {
- "name": "string",
- "start": "string",
- "end": "string",
- "num": 0,
- "capacity": 0
}
], - "v4_ha_status": [
- {
- "server_name": "string",
- "where": "string",
- "role": "string",
- "last_heartbeat_sec": 0,
- "state": "string"
}
], - "v6_ha_status": [
- {
- "server_name": "string",
- "where": "string",
- "role": "string",
- "last_heartbeat_sec": 0,
- "state": "string"
}
]
}{- "config": {
- "enable": true,
- "regdhcp": true,
- "regdhcpstatic": true,
- "dhcpfirst": true,
- "strict_order": true,
- "domain_needed": true,
- "no_private_reverse": true,
- "no_system_dns": true,
- "port": "string",
- "interface": "string",
- "strictbind": true,
- "custom_options": "string",
- "hosts": [
- {
- "host": "string",
- "domain": "string",
- "ip": "string",
- "descr": "string",
- "aliases": [
- {
- "host": "string",
- "domain": "string",
- "description": "string"
}
]
}
], - "domainoverrides": [
- {
- "domain": "string",
- "ip": "string",
- "descr": "string",
- "source_ip": "string",
- "idx": 0
}
]
}, - "interfaces": {
- "property1": "string",
- "property2": "string"
}
}object (DNSForwarderConfig) |
{- "config": {
- "enable": true,
- "regdhcp": true,
- "regdhcpstatic": true,
- "dhcpfirst": true,
- "strict_order": true,
- "domain_needed": true,
- "no_private_reverse": true,
- "no_system_dns": true,
- "port": "string",
- "interface": "string",
- "strictbind": true,
- "custom_options": "string",
- "hosts": [
- {
- "host": "string",
- "domain": "string",
- "ip": "string",
- "descr": "string",
- "aliases": [
- {
- "host": "string",
- "domain": "string",
- "description": "string"
}
]
}
], - "domainoverrides": [
- {
- "domain": "string",
- "ip": "string",
- "descr": "string",
- "source_ip": "string",
- "idx": 0
}
]
}
}{- "result": "string"
}{- "config": {
- "enable": true,
- "dnssec": true,
- "active_interface": [
- "string"
], - "outgoing_interface": [
- "string"
], - "custom_options": "string",
- "hideidentity": true,
- "hideversion": true,
- "dnssecstripped": true,
- "drop_old_udp_pkts": 0,
- "keep_probing": true,
- "qname_minimisation": true,
- "qname_minimisation_strict": true,
- "prefetch": true,
- "prefetchkey": true,
- "dnsrecordcache": true,
- "aggressivensec": true,
- "msgcachesize": "string",
- "outgoing_num_tcp": "string",
- "incoming_num_tcp": "string",
- "edns_buffer_size": "string",
- "num_queries_per_thread": "string",
- "jostle_timeout": "string",
- "cache_max_ttl": "string",
- "cache_min_ttl": "string",
- "infra_host_ttl": "string",
- "infra_cache_numhosts": "string",
- "unwanted_reply_threshold": "string",
- "log_verbosity": "string",
- "disable_auto_added_access_control": true,
- "disable_auto_added_host_entries": true,
- "use_caps": true,
- "dns64": true,
- "dns64prefix": "string",
- "dns64netbits": "string",
- "allow_dns64_for_localhost": true,
- "port": 0,
- "sslport": 0,
- "sslcertref": "string",
- "system_domain_local_zone_type": "string",
- "regdhcp": true,
- "enablessl": true,
- "python": true,
- "python_order": "string",
- "python_script": "string",
- "forwarding": true,
- "forward_tls_upstream": true,
- "regdhcpstatic": true,
- "regovpnclients": true,
- "hosts": [
- {
- "host": "string",
- "domain": "string",
- "ip": "string",
- "descr": "string",
- "aliases": [
- {
- "host": "string",
- "domain": "string",
- "description": "string"
}
]
}
], - "domainoverrides": [
- {
- "domain": "string",
- "ip": "string",
- "descr": "string",
- "forward_tls_upstream": true,
- "tls_hostname": "string",
- "idx": 0
}
], - "acls": [
- {
- "aclid": "string",
- "aclname": "string",
- "aclaction": "string",
- "description": "string",
- "row": [
- {
- "acl_network": "string",
- "mask": "string",
- "description": "string"
}
]
}
], - "strictout": true
}, - "interfaces": {
- "property1": "string",
- "property2": "string"
}, - "certs": [
- {
- "name": "string",
- "ident": "string"
}
], - "scripts": [
- "string"
]
}object (DNSResolverConfig) |
{- "config": {
- "enable": true,
- "dnssec": true,
- "active_interface": [
- "string"
], - "outgoing_interface": [
- "string"
], - "custom_options": "string",
- "hideidentity": true,
- "hideversion": true,
- "dnssecstripped": true,
- "drop_old_udp_pkts": 0,
- "keep_probing": true,
- "qname_minimisation": true,
- "qname_minimisation_strict": true,
- "prefetch": true,
- "prefetchkey": true,
- "dnsrecordcache": true,
- "aggressivensec": true,
- "msgcachesize": "string",
- "outgoing_num_tcp": "string",
- "incoming_num_tcp": "string",
- "edns_buffer_size": "string",
- "num_queries_per_thread": "string",
- "jostle_timeout": "string",
- "cache_max_ttl": "string",
- "cache_min_ttl": "string",
- "infra_host_ttl": "string",
- "infra_cache_numhosts": "string",
- "unwanted_reply_threshold": "string",
- "log_verbosity": "string",
- "disable_auto_added_access_control": true,
- "disable_auto_added_host_entries": true,
- "use_caps": true,
- "dns64": true,
- "dns64prefix": "string",
- "dns64netbits": "string",
- "allow_dns64_for_localhost": true,
- "port": 0,
- "sslport": 0,
- "sslcertref": "string",
- "system_domain_local_zone_type": "string",
- "regdhcp": true,
- "enablessl": true,
- "python": true,
- "python_order": "string",
- "python_script": "string",
- "forwarding": true,
- "forward_tls_upstream": true,
- "regdhcpstatic": true,
- "regovpnclients": true,
- "hosts": [
- {
- "host": "string",
- "domain": "string",
- "ip": "string",
- "descr": "string",
- "aliases": [
- {
- "host": "string",
- "domain": "string",
- "description": "string"
}
]
}
], - "domainoverrides": [
- {
- "domain": "string",
- "ip": "string",
- "descr": "string",
- "forward_tls_upstream": true,
- "tls_hostname": "string",
- "idx": 0
}
], - "acls": [
- {
- "aclid": "string",
- "aclname": "string",
- "aclaction": "string",
- "description": "string",
- "row": [
- {
- "acl_network": "string",
- "mask": "string",
- "description": "string"
}
]
}
], - "strictout": true
}
}{- "result": "string"
}{- "speed": [
- {
- "server": "string",
- "zone": "string",
- "ttl": 0,
- "expired": true,
- "ping": 0,
- "var": 0,
- "rtt": 0,
- "rto": 0,
- "timeout_a": 0,
- "timeout_aaaa": 0,
- "timeout_other": 0
}
], - "stats": [
- {
- "server": "string",
- "zone": "string",
- "expired": true,
- "edns_lame_known": 0,
- "edns_version": 0,
- "probe_delay": 0,
- "lame_dnssec": 0,
- "lame_rec": 0,
- "lame_a": 0,
- "lame_other": 0
}
]
}{- "dyndnses": [
- {
- "enable": true,
- "type": "string",
- "username": "string",
- "password": "string",
- "host": "string",
- "domainname": "string",
- "mx": "string",
- "wildcard": true,
- "verboselog": true,
- "curl_ipresolve_v4": true,
- "curl_ssl_verifypeer": true,
- "curl_proxy": true,
- "maxcacheage": "string",
- "interface": "string",
- "zoneid": "string",
- "ttl": "string",
- "updateurl": "string",
- "resultmatch": "string",
- "requestif": "string",
- "proxied": true,
- "descr": "string",
- "id": "string",
- "check_ip_mode": "string",
- "status": "string",
- "ip": "string"
}
]
}| enable required | boolean |
| type required | string |
| username | string |
| password | string base64 encoded |
| host | string |
| domainname | string |
| mx | string |
| wildcard | boolean |
| verboselog | boolean |
| curl_ipresolve_v4 | boolean |
| curl_ssl_verifypeer | boolean |
| curl_proxy | boolean |
| maxcacheage | string |
| interface | string |
| zoneid | string |
| ttl | string |
| updateurl | string |
| resultmatch | string |
| requestif | string |
| proxied | boolean |
| descr | string |
| id | string |
| check_ip_mode | string auto (default), always, never |
| status | string failed or updated |
| ip | string cached IP/IPv6 |
{- "enable": true,
- "type": "string",
- "username": "string",
- "password": "string",
- "host": "string",
- "domainname": "string",
- "mx": "string",
- "wildcard": true,
- "verboselog": true,
- "curl_ipresolve_v4": true,
- "curl_ssl_verifypeer": true,
- "curl_proxy": true,
- "maxcacheage": "string",
- "interface": "string",
- "zoneid": "string",
- "ttl": "string",
- "updateurl": "string",
- "resultmatch": "string",
- "requestif": "string",
- "proxied": true,
- "descr": "string",
- "id": "string",
- "check_ip_mode": "string",
- "status": "string",
- "ip": "string"
}{- "result": "string"
}| enable required | boolean |
| name | string |
| url | string |
| username | string |
| password | string |
| verifysslpeer | boolean |
| curl_proxy | boolean |
| descr | string |
{- "enable": true,
- "name": "string",
- "url": "string",
- "username": "string",
- "password": "string",
- "verifysslpeer": true,
- "curl_proxy": true,
- "descr": "string"
}{- "result": "string"
}| id required | string |
| enable required | boolean |
| name | string |
| url | string |
| username | string |
| password | string |
| verifysslpeer | boolean |
| curl_proxy | boolean |
| descr | string |
{- "enable": true,
- "name": "string",
- "url": "string",
- "username": "string",
- "password": "string",
- "verifysslpeer": true,
- "curl_proxy": true,
- "descr": "string"
}{- "result": "string"
}{- "dnsupdate": [
- {
- "enable": true,
- "host": "string",
- "zone": "string",
- "ttl": "string",
- "keyname": "string",
- "keyalgorithm": "string",
- "keydata": "string",
- "server": "string",
- "usetcp": true,
- "usepublicip": true,
- "recordtype": "string",
- "interface": "string",
- "updatesource": "string",
- "updatesourcefamily": "string",
- "descr": "string",
- "status": "string",
- "ip": "string"
}
]
}| enable required | boolean |
| host | string |
| zone | string |
| ttl | string |
| keyname | string |
| keyalgorithm | string |
| keydata | string |
| server | string |
| usetcp | boolean |
| usepublicip | boolean |
| recordtype | string |
| interface | string |
| updatesource | string |
| updatesourcefamily | string |
| descr | string |
| status | string failed or updated |
| ip | string cached IP/IPv6 |
{- "enable": true,
- "host": "string",
- "zone": "string",
- "ttl": "string",
- "keyname": "string",
- "keyalgorithm": "string",
- "keydata": "string",
- "server": "string",
- "usetcp": true,
- "usepublicip": true,
- "recordtype": "string",
- "interface": "string",
- "updatesource": "string",
- "updatesourcefamily": "string",
- "descr": "string",
- "status": "string",
- "ip": "string"
}{- "result": "string"
}| id required | string |
| enable required | boolean |
| host | string |
| zone | string |
| ttl | string |
| keyname | string |
| keyalgorithm | string |
| keydata | string |
| server | string |
| usetcp | boolean |
| usepublicip | boolean |
| recordtype | string |
| interface | string |
| updatesource | string |
| updatesourcefamily | string |
| descr | string |
| status | string failed or updated |
| ip | string cached IP/IPv6 |
{- "enable": true,
- "host": "string",
- "zone": "string",
- "ttl": "string",
- "keyname": "string",
- "keyalgorithm": "string",
- "keydata": "string",
- "server": "string",
- "usetcp": true,
- "usepublicip": true,
- "recordtype": "string",
- "interface": "string",
- "updatesource": "string",
- "updatesourcefamily": "string",
- "descr": "string",
- "status": "string",
- "ip": "string"
}{- "result": "string"
}| ifname required | string |
| threshold | integer |
| descr | string |
| type | string |
| address required | Array of strings |
| id | string record ID, read-only |
{- "ifname": "string",
- "threshold": 0,
- "descr": "string",
- "type": "string",
- "address": [
- "string"
], - "id": "string"
}{- "result": "string"
}| id required | string |
| ifname required | string |
| threshold | integer |
| descr | string |
| type | string |
| address required | Array of strings |
| id | string record ID, read-only |
{- "ifname": "string",
- "threshold": 0,
- "descr": "string",
- "type": "string",
- "address": [
- "string"
], - "id": "string"
}{- "result": "string"
}{- "enable": true,
- "carp_vip_intf": "string",
- "include_interfaces": [
- "string"
], - "exclude_interfaces": [
- "string"
], - "disable_ipv4": true,
- "disable_ipv6": true,
- "reflection": true,
- "publish": {
- "enable": true,
- "addresses": true,
- "hostinfo": true,
- "workstation": true,
- "domain": true,
- "custom_hostname": "string",
- "custom_domain": "string",
- "aaaa_over_ipv4": true,
- "a_over_ipv6": true
}, - "avail_interfaces": [
- {
- "value": "string",
- "text": "string"
}
], - "carp_vips": [
- {
- "value": "string",
- "text": "string"
}
]
}| enable | boolean enable mDNS service |
| carp_vip_intf | string name of CARP VIP interface for detecting current HA status. Service will be stopped when the chosen VIP is in Backup. |
| include_interfaces | Array of strings |
| exclude_interfaces | Array of strings |
| disable_ipv4 | boolean disable IPv4 servicing |
| disable_ipv6 | boolean disable IPv6 servicing |
| reflection | boolean reflect packets across different subnets |
object (MDNSPublishing) | |
Array of objects (TextValue) | |
Array of objects (TextValue) |
{- "enable": true,
- "carp_vip_intf": "string",
- "include_interfaces": [
- "string"
], - "exclude_interfaces": [
- "string"
], - "disable_ipv4": true,
- "disable_ipv6": true,
- "reflection": true,
- "publish": {
- "enable": true,
- "addresses": true,
- "hostinfo": true,
- "workstation": true,
- "domain": true,
- "custom_hostname": "string",
- "custom_domain": "string",
- "aaaa_over_ipv4": true,
- "a_over_ipv6": true
}, - "avail_interfaces": [
- {
- "value": "string",
- "text": "string"
}
], - "carp_vips": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "enable": true,
- "carp_vip_intf": "string",
- "include_interfaces": [
- "string"
], - "exclude_interfaces": [
- "string"
], - "disable_ipv4": true,
- "disable_ipv6": true,
- "reflection": true,
- "publish": {
- "enable": true,
- "addresses": true,
- "hostinfo": true,
- "workstation": true,
- "domain": true,
- "custom_hostname": "string",
- "custom_domain": "string",
- "aaaa_over_ipv4": true,
- "a_over_ipv6": true
}, - "avail_interfaces": [
- {
- "value": "string",
- "text": "string"
}
], - "carp_vips": [
- {
- "value": "string",
- "text": "string"
}
]
}{- "enabled": true,
- "instance": "string",
- "service": "string",
- "domain": "string",
- "hostname": "string",
- "port": 0,
- "ips": [
- "string"
], - "txt": [
- "string"
], - "records": [
- {
- "name": "string",
- "class": "string",
- "type": "string",
- "value": "string"
}
]
}{- "settings": {
- "enable": true,
- "interfaces": [
- "string"
], - "servers": [
- {
- "addr": "string",
- "type": "string",
- "prefer": true,
- "no_select": true
}
], - "ntpmaxpeers": "string",
- "orphan": "string",
- "ntpminpoll": "string",
- "ntpmaxpoll": "string",
- "statsgraph": true,
- "logpeer": true,
- "logsys": true,
- "log_stats": {
- "clock_statistics": true,
- "discipline_statistics": true,
- "peer_statistics": true
}, - "leapsec": "string",
- "dnsresolv": "string",
- "serverauth": true,
- "serverauthkey": "string",
- "serverauthkeyid": "string",
- "serverauthalgo": "string"
}, - "acls": {
- "default_restrictions": {
- "kod": true,
- "nomodify": true,
- "noquery": true,
- "noserve": true,
- "nopeer": true,
- "notrap": true
}, - "custom_restrictions": [
- {
- "network": "string",
- "mask": 0,
- "restrictions": {
- "kod": true,
- "nomodify": true,
- "noquery": true,
- "noserve": true,
- "nopeer": true,
- "notrap": true
}
}
]
}, - "serial_gps": {
- "type": "string",
- "port": "string",
- "speed": "string",
- "autobaudinit": true,
- "nmea": 0,
- "fudge1": 0.1,
- "fudge2": 0.1,
- "stratum": 0,
- "gpsminpoll": "string",
- "gpsmaxpoll": "string",
- "ntp_gps_flags": {
- "prefer_this_clock": true,
- "do_not_select_this_clock": true,
- "enable_pps_signal_processing": true,
- "enable_falling_edge_pps_signal_processing": true,
- "enable_kernel_pps_clock_disciple": true,
- "obscure_location_in_timestamp": true,
- "log_subsecond_received_timestamp": true,
- "display_extended_gps_status": true
}, - "refid": "string",
- "initcmd": "string",
- "autocorrect_initcmd": true,
- "processpgrmf": true,
- "default_initcmds": {
- "property1": "string",
- "property2": "string"
}
}, - "pps": {
- "port": "string",
- "fudge1": 0.1,
- "stratum": 0,
- "ppsminpoll": "string",
- "ppsmaxpoll": "string",
- "pps_flags": {
- "enable_falling_edge_pps_signal_processing": true,
- "enable_kernel_pps_clock_disciple": true,
- "record_a_timestamp_once_for_each_second": true
}, - "refid": "string"
}, - "avail_serial_ports": [
- "string"
]
}object (NtpSettings) | |
object (NtpAcls) | |
object (NtpSerialGps) | |
object (NtpPps) | |
| avail_serial_ports | Array of strings |
{- "settings": {
- "enable": true,
- "interfaces": [
- "string"
], - "servers": [
- {
- "addr": "string",
- "type": "string",
- "prefer": true,
- "no_select": true
}
], - "ntpmaxpeers": "string",
- "orphan": "string",
- "ntpminpoll": "string",
- "ntpmaxpoll": "string",
- "statsgraph": true,
- "logpeer": true,
- "logsys": true,
- "log_stats": {
- "clock_statistics": true,
- "discipline_statistics": true,
- "peer_statistics": true
}, - "leapsec": "string",
- "dnsresolv": "string",
- "serverauth": true,
- "serverauthkey": "string",
- "serverauthkeyid": "string",
- "serverauthalgo": "string"
}, - "acls": {
- "default_restrictions": {
- "kod": true,
- "nomodify": true,
- "noquery": true,
- "noserve": true,
- "nopeer": true,
- "notrap": true
}, - "custom_restrictions": [
- {
- "network": "string",
- "mask": 0,
- "restrictions": {
- "kod": true,
- "nomodify": true,
- "noquery": true,
- "noserve": true,
- "nopeer": true,
- "notrap": true
}
}
]
}, - "serial_gps": {
- "type": "string",
- "port": "string",
- "speed": "string",
- "autobaudinit": true,
- "nmea": 0,
- "fudge1": 0.1,
- "fudge2": 0.1,
- "stratum": 0,
- "gpsminpoll": "string",
- "gpsmaxpoll": "string",
- "ntp_gps_flags": {
- "prefer_this_clock": true,
- "do_not_select_this_clock": true,
- "enable_pps_signal_processing": true,
- "enable_falling_edge_pps_signal_processing": true,
- "enable_kernel_pps_clock_disciple": true,
- "obscure_location_in_timestamp": true,
- "log_subsecond_received_timestamp": true,
- "display_extended_gps_status": true
}, - "refid": "string",
- "initcmd": "string",
- "autocorrect_initcmd": true,
- "processpgrmf": true,
- "default_initcmds": {
- "property1": "string",
- "property2": "string"
}
}, - "pps": {
- "port": "string",
- "fudge1": 0.1,
- "stratum": 0,
- "ppsminpoll": "string",
- "ppsmaxpoll": "string",
- "pps_flags": {
- "enable_falling_edge_pps_signal_processing": true,
- "enable_kernel_pps_clock_disciple": true,
- "record_a_timestamp_once_for_each_second": true
}, - "refid": "string"
}, - "avail_serial_ports": [
- "string"
]
}{- "result": "string"
}{- "enabled": true,
- "query_enabled": true,
- "servers": [
- {
- "status": "string",
- "server": "string",
- "refid": "string",
- "stratum": "string",
- "type": "string",
- "when": "string",
- "poll": "string",
- "reach": "string",
- "delay": "string",
- "offset": "string",
- "jitter": "string",
- "assid": "string",
- "status_word": "string",
- "auth": "string"
}
]
}{- "pppoe": [
- {
- "remoteip": "string",
- "localip": "string",
- "mode": "string",
- "interface": "string",
- "n_pppoe_units": "string",
- "n_pppoe_maxlogin": "string",
- "pppoe_subnet": "string",
- "descr": "string",
- "radius": {
- "nasip": "string",
- "acct_update": "string",
- "server": {
- "ip": "string",
- "secret": "string",
- "port": "string",
- "acctport": "string",
- "enable": true
}, - "server2": {
- "ip": "string",
- "secret": "string",
- "port": "string",
- "acctport": "string",
- "enable": true
}, - "accounting": true,
- "radiusissueips": true
}, - "dns1": "string",
- "dns2": "string",
- "pppoeid": "string",
- "username": "string"
}
], - "interfaces": [
- "string"
]
}Array of objects (PPPoEServer) |
{- "pppoe": [
- {
- "remoteip": "string",
- "localip": "string",
- "mode": "string",
- "interface": "string",
- "n_pppoe_units": "string",
- "n_pppoe_maxlogin": "string",
- "pppoe_subnet": "string",
- "descr": "string",
- "radius": {
- "nasip": "string",
- "acct_update": "string",
- "server": {
- "ip": "string",
- "secret": "string",
- "port": "string",
- "acctport": "string",
- "enable": true
}, - "server2": {
- "ip": "string",
- "secret": "string",
- "port": "string",
- "acctport": "string",
- "enable": true
}, - "accounting": true,
- "radiusissueips": true
}, - "dns1": "string",
- "dns2": "string",
- "pppoeid": "string",
- "username": "string"
}
]
}{- "result": "string"
}{- "intf_radvs": [
- {
- "assigned_interface": "string",
- "mode": "disabled",
- "priority": "string",
- "lifetime_secs": 0,
- "pref_lifetime_secs": 0,
- "min_ra_interval": 0,
- "max_ra_interval": 0,
- "router_lifetime": 0,
- "nat64_enable": true,
- "nat64_prefix": "string",
- "nat64_prefix_life": 0,
- "ra_subnets": [
- "string"
], - "enable_dns": true,
- "mirror_dhcp6": true,
- "dns_servers": [
- "string"
], - "dns_searchlist": [
- "string"
]
}
]
}| intf required | string |
| assigned_interface required | string assigned name of network interface |
| mode required | string Enum: "disabled" "router" "unmanaged" "managed" "assist" "stateless_dhcp" disabled, router, unmanaged, managed, assist, stateless_dhcp |
| priority | string low, normal, high |
| lifetime_secs | integer length of time in seconds, default is 86400 |
| pref_lifetime_secs | integer length of time from SLAAC addresses remain preferred, default 14400 |
| min_ra_interval | integer minimum time allowed between sending unsolicited multicast RA in seconds, default 200 |
| max_ra_interval | integer maximum time allowed between sending unsolicited multicast RA in seconds, default 600 |
| router_lifetime | integer lifetime associated wi th default router in seconds, default 3x max RA |
| nat64_enable | boolean advertise a NAT64 prefix |
| nat64_prefix | string NAT 64 prefix to enable PREF64 support |
| nat64_prefix_life | integer length of time in seconds that the prefix is valid for NAT64, default is 3x RA |
| ra_subnets | Array of strings |
| enable_dns | boolean provide DNS configuration via RA service |
| mirror_dhcp6 | boolean copy DNS configuration from primary DHCPv6 options |
| dns_servers | Array of strings |
| dns_searchlist | Array of strings |
{- "assigned_interface": "string",
- "mode": "disabled",
- "priority": "string",
- "lifetime_secs": 0,
- "pref_lifetime_secs": 0,
- "min_ra_interval": 0,
- "max_ra_interval": 0,
- "router_lifetime": 0,
- "nat64_enable": true,
- "nat64_prefix": "string",
- "nat64_prefix_life": 0,
- "ra_subnets": [
- "string"
], - "enable_dns": true,
- "mirror_dhcp6": true,
- "dns_servers": [
- "string"
], - "dns_searchlist": [
- "string"
]
}{- "result": "string"
}{- "config": {
- "syslocation": "string",
- "syscontact": "string",
- "rocommunity": "string",
- "modules": {
- "mibii": true,
- "netgraph": true,
- "pf": true,
- "hostres": true,
- "ucd": true,
- "regex": true
}, - "enable": true,
- "pollport": "string",
- "trapenable": true,
- "trapserver": "string",
- "trapserverport": "string",
- "trapstring": "string",
- "bindip": "string",
- "ipprotocol": "string"
}, - "interfaces": [
- {
- "text": "string",
- "value": "string"
}
]
}{- "config": {
- "syslocation": "string",
- "syscontact": "string",
- "rocommunity": "string",
- "modules": {
- "mibii": true,
- "netgraph": true,
- "pf": true,
- "hostres": true,
- "ucd": true,
- "regex": true
}, - "enable": true,
- "pollport": "string",
- "trapenable": true,
- "trapserver": "string",
- "trapserverport": "string",
- "trapstring": "string",
- "bindip": "string",
- "ipprotocol": "string"
}
}{- "result": "string"
}{- "installed": true,
- "version": "string",
- "intf_configs": [
- {
- "id": "string",
- "log_id": 0,
- "enable": true,
- "status": "string",
- "descr": "string",
- "interfaces": [
- "string"
], - "inline_ips": true,
- "home_networks": [
- "string"
], - "external_networks": [
- "string"
], - "overrides": {
- "dns_servers": [
- "string"
], - "ftp_servers": [
- "string"
], - "http_servers": [
- "string"
], - "sip_servers": [
- "string"
], - "smtp_servers": [
- "string"
], - "imap_servers": [
- "string"
], - "sql_servers": [
- "string"
], - "ssh_servers": [
- "string"
], - "telnet_servers": [
- "string"
]
}, - "use_syslog": true,
- "use_alert_unified2": true,
- "block_on_alert": true,
- "kill_states": true,
- "block_addr_opt": "src",
- "detection_method": "ac_bnfa",
- "split_any_any": true,
- "search_optimize": true,
- "stream_inserts": true,
- "csum_disabled": true,
- "pass_list_name": "string",
- "suppress_list_name": "string",
- "custom_head_include": "string",
- "custom_tail_include": "string",
- "bindings": [
- {
- "when": {
- "ips_policy_id": 0,
- "vlans": [
- "string"
], - "nets": [
- "string"
], - "src_nets": [
- "string"
], - "dst_nets": [
- "string"
], - "proto": "string",
- "ports": [
- "string"
], - "src_ports": [
- "string"
], - "dst_ports": [
- "string"
], - "intfs": "string",
- "src_intfs": "string",
- "dst_intfs": "string",
- "groups": "string",
- "src_groups": "string",
- "dst_groups": "string",
- "addr_spaces": "string",
- "tenants": "string",
- "role": "string",
- "service": "string"
}, - "use": {
- "action": "string",
- "file": "string",
- "inspection_policy": "string",
- "ips_policy": "string",
- "service": "string",
- "type": "string",
- "name": "string"
}
}
], - "inspectors": {
- "enabled": [
- "string"
], - "appid": {
- "memcap": 0,
- "log_stats": true,
- "app_stats_period": 0,
- "app_stats_rollover_size": 0,
- "app_detector_dir": "string",
- "list_odp_detectors": true,
- "tp_appid_path": "string",
- "tp_appid_config": "string",
- "tp_appid_stats_enable": true,
- "tp_appid_config_dump": true,
- "log_all_sessions": true,
- "enable_rna_filter": true,
- "rna_conf_path": "string"
}, - "appid_listener": {
- "json_logging": true,
- "file": "string"
}, - "arp_spoof": {
- "hosts": [
- {
- "ip": "string",
- "mac": "string"
}
]
}, - "cip": {
- "embedded_cip_path": "string",
- "unconnected_timeout": 0,
- "max_cip_connections": 0,
- "max_unconnected_messages": 0
}, - "data_log": {
- "key": "string",
- "limit": 0
}, - "dce_smb": {
- "limit_alerts": true,
- "disable_defrag": true,
- "max_frag_len": 0,
- "reassemble_threshold": 0,
- "smb_fingerprint_policy": "string",
- "policy": "string",
- "smb_max_chain": 0,
- "smb_max_compound": 0,
- "valid_smb_versions": [
- "string"
], - "smb_file_depth": 0,
- "smb_invalid_shares": "string",
- "smb_legacy_mode": true,
- "smb_max_credit": 0,
- "memcap": 0
}, - "dce_tcp": {
- "limit_alerts": true,
- "disable_defrag": true,
- "max_frag_len": 0,
- "reassemble_threshold": 0,
- "policy": "string"
}, - "dce_udp": {
- "limit_alerts": true,
- "disable_defrag": true,
- "max_frag_len": 0
}, - "dnp3": {
- "check_crc": true
}, - "dns": {
- "publish_response": true
}, - "domain_filter": {
- "file": "string",
- "hosts": "string"
}, - "dpx": {
- "port": 0,
- "max": 0
}, - "extractor": {
- "formatting": "string",
- "connector": "string",
- "time": "string",
- "default_filter": "string",
- "protocols": [
- {
- "service": "string",
- "tenant_id": 0,
- "on_events": "string",
- "fields": "string"
}
]
}, - "file_id": {
- "type_depth": 0,
- "signature_depth": 0,
- "block_timeout": 0,
- "lookup_timeout": 0,
- "block_timeout_lookup": true,
- "capture_memcap": 0,
- "capture_max_size": 0,
- "capture_min_size": 0,
- "capture_block_size": 0,
- "max_files_cached": 0,
- "max_files_per_flow": 0,
- "show_data_depth": 0,
- "rules_file": "string",
- "trace_type": true,
- "trace_signature": true,
- "trace_stream": true,
- "decompress_buffer_size": 0
}, - "file_log": {
- "log_pkt_time": true,
- "log_sys_time": true
}, - "ftp_client": {
- "bounce": true,
- "bounce_to": [
- {
- "address": "string",
- "port": 0,
- "last_port": 0
}
], - "ignore_telnet_erase_cmds": true,
- "max_resp_len": 0,
- "telnet_cmds": true
}, - "ftp_server": {
- "chk_str_fmt": "string",
- "data_chan_cmds": "string",
- "data_rest_cmds": "string",
- "data_xfer_cmds": "string",
- "directory_cmds": [
- {
- "dir_cmd": "string",
- "rsp_code": 0
}
], - "file_put_cmds": "string",
- "file_get_cmds": "string",
- "encr_cmds": "string",
- "login_cmds": "string",
- "check_encrypted": true,
- "cmd_validity": [
- {
- "command": "string",
- "format": "string",
- "length": 0
}
], - "def_max_param_len": 0,
- "encrypted_traffic": true,
- "ftp_cmds": "string",
- "ignore_data_chan": true,
- "ignore_telnet_erase_cmds": true,
- "print_cmds": true,
- "telnet_cmds": true
}, - "gtp_inspect": {
- "version": 0,
- "messages": [
- {
- "type": 0,
- "name": "string"
}
], - "infos": [
- {
- "type": 0,
- "name": "string",
- "length": 0
}
]
}, - "http2_inspect": {
- "concurrent_streams_limit": 0,
- "settings_max_frame_size": 0
}, - "http_inspect": {
- "request_depth": 0,
- "response_depth": 0,
- "unzip": true,
- "maximum_host_length": 0,
- "maximum_chunk_length": 0,
- "maximum_header_length": 0,
- "maximum_headers": 0,
- "maximum_pipelined_requests": 0,
- "normalize_utf": true,
- "decompress_pdf": true,
- "decompress_swf": true,
- "decompress_zip": true,
- "decompress_vba": true,
- "max_mime_attach": 0,
- "script_detection": true,
- "normalize_javascript": true,
- "max_javascript_whitespaces": 0,
- "bad_characters": [
- "string"
], - "ignore_unreserved": "string",
- "percent_u": true,
- "utf8": true,
- "utf8_bare_byte": true,
- "iis_unicode": true,
- "iis_unicode_map_file": "string",
- "iis_unicode_code_page": 0,
- "iis_double_decode": true,
- "oversize_dir_length": 0,
- "backslash_to_slash": true,
- "plus_to_space": true,
- "simplify_path": true,
- "xff_headers": "string",
- "request_body_app_detection": true,
- "allowed_methods": "string",
- "disallowed_methods": "string"
}, - "imap": {
- "b64_decode_depth": 0,
- "bitenc_decode_depth": 0,
- "decompress_pdf": true,
- "decompress_swf": true,
- "decompress_zip": true,
- "decompress_vba": true,
- "qp_decode_depth": 0,
- "uu_decode_depth": 0
}, - "netflow": {
- "dump_file": "string",
- "update_timeout": 0,
- "rules": [
- {
- "device_ip": "string",
- "exclude": true,
- "zones": "string",
- "networks": "string",
- "create_host": true,
- "create_service": true
}
], - "flow_memcap": 0,
- "template_memcap": 0,
- "netflow_service_id_path": "string"
}, - "normalizer": {
- "ip4": {
- "base": true,
- "df": true,
- "rf": true,
- "tos": true,
- "trim": true
}, - "tcp": {
- "base": true,
- "block": true,
- "urp": true,
- "ips": true,
- "ecn": "string",
- "pad": true,
- "trim_syn": true,
- "trim_rst": true,
- "trim_win": true,
- "trim_mss": true,
- "opts": true,
- "req_urg": true,
- "req_pay": true,
- "rsv": true,
- "req_urp": true,
- "allow_names": [
- "string"
], - "allow_codes": "string"
}, - "ip6": true,
- "icmp4": true,
- "icmp6": true
}, - "packet_capture": {
- "enable": true,
- "filter": "string",
- "group": 0,
- "tenants": "string",
- "check_inner_pkt": true,
- "capture_path": "string",
- "max_packet_count": 0
}, - "perf_monitor": {
- "base": true,
- "cpu": true,
- "flow": true,
- "flow_ip": true,
- "flow_ip_all": true,
- "packets": 0,
- "seconds": 0,
- "flow_ip_memcap": 0,
- "max_file_size": 0,
- "flow_ports": 0,
- "output": "string",
- "modules": [
- {
- "name": "string",
- "pegs": "string"
}
], - "format": "string",
- "summary": true
}, - "pop": {
- "b64_decode_depth": 0,
- "bitenc_decode_depth": 0,
- "decompress_pdf": true,
- "decompress_swf": true,
- "decompress_zip": true,
- "decompress_vba": true,
- "qp_decode_depth": 0,
- "uu_decode_depth": 0
}, - "port_scan": {
- "memcap": 0,
- "protos": [
- "string"
], - "scan_types": [
- "string"
], - "watch_ip": "string",
- "ignore_scanners": "string",
- "ignore_scanned": "string",
- "alert_all": true,
- "include_midstream": true,
- "tcp_ports": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "tcp_decoy": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "tcp_sweep": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "tcp_dist": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "udp_ports": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "udp_decoy": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "udp_sweep": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "udp_dist": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "ip_proto": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "ip_decoy": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "ip_sweep": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "ip_dist": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "icmp_sweep": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "tcp_window": 0,
- "udp_window": 0,
- "ip_window": 0,
- "icmp_window": 0
}, - "rna": {
- "rna_conf_path": "string",
- "enable_logger": true,
- "log_when_idle": true,
- "dump_file": "string",
- "tcp_fingerprints": [
- {
- "fpid": 0,
- "type": 0,
- "uuid": "string",
- "ttl": 0,
- "tcp_window": "string",
- "mss": "string",
- "id": "string",
- "topts": "string",
- "ws": "string",
- "df": true,
- "ua_type": "string",
- "user_agent": [
- {
- "substring": "string"
}
], - "host_name": "string",
- "device": "string",
- "dhcp55": "string",
- "dhcp60": "string",
- "major": 0,
- "minor": 0,
- "flags": 0
}
], - "ua_fingerprints": [
- {
- "fpid": 0,
- "type": 0,
- "uuid": "string",
- "ttl": 0,
- "tcp_window": "string",
- "mss": "string",
- "id": "string",
- "topts": "string",
- "ws": "string",
- "df": true,
- "ua_type": "string",
- "user_agent": [
- {
- "substring": "string"
}
], - "host_name": "string",
- "device": "string",
- "dhcp55": "string",
- "dhcp60": "string",
- "major": 0,
- "minor": 0,
- "flags": 0
}
], - "udp_fingerprints": [
- {
- "fpid": 0,
- "type": 0,
- "uuid": "string",
- "ttl": 0,
- "tcp_window": "string",
- "mss": "string",
- "id": "string",
- "topts": "string",
- "ws": "string",
- "df": true,
- "ua_type": "string",
- "user_agent": [
- {
- "substring": "string"
}
], - "host_name": "string",
- "device": "string",
- "dhcp55": "string",
- "dhcp60": "string",
- "major": 0,
- "minor": 0,
- "flags": 0
}
], - "smb_fingerprints": [
- {
- "fpid": 0,
- "type": 0,
- "uuid": "string",
- "ttl": 0,
- "tcp_window": "string",
- "mss": "string",
- "id": "string",
- "topts": "string",
- "ws": "string",
- "df": true,
- "ua_type": "string",
- "user_agent": [
- {
- "substring": "string"
}
], - "host_name": "string",
- "device": "string",
- "dhcp55": "string",
- "dhcp60": "string",
- "major": 0,
- "minor": 0,
- "flags": 0
}
]
}, - "sip": {
- "ignore_call_channel": true,
- "max_call_id_len": 0,
- "max_contact_len": 0,
- "max_content_len": 0,
- "max_dialogs": 0,
- "max_from_len": 0,
- "max_request_name_len": 0,
- "max_to_len": 0,
- "max_uri_len": 0,
- "max_via_len": 0,
- "methods": "string",
- "sip_timeout": 0,
- "sip_media_timeout": 0,
- "sip_invite_timeout": 0,
- "sip_disconnect_timeout": 0
}, - "smtp": {
- "alt_max_command_line_len": [
- {
- "command": "string",
- "length": 0
}
], - "auth_cmds": "string",
- "b64_decode_depth": 0,
- "binary_data_cmds": "string",
- "bitenc_decode_depth": 0,
- "data_cmds": "string",
- "decompress_pdf": true,
- "decompress_swf": true,
- "decompress_zip": true,
- "decompress_vba": true,
- "email_hdrs_log_depth": 0,
- "ignore_data": true,
- "ignore_tls_data": true,
- "invalid_cmds": "string",
- "log_email_hdrs": true,
- "log_filename": true,
- "log_mailfrom": true,
- "log_rcptto": true,
- "max_auth_command_line_len": 0,
- "max_command_line_len": 0,
- "max_header_line_len": 0,
- "max_response_line_len": 0,
- "normalize": "string",
- "normalize_cmds": "string",
- "qp_decode_depth": 0,
- "uu_decode_depth": 0,
- "valid_cmds": "string",
- "xlink2state": "string"
}, - "snort_ml": {
- "uri_depth": 0,
- "client_body_depth": 0,
- "http_param_threshold": 0.1
}, - "snort_ml_engine": {
- "http_param_model": "string"
}, - "ssh": {
- "max_encrypted_packets": 0,
- "max_client_bytes": 0,
- "max_server_version_len": 0
}, - "ssl": {
- "trust_servers": true,
- "max_heartbeat_length": 0
}, - "stream": {
- "held_packet_timeout": 0,
- "ip_frags_only": true,
- "max_flows": 0,
- "prune_flows": 0,
- "pruning_timeout": 0,
- "require_3whs": 0,
- "allowlist_cache": {
- "enable": true,
- "move_on_excess": true
}, - "drop_stale_packets": true,
- "ip_cache": {
- "idle_timeout": 0
}, - "icmp_cache": {
- "idle_timeout": 0
}, - "tcp_cache": {
- "idle_timeout": 0
}, - "udp_cache": {
- "idle_timeout": 0
}, - "user_cache": {
- "idle_timeout": 0
}, - "file_cache": {
- "idle_timeout": 0
}
}, - "stream_file": {
- "upload": true
}, - "stream_icmp": {
- "session_timeout": 0
}, - "stream_ip": {
- "max_frags": 0,
- "max_overlaps": 0,
- "min_frag_length": 0,
- "min_ttl": 0,
- "policy": "string",
- "session_timeout": 0
}, - "stream_tcp": {
- "flush_factor": 0,
- "max_window": 0,
- "overlap_limit": 0,
- "max_pdu": 0,
- "no_ack": true,
- "policy": "string",
- "reassemble_async": true,
- "show_rebuilt_packets": true,
- "queue_limit": {
- "max_bytes": 0,
- "max_segments": 0,
- "asymmetric_ids_flush_threshold": 0
}, - "small_segments": {
- "count": 0,
- "maximum_size": 0
}, - "session_timeout": 0,
- "track_only": true,
- "embryonic_timeout": 0,
- "idle_timeout": 0
}, - "stream_udp": {
- "session_timeout": 0
}, - "stream_user": {
- "session_timeout": 0
}, - "telnet": {
- "ayt_attack_thresh": 0,
- "check_encrypted": true,
- "encrypted_traffic": true,
- "normalize": true
}, - "tlv_pdu": {
- "offset": 0,
- "size": 0,
- "skip": 0,
- "relative": true
}, - "wizard": {
- "hexes": [
- {
- "service": "string",
- "proto": "string",
- "to_server": [
- {
- "hex": "string"
}
], - "to_client": [
- {
- "hex": "string"
}
]
}
], - "spells": [
- {
- "service": "string",
- "proto": "string",
- "to_server": [
- {
- "spell": "string"
}
], - "to_client": [
- {
- "spell": "string"
}
]
}
], - "curses": [
- "string"
], - "max_search_depth": 0
}
}, - "reputation": {
- "enable": true,
- "max_mem_mb": 0,
- "scan_local": true,
- "nested_ip": "string",
- "priority_allowlist": true,
- "allowlist_trust": true,
- "blocklist_names": [
- "string"
], - "allowlist_names": [
- "string"
]
}, - "rule_sets": {
- "rulesets": [
- {
- "name": "string",
- "policy": "string",
- "cat": [
- "string"
]
}
], - "overrides": [
- {
- "gid": "string",
- "sid": "string",
- "enable": true,
- "suppress": true,
- "reset_entry": true
}
]
}, - "raw_config": "string",
- "config_path": "string",
- "custom_raw_config": "string"
}
], - "download_svc": [
- {
- "name": "string",
- "descr": "string",
- "url": "string",
- "checksum_url": "string",
- "sig_hash": "string",
- "sig_date": "string",
- "sig_date_ts": 0,
- "last_update_ts": 0,
- "last_update_result": "string",
- "id": "string",
- "skip_cert_check": true,
- "tls_fingerprint": "string",
- "state": "string",
- "progress": {
- "completed": true,
- "start_ts": 0,
- "end_ts": 0,
- "errors": "string",
- "messages": "string",
- "percent": 0.1,
- "state": "string"
}
}
], - "rule_update_settings": {
- "enable": true,
- "interval": "string",
- "day": "string",
- "time": "string"
}, - "pass_lists": [
- {
- "name": "string",
- "descr": "string",
- "local_networks": true,
- "wan_gateways": true,
- "wan_dns_servers": true,
- "virtual_ips": true,
- "vpn_addrs": true,
- "aliases": [
- "string"
], - "addresses": [
- "string"
], - "new_name": "string"
}
], - "suppress_lists": [
- {
- "name": "string",
- "descr": "string"
}
]
}Set the list of addresses with the file contents specified. If the file already exists, it will be overwritten.
The request can be a SnortAddressList object, or a file upload where the filename is used for the address list.
Multiple address lists may be uploaded at the same time using multiple addresslist parts.
object (SnortAddressList) | |
| addresslist | string <binary> |
{- "result": "string"
}Retrieve the list of download services and the progress of downloads for each.
{- "downloads": [
- {
- "name": "string",
- "descr": "string",
- "url": "string",
- "checksum_url": "string",
- "sig_hash": "string",
- "sig_date": "string",
- "sig_date_ts": 0,
- "last_update_ts": 0,
- "last_update_result": "string",
- "id": "string",
- "skip_cert_check": true,
- "tls_fingerprint": "string",
- "state": "string",
- "progress": {
- "completed": true,
- "start_ts": 0,
- "end_ts": 0,
- "errors": "string",
- "messages": "string",
- "percent": 0.1,
- "state": "string"
}
}
]
}Add a new download service or update an existing one. The id of the request is checked and if it is the same as a previous one, the this indicates a configuration overwrite (update). Otherwise if the name collides with an existing entry (an id is not provided), then an error is returned.
| name | string name of service or publisher |
| descr | string user provided description |
| url | string address of service to download Snort rules from |
| checksum_url | string address of the file containing the checkums of the rule archive, usually suffixed as .md5sum or sha256sum |
| sig_hash | string (readonly) checksum of the rules |
| sig_date | string (readonly) date of when the signature hash was retrieved |
| sig_date_ts | integer (readonly) Epoch milliseconds timestamp of signature hash retrieval |
| last_update_ts | integer (readonly) Epoch milliseconds timestamp of when the rule update was attempted |
| last_update_result | string result of last update attempt - success or failure (with message) |
| id | string (readonly) the ID generated for this service |
| skip_cert_check | boolean don't validate server certificate; if tls_fingerprint is provided, the cert is checked against value configured |
| tls_fingerprint | string (optional) for self-signed certs, the hex string or base64 encoded bytes of the SHA256 fingerprint of the certificate or the public key |
| state | string enabled (active) , disabled (suspended) |
object (SnortDownloadProgress) |
{- "name": "string",
- "descr": "string",
- "url": "string",
- "checksum_url": "string",
- "sig_hash": "string",
- "sig_date": "string",
- "sig_date_ts": 0,
- "last_update_ts": 0,
- "last_update_result": "string",
- "id": "string",
- "skip_cert_check": true,
- "tls_fingerprint": "string",
- "state": "string",
- "progress": {
- "completed": true,
- "start_ts": 0,
- "end_ts": 0,
- "errors": "string",
- "messages": "string",
- "percent": 0.1,
- "state": "string"
}
}{- "result": "string"
}When triggering a download from the requested services, if one is already in progress then it will be left the same. Only new ones will start.
If a suspend request is issued, then downloads will not proceed until resume is requested. Resume downloads will only initiate at the schedule configured for downloads.
| id required | string |
| action | string Enum: "start" "stop" "suspend" "resume" start, stop, suspend or resume downloading from the service |
{- "action": "start"
}{- "name": "string",
- "descr": "string",
- "url": "string",
- "checksum_url": "string",
- "sig_hash": "string",
- "sig_date": "string",
- "sig_date_ts": 0,
- "last_update_ts": 0,
- "last_update_result": "string",
- "id": "string",
- "skip_cert_check": true,
- "tls_fingerprint": "string",
- "state": "string",
- "progress": {
- "completed": true,
- "start_ts": 0,
- "end_ts": 0,
- "errors": "string",
- "messages": "string",
- "percent": 0.1,
- "state": "string"
}
}| enable | boolean download schedule is enabled |
| interval | string daily (default), weekday (day of week), monthday (day of month) |
| day | string (sun, ..., sat) if weekday or (numeric) monthday |
| time | string in hh:mm |
{- "enable": true,
- "interval": "string",
- "day": "string",
- "time": "string"
}{- "enable": true,
- "interval": "string",
- "day": "string",
- "time": "string"
}Apply snort configuration for the specified interfaces in the SnortInterfaceConfig argument. The interfaces must not already be bound to another SnortInterfaceConfig.
If Talos LightSPD rules are used, then the interface configuration will limit the number of customizations that are applied. Most of the changes are for overriding the LigthSPD defaults.
The id of the configuration will be automatically assigned by the handler and guaranteed to be unique.
| id | string (readonly) unique identifier for this configuration |
| log_id | integer (readonly) id of applied to -G/--logid of snort command |
| enable | boolean enable service to run |
| status | string (readonly) current running state - started, stopped, error |
| descr | string user provided description |
| interfaces | Array of strings |
| inline_ips | boolean enable inline IPS; not all systems support this |
| home_networks | Array of strings |
| external_networks | Array of strings |
object (SnortOverrides) Snort configuration variables that can be overridden | |
| use_syslog | boolean send alerts to system log |
| use_alert_unified2 | boolean write alerts to unified2 logs instead of CSV |
| block_on_alert | boolean block offending address triggering alert |
| kill_states | boolean kill the firewall states for blocked address |
| block_addr_opt | string Enum: "src" "dst" "both" which address to block - src, dst, or both (default) |
| detection_method | string Enum: "ac_bnfa" "ac_full" "hyperscan" fast pattern matching algorithm (ac_bnfa, ac_full, hyperscan) |
| split_any_any | boolean split ANY-ANY port group |
| search_optimize | boolean enable search optimization |
| stream_inserts | boolean do not evaulate stream inserted packets against the detection algorithm |
| csum_disabled | boolean disable checksum checking to improve performance |
| pass_list_name | string pass list reference (to SnortPassList) |
| suppress_list_name | string suppress list reference (to SnortSuppressList) |
| custom_head_include | string path to custom Lua script, to be included at the start of the main snort.lua script. This should reside in /var/db/snort/config. |
| custom_tail_include | string path to custom Lua script, to be included at the end of the main snort.lua script. This should reside in /var/db/snort/config. |
Array of objects (SnortInsp_Binder) | |
object (SnortInspectors) Snort inspectors, also known is preprocessors, are modules that perform a variety of functions. The configuration of each inspector is complex and should only have defaults overridden with care. | |
object (SnortReputationConfig) | |
object (SnortInterfaceRulesetsOpt) | |
| raw_config | string output - the raw configuration that was generated or user explicitly set |
| config_path | string output - the location of the interface's config files |
| custom_raw_config | string input - user provided raw config override |
{- "id": "string",
- "log_id": 0,
- "enable": true,
- "status": "string",
- "descr": "string",
- "interfaces": [
- "string"
], - "inline_ips": true,
- "home_networks": [
- "string"
], - "external_networks": [
- "string"
], - "overrides": {
- "dns_servers": [
- "string"
], - "ftp_servers": [
- "string"
], - "http_servers": [
- "string"
], - "sip_servers": [
- "string"
], - "smtp_servers": [
- "string"
], - "imap_servers": [
- "string"
], - "sql_servers": [
- "string"
], - "ssh_servers": [
- "string"
], - "telnet_servers": [
- "string"
]
}, - "use_syslog": true,
- "use_alert_unified2": true,
- "block_on_alert": true,
- "kill_states": true,
- "block_addr_opt": "src",
- "detection_method": "ac_bnfa",
- "split_any_any": true,
- "search_optimize": true,
- "stream_inserts": true,
- "csum_disabled": true,
- "pass_list_name": "string",
- "suppress_list_name": "string",
- "custom_head_include": "string",
- "custom_tail_include": "string",
- "bindings": [
- {
- "when": {
- "ips_policy_id": 0,
- "vlans": [
- "string"
], - "nets": [
- "string"
], - "src_nets": [
- "string"
], - "dst_nets": [
- "string"
], - "proto": "string",
- "ports": [
- "string"
], - "src_ports": [
- "string"
], - "dst_ports": [
- "string"
], - "intfs": "string",
- "src_intfs": "string",
- "dst_intfs": "string",
- "groups": "string",
- "src_groups": "string",
- "dst_groups": "string",
- "addr_spaces": "string",
- "tenants": "string",
- "role": "string",
- "service": "string"
}, - "use": {
- "action": "string",
- "file": "string",
- "inspection_policy": "string",
- "ips_policy": "string",
- "service": "string",
- "type": "string",
- "name": "string"
}
}
], - "inspectors": {
- "enabled": [
- "string"
], - "appid": {
- "memcap": 0,
- "log_stats": true,
- "app_stats_period": 0,
- "app_stats_rollover_size": 0,
- "app_detector_dir": "string",
- "list_odp_detectors": true,
- "tp_appid_path": "string",
- "tp_appid_config": "string",
- "tp_appid_stats_enable": true,
- "tp_appid_config_dump": true,
- "log_all_sessions": true,
- "enable_rna_filter": true,
- "rna_conf_path": "string"
}, - "appid_listener": {
- "json_logging": true,
- "file": "string"
}, - "arp_spoof": {
- "hosts": [
- {
- "ip": "string",
- "mac": "string"
}
]
}, - "cip": {
- "embedded_cip_path": "string",
- "unconnected_timeout": 0,
- "max_cip_connections": 0,
- "max_unconnected_messages": 0
}, - "data_log": {
- "key": "string",
- "limit": 0
}, - "dce_smb": {
- "limit_alerts": true,
- "disable_defrag": true,
- "max_frag_len": 0,
- "reassemble_threshold": 0,
- "smb_fingerprint_policy": "string",
- "policy": "string",
- "smb_max_chain": 0,
- "smb_max_compound": 0,
- "valid_smb_versions": [
- "string"
], - "smb_file_depth": 0,
- "smb_invalid_shares": "string",
- "smb_legacy_mode": true,
- "smb_max_credit": 0,
- "memcap": 0
}, - "dce_tcp": {
- "limit_alerts": true,
- "disable_defrag": true,
- "max_frag_len": 0,
- "reassemble_threshold": 0,
- "policy": "string"
}, - "dce_udp": {
- "limit_alerts": true,
- "disable_defrag": true,
- "max_frag_len": 0
}, - "dnp3": {
- "check_crc": true
}, - "dns": {
- "publish_response": true
}, - "domain_filter": {
- "file": "string",
- "hosts": "string"
}, - "dpx": {
- "port": 0,
- "max": 0
}, - "extractor": {
- "formatting": "string",
- "connector": "string",
- "time": "string",
- "default_filter": "string",
- "protocols": [
- {
- "service": "string",
- "tenant_id": 0,
- "on_events": "string",
- "fields": "string"
}
]
}, - "file_id": {
- "type_depth": 0,
- "signature_depth": 0,
- "block_timeout": 0,
- "lookup_timeout": 0,
- "block_timeout_lookup": true,
- "capture_memcap": 0,
- "capture_max_size": 0,
- "capture_min_size": 0,
- "capture_block_size": 0,
- "max_files_cached": 0,
- "max_files_per_flow": 0,
- "show_data_depth": 0,
- "rules_file": "string",
- "trace_type": true,
- "trace_signature": true,
- "trace_stream": true,
- "decompress_buffer_size": 0
}, - "file_log": {
- "log_pkt_time": true,
- "log_sys_time": true
}, - "ftp_client": {
- "bounce": true,
- "bounce_to": [
- {
- "address": "string",
- "port": 0,
- "last_port": 0
}
], - "ignore_telnet_erase_cmds": true,
- "max_resp_len": 0,
- "telnet_cmds": true
}, - "ftp_server": {
- "chk_str_fmt": "string",
- "data_chan_cmds": "string",
- "data_rest_cmds": "string",
- "data_xfer_cmds": "string",
- "directory_cmds": [
- {
- "dir_cmd": "string",
- "rsp_code": 0
}
], - "file_put_cmds": "string",
- "file_get_cmds": "string",
- "encr_cmds": "string",
- "login_cmds": "string",
- "check_encrypted": true,
- "cmd_validity": [
- {
- "command": "string",
- "format": "string",
- "length": 0
}
], - "def_max_param_len": 0,
- "encrypted_traffic": true,
- "ftp_cmds": "string",
- "ignore_data_chan": true,
- "ignore_telnet_erase_cmds": true,
- "print_cmds": true,
- "telnet_cmds": true
}, - "gtp_inspect": {
- "version": 0,
- "messages": [
- {
- "type": 0,
- "name": "string"
}
], - "infos": [
- {
- "type": 0,
- "name": "string",
- "length": 0
}
]
}, - "http2_inspect": {
- "concurrent_streams_limit": 0,
- "settings_max_frame_size": 0
}, - "http_inspect": {
- "request_depth": 0,
- "response_depth": 0,
- "unzip": true,
- "maximum_host_length": 0,
- "maximum_chunk_length": 0,
- "maximum_header_length": 0,
- "maximum_headers": 0,
- "maximum_pipelined_requests": 0,
- "normalize_utf": true,
- "decompress_pdf": true,
- "decompress_swf": true,
- "decompress_zip": true,
- "decompress_vba": true,
- "max_mime_attach": 0,
- "script_detection": true,
- "normalize_javascript": true,
- "max_javascript_whitespaces": 0,
- "bad_characters": [
- "string"
], - "ignore_unreserved": "string",
- "percent_u": true,
- "utf8": true,
- "utf8_bare_byte": true,
- "iis_unicode": true,
- "iis_unicode_map_file": "string",
- "iis_unicode_code_page": 0,
- "iis_double_decode": true,
- "oversize_dir_length": 0,
- "backslash_to_slash": true,
- "plus_to_space": true,
- "simplify_path": true,
- "xff_headers": "string",
- "request_body_app_detection": true,
- "allowed_methods": "string",
- "disallowed_methods": "string"
}, - "imap": {
- "b64_decode_depth": 0,
- "bitenc_decode_depth": 0,
- "decompress_pdf": true,
- "decompress_swf": true,
- "decompress_zip": true,
- "decompress_vba": true,
- "qp_decode_depth": 0,
- "uu_decode_depth": 0
}, - "netflow": {
- "dump_file": "string",
- "update_timeout": 0,
- "rules": [
- {
- "device_ip": "string",
- "exclude": true,
- "zones": "string",
- "networks": "string",
- "create_host": true,
- "create_service": true
}
], - "flow_memcap": 0,
- "template_memcap": 0,
- "netflow_service_id_path": "string"
}, - "normalizer": {
- "ip4": {
- "base": true,
- "df": true,
- "rf": true,
- "tos": true,
- "trim": true
}, - "tcp": {
- "base": true,
- "block": true,
- "urp": true,
- "ips": true,
- "ecn": "string",
- "pad": true,
- "trim_syn": true,
- "trim_rst": true,
- "trim_win": true,
- "trim_mss": true,
- "opts": true,
- "req_urg": true,
- "req_pay": true,
- "rsv": true,
- "req_urp": true,
- "allow_names": [
- "string"
], - "allow_codes": "string"
}, - "ip6": true,
- "icmp4": true,
- "icmp6": true
}, - "packet_capture": {
- "enable": true,
- "filter": "string",
- "group": 0,
- "tenants": "string",
- "check_inner_pkt": true,
- "capture_path": "string",
- "max_packet_count": 0
}, - "perf_monitor": {
- "base": true,
- "cpu": true,
- "flow": true,
- "flow_ip": true,
- "flow_ip_all": true,
- "packets": 0,
- "seconds": 0,
- "flow_ip_memcap": 0,
- "max_file_size": 0,
- "flow_ports": 0,
- "output": "string",
- "modules": [
- {
- "name": "string",
- "pegs": "string"
}
], - "format": "string",
- "summary": true
}, - "pop": {
- "b64_decode_depth": 0,
- "bitenc_decode_depth": 0,
- "decompress_pdf": true,
- "decompress_swf": true,
- "decompress_zip": true,
- "decompress_vba": true,
- "qp_decode_depth": 0,
- "uu_decode_depth": 0
}, - "port_scan": {
- "memcap": 0,
- "protos": [
- "string"
], - "scan_types": [
- "string"
], - "watch_ip": "string",
- "ignore_scanners": "string",
- "ignore_scanned": "string",
- "alert_all": true,
- "include_midstream": true,
- "tcp_ports": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "tcp_decoy": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "tcp_sweep": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "tcp_dist": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "udp_ports": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "udp_decoy": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "udp_sweep": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "udp_dist": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "ip_proto": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "ip_decoy": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "ip_sweep": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "ip_dist": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "icmp_sweep": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "tcp_window": 0,
- "udp_window": 0,
- "ip_window": 0,
- "icmp_window": 0
}, - "rna": {
- "rna_conf_path": "string",
- "enable_logger": true,
- "log_when_idle": true,
- "dump_file": "string",
- "tcp_fingerprints": [
- {
- "fpid": 0,
- "type": 0,
- "uuid": "string",
- "ttl": 0,
- "tcp_window": "string",
- "mss": "string",
- "id": "string",
- "topts": "string",
- "ws": "string",
- "df": true,
- "ua_type": "string",
- "user_agent": [
- {
- "substring": "string"
}
], - "host_name": "string",
- "device": "string",
- "dhcp55": "string",
- "dhcp60": "string",
- "major": 0,
- "minor": 0,
- "flags": 0
}
], - "ua_fingerprints": [
- {
- "fpid": 0,
- "type": 0,
- "uuid": "string",
- "ttl": 0,
- "tcp_window": "string",
- "mss": "string",
- "id": "string",
- "topts": "string",
- "ws": "string",
- "df": true,
- "ua_type": "string",
- "user_agent": [
- {
- "substring": "string"
}
], - "host_name": "string",
- "device": "string",
- "dhcp55": "string",
- "dhcp60": "string",
- "major": 0,
- "minor": 0,
- "flags": 0
}
], - "udp_fingerprints": [
- {
- "fpid": 0,
- "type": 0,
- "uuid": "string",
- "ttl": 0,
- "tcp_window": "string",
- "mss": "string",
- "id": "string",
- "topts": "string",
- "ws": "string",
- "df": true,
- "ua_type": "string",
- "user_agent": [
- {
- "substring": "string"
}
], - "host_name": "string",
- "device": "string",
- "dhcp55": "string",
- "dhcp60": "string",
- "major": 0,
- "minor": 0,
- "flags": 0
}
], - "smb_fingerprints": [
- {
- "fpid": 0,
- "type": 0,
- "uuid": "string",
- "ttl": 0,
- "tcp_window": "string",
- "mss": "string",
- "id": "string",
- "topts": "string",
- "ws": "string",
- "df": true,
- "ua_type": "string",
- "user_agent": [
- {
- "substring": "string"
}
], - "host_name": "string",
- "device": "string",
- "dhcp55": "string",
- "dhcp60": "string",
- "major": 0,
- "minor": 0,
- "flags": 0
}
]
}, - "sip": {
- "ignore_call_channel": true,
- "max_call_id_len": 0,
- "max_contact_len": 0,
- "max_content_len": 0,
- "max_dialogs": 0,
- "max_from_len": 0,
- "max_request_name_len": 0,
- "max_to_len": 0,
- "max_uri_len": 0,
- "max_via_len": 0,
- "methods": "string",
- "sip_timeout": 0,
- "sip_media_timeout": 0,
- "sip_invite_timeout": 0,
- "sip_disconnect_timeout": 0
}, - "smtp": {
- "alt_max_command_line_len": [
- {
- "command": "string",
- "length": 0
}
], - "auth_cmds": "string",
- "b64_decode_depth": 0,
- "binary_data_cmds": "string",
- "bitenc_decode_depth": 0,
- "data_cmds": "string",
- "decompress_pdf": true,
- "decompress_swf": true,
- "decompress_zip": true,
- "decompress_vba": true,
- "email_hdrs_log_depth": 0,
- "ignore_data": true,
- "ignore_tls_data": true,
- "invalid_cmds": "string",
- "log_email_hdrs": true,
- "log_filename": true,
- "log_mailfrom": true,
- "log_rcptto": true,
- "max_auth_command_line_len": 0,
- "max_command_line_len": 0,
- "max_header_line_len": 0,
- "max_response_line_len": 0,
- "normalize": "string",
- "normalize_cmds": "string",
- "qp_decode_depth": 0,
- "uu_decode_depth": 0,
- "valid_cmds": "string",
- "xlink2state": "string"
}, - "snort_ml": {
- "uri_depth": 0,
- "client_body_depth": 0,
- "http_param_threshold": 0.1
}, - "snort_ml_engine": {
- "http_param_model": "string"
}, - "ssh": {
- "max_encrypted_packets": 0,
- "max_client_bytes": 0,
- "max_server_version_len": 0
}, - "ssl": {
- "trust_servers": true,
- "max_heartbeat_length": 0
}, - "stream": {
- "held_packet_timeout": 0,
- "ip_frags_only": true,
- "max_flows": 0,
- "prune_flows": 0,
- "pruning_timeout": 0,
- "require_3whs": 0,
- "allowlist_cache": {
- "enable": true,
- "move_on_excess": true
}, - "drop_stale_packets": true,
- "ip_cache": {
- "idle_timeout": 0
}, - "icmp_cache": {
- "idle_timeout": 0
}, - "tcp_cache": {
- "idle_timeout": 0
}, - "udp_cache": {
- "idle_timeout": 0
}, - "user_cache": {
- "idle_timeout": 0
}, - "file_cache": {
- "idle_timeout": 0
}
}, - "stream_file": {
- "upload": true
}, - "stream_icmp": {
- "session_timeout": 0
}, - "stream_ip": {
- "max_frags": 0,
- "max_overlaps": 0,
- "min_frag_length": 0,
- "min_ttl": 0,
- "policy": "string",
- "session_timeout": 0
}, - "stream_tcp": {
- "flush_factor": 0,
- "max_window": 0,
- "overlap_limit": 0,
- "max_pdu": 0,
- "no_ack": true,
- "policy": "string",
- "reassemble_async": true,
- "show_rebuilt_packets": true,
- "queue_limit": {
- "max_bytes": 0,
- "max_segments": 0,
- "asymmetric_ids_flush_threshold": 0
}, - "small_segments": {
- "count": 0,
- "maximum_size": 0
}, - "session_timeout": 0,
- "track_only": true,
- "embryonic_timeout": 0,
- "idle_timeout": 0
}, - "stream_udp": {
- "session_timeout": 0
}, - "stream_user": {
- "session_timeout": 0
}, - "telnet": {
- "ayt_attack_thresh": 0,
- "check_encrypted": true,
- "encrypted_traffic": true,
- "normalize": true
}, - "tlv_pdu": {
- "offset": 0,
- "size": 0,
- "skip": 0,
- "relative": true
}, - "wizard": {
- "hexes": [
- {
- "service": "string",
- "proto": "string",
- "to_server": [
- {
- "hex": "string"
}
], - "to_client": [
- {
- "hex": "string"
}
]
}
], - "spells": [
- {
- "service": "string",
- "proto": "string",
- "to_server": [
- {
- "spell": "string"
}
], - "to_client": [
- {
- "spell": "string"
}
]
}
], - "curses": [
- "string"
], - "max_search_depth": 0
}
}, - "reputation": {
- "enable": true,
- "max_mem_mb": 0,
- "scan_local": true,
- "nested_ip": "string",
- "priority_allowlist": true,
- "allowlist_trust": true,
- "blocklist_names": [
- "string"
], - "allowlist_names": [
- "string"
]
}, - "rule_sets": {
- "rulesets": [
- {
- "name": "string",
- "policy": "string",
- "cat": [
- "string"
]
}
], - "overrides": [
- {
- "gid": "string",
- "sid": "string",
- "enable": true,
- "suppress": true,
- "reset_entry": true
}
]
}, - "raw_config": "string",
- "config_path": "string",
- "custom_raw_config": "string"
}{- "id": "string",
- "log_id": 0,
- "enable": true,
- "status": "string",
- "descr": "string",
- "interfaces": [
- "string"
], - "inline_ips": true,
- "home_networks": [
- "string"
], - "external_networks": [
- "string"
], - "overrides": {
- "dns_servers": [
- "string"
], - "ftp_servers": [
- "string"
], - "http_servers": [
- "string"
], - "sip_servers": [
- "string"
], - "smtp_servers": [
- "string"
], - "imap_servers": [
- "string"
], - "sql_servers": [
- "string"
], - "ssh_servers": [
- "string"
], - "telnet_servers": [
- "string"
]
}, - "use_syslog": true,
- "use_alert_unified2": true,
- "block_on_alert": true,
- "kill_states": true,
- "block_addr_opt": "src",
- "detection_method": "ac_bnfa",
- "split_any_any": true,
- "search_optimize": true,
- "stream_inserts": true,
- "csum_disabled": true,
- "pass_list_name": "string",
- "suppress_list_name": "string",
- "custom_head_include": "string",
- "custom_tail_include": "string",
- "bindings": [
- {
- "when": {
- "ips_policy_id": 0,
- "vlans": [
- "string"
], - "nets": [
- "string"
], - "src_nets": [
- "string"
], - "dst_nets": [
- "string"
], - "proto": "string",
- "ports": [
- "string"
], - "src_ports": [
- "string"
], - "dst_ports": [
- "string"
], - "intfs": "string",
- "src_intfs": "string",
- "dst_intfs": "string",
- "groups": "string",
- "src_groups": "string",
- "dst_groups": "string",
- "addr_spaces": "string",
- "tenants": "string",
- "role": "string",
- "service": "string"
}, - "use": {
- "action": "string",
- "file": "string",
- "inspection_policy": "string",
- "ips_policy": "string",
- "service": "string",
- "type": "string",
- "name": "string"
}
}
], - "inspectors": {
- "enabled": [
- "string"
], - "appid": {
- "memcap": 0,
- "log_stats": true,
- "app_stats_period": 0,
- "app_stats_rollover_size": 0,
- "app_detector_dir": "string",
- "list_odp_detectors": true,
- "tp_appid_path": "string",
- "tp_appid_config": "string",
- "tp_appid_stats_enable": true,
- "tp_appid_config_dump": true,
- "log_all_sessions": true,
- "enable_rna_filter": true,
- "rna_conf_path": "string"
}, - "appid_listener": {
- "json_logging": true,
- "file": "string"
}, - "arp_spoof": {
- "hosts": [
- {
- "ip": "string",
- "mac": "string"
}
]
}, - "cip": {
- "embedded_cip_path": "string",
- "unconnected_timeout": 0,
- "max_cip_connections": 0,
- "max_unconnected_messages": 0
}, - "data_log": {
- "key": "string",
- "limit": 0
}, - "dce_smb": {
- "limit_alerts": true,
- "disable_defrag": true,
- "max_frag_len": 0,
- "reassemble_threshold": 0,
- "smb_fingerprint_policy": "string",
- "policy": "string",
- "smb_max_chain": 0,
- "smb_max_compound": 0,
- "valid_smb_versions": [
- "string"
], - "smb_file_depth": 0,
- "smb_invalid_shares": "string",
- "smb_legacy_mode": true,
- "smb_max_credit": 0,
- "memcap": 0
}, - "dce_tcp": {
- "limit_alerts": true,
- "disable_defrag": true,
- "max_frag_len": 0,
- "reassemble_threshold": 0,
- "policy": "string"
}, - "dce_udp": {
- "limit_alerts": true,
- "disable_defrag": true,
- "max_frag_len": 0
}, - "dnp3": {
- "check_crc": true
}, - "dns": {
- "publish_response": true
}, - "domain_filter": {
- "file": "string",
- "hosts": "string"
}, - "dpx": {
- "port": 0,
- "max": 0
}, - "extractor": {
- "formatting": "string",
- "connector": "string",
- "time": "string",
- "default_filter": "string",
- "protocols": [
- {
- "service": "string",
- "tenant_id": 0,
- "on_events": "string",
- "fields": "string"
}
]
}, - "file_id": {
- "type_depth": 0,
- "signature_depth": 0,
- "block_timeout": 0,
- "lookup_timeout": 0,
- "block_timeout_lookup": true,
- "capture_memcap": 0,
- "capture_max_size": 0,
- "capture_min_size": 0,
- "capture_block_size": 0,
- "max_files_cached": 0,
- "max_files_per_flow": 0,
- "show_data_depth": 0,
- "rules_file": "string",
- "trace_type": true,
- "trace_signature": true,
- "trace_stream": true,
- "decompress_buffer_size": 0
}, - "file_log": {
- "log_pkt_time": true,
- "log_sys_time": true
}, - "ftp_client": {
- "bounce": true,
- "bounce_to": [
- {
- "address": "string",
- "port": 0,
- "last_port": 0
}
], - "ignore_telnet_erase_cmds": true,
- "max_resp_len": 0,
- "telnet_cmds": true
}, - "ftp_server": {
- "chk_str_fmt": "string",
- "data_chan_cmds": "string",
- "data_rest_cmds": "string",
- "data_xfer_cmds": "string",
- "directory_cmds": [
- {
- "dir_cmd": "string",
- "rsp_code": 0
}
], - "file_put_cmds": "string",
- "file_get_cmds": "string",
- "encr_cmds": "string",
- "login_cmds": "string",
- "check_encrypted": true,
- "cmd_validity": [
- {
- "command": "string",
- "format": "string",
- "length": 0
}
], - "def_max_param_len": 0,
- "encrypted_traffic": true,
- "ftp_cmds": "string",
- "ignore_data_chan": true,
- "ignore_telnet_erase_cmds": true,
- "print_cmds": true,
- "telnet_cmds": true
}, - "gtp_inspect": {
- "version": 0,
- "messages": [
- {
- "type": 0,
- "name": "string"
}
], - "infos": [
- {
- "type": 0,
- "name": "string",
- "length": 0
}
]
}, - "http2_inspect": {
- "concurrent_streams_limit": 0,
- "settings_max_frame_size": 0
}, - "http_inspect": {
- "request_depth": 0,
- "response_depth": 0,
- "unzip": true,
- "maximum_host_length": 0,
- "maximum_chunk_length": 0,
- "maximum_header_length": 0,
- "maximum_headers": 0,
- "maximum_pipelined_requests": 0,
- "normalize_utf": true,
- "decompress_pdf": true,
- "decompress_swf": true,
- "decompress_zip": true,
- "decompress_vba": true,
- "max_mime_attach": 0,
- "script_detection": true,
- "normalize_javascript": true,
- "max_javascript_whitespaces": 0,
- "bad_characters": [
- "string"
], - "ignore_unreserved": "string",
- "percent_u": true,
- "utf8": true,
- "utf8_bare_byte": true,
- "iis_unicode": true,
- "iis_unicode_map_file": "string",
- "iis_unicode_code_page": 0,
- "iis_double_decode": true,
- "oversize_dir_length": 0,
- "backslash_to_slash": true,
- "plus_to_space": true,
- "simplify_path": true,
- "xff_headers": "string",
- "request_body_app_detection": true,
- "allowed_methods": "string",
- "disallowed_methods": "string"
}, - "imap": {
- "b64_decode_depth": 0,
- "bitenc_decode_depth": 0,
- "decompress_pdf": true,
- "decompress_swf": true,
- "decompress_zip": true,
- "decompress_vba": true,
- "qp_decode_depth": 0,
- "uu_decode_depth": 0
}, - "netflow": {
- "dump_file": "string",
- "update_timeout": 0,
- "rules": [
- {
- "device_ip": "string",
- "exclude": true,
- "zones": "string",
- "networks": "string",
- "create_host": true,
- "create_service": true
}
], - "flow_memcap": 0,
- "template_memcap": 0,
- "netflow_service_id_path": "string"
}, - "normalizer": {
- "ip4": {
- "base": true,
- "df": true,
- "rf": true,
- "tos": true,
- "trim": true
}, - "tcp": {
- "base": true,
- "block": true,
- "urp": true,
- "ips": true,
- "ecn": "string",
- "pad": true,
- "trim_syn": true,
- "trim_rst": true,
- "trim_win": true,
- "trim_mss": true,
- "opts": true,
- "req_urg": true,
- "req_pay": true,
- "rsv": true,
- "req_urp": true,
- "allow_names": [
- "string"
], - "allow_codes": "string"
}, - "ip6": true,
- "icmp4": true,
- "icmp6": true
}, - "packet_capture": {
- "enable": true,
- "filter": "string",
- "group": 0,
- "tenants": "string",
- "check_inner_pkt": true,
- "capture_path": "string",
- "max_packet_count": 0
}, - "perf_monitor": {
- "base": true,
- "cpu": true,
- "flow": true,
- "flow_ip": true,
- "flow_ip_all": true,
- "packets": 0,
- "seconds": 0,
- "flow_ip_memcap": 0,
- "max_file_size": 0,
- "flow_ports": 0,
- "output": "string",
- "modules": [
- {
- "name": "string",
- "pegs": "string"
}
], - "format": "string",
- "summary": true
}, - "pop": {
- "b64_decode_depth": 0,
- "bitenc_decode_depth": 0,
- "decompress_pdf": true,
- "decompress_swf": true,
- "decompress_zip": true,
- "decompress_vba": true,
- "qp_decode_depth": 0,
- "uu_decode_depth": 0
}, - "port_scan": {
- "memcap": 0,
- "protos": [
- "string"
], - "scan_types": [
- "string"
], - "watch_ip": "string",
- "ignore_scanners": "string",
- "ignore_scanned": "string",
- "alert_all": true,
- "include_midstream": true,
- "tcp_ports": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "tcp_decoy": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "tcp_sweep": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "tcp_dist": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "udp_ports": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "udp_decoy": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "udp_sweep": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "udp_dist": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "ip_proto": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "ip_decoy": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "ip_sweep": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "ip_dist": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "icmp_sweep": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "tcp_window": 0,
- "udp_window": 0,
- "ip_window": 0,
- "icmp_window": 0
}, - "rna": {
- "rna_conf_path": "string",
- "enable_logger": true,
- "log_when_idle": true,
- "dump_file": "string",
- "tcp_fingerprints": [
- {
- "fpid": 0,
- "type": 0,
- "uuid": "string",
- "ttl": 0,
- "tcp_window": "string",
- "mss": "string",
- "id": "string",
- "topts": "string",
- "ws": "string",
- "df": true,
- "ua_type": "string",
- "user_agent": [
- {
- "substring": "string"
}
], - "host_name": "string",
- "device": "string",
- "dhcp55": "string",
- "dhcp60": "string",
- "major": 0,
- "minor": 0,
- "flags": 0
}
], - "ua_fingerprints": [
- {
- "fpid": 0,
- "type": 0,
- "uuid": "string",
- "ttl": 0,
- "tcp_window": "string",
- "mss": "string",
- "id": "string",
- "topts": "string",
- "ws": "string",
- "df": true,
- "ua_type": "string",
- "user_agent": [
- {
- "substring": "string"
}
], - "host_name": "string",
- "device": "string",
- "dhcp55": "string",
- "dhcp60": "string",
- "major": 0,
- "minor": 0,
- "flags": 0
}
], - "udp_fingerprints": [
- {
- "fpid": 0,
- "type": 0,
- "uuid": "string",
- "ttl": 0,
- "tcp_window": "string",
- "mss": "string",
- "id": "string",
- "topts": "string",
- "ws": "string",
- "df": true,
- "ua_type": "string",
- "user_agent": [
- {
- "substring": "string"
}
], - "host_name": "string",
- "device": "string",
- "dhcp55": "string",
- "dhcp60": "string",
- "major": 0,
- "minor": 0,
- "flags": 0
}
], - "smb_fingerprints": [
- {
- "fpid": 0,
- "type": 0,
- "uuid": "string",
- "ttl": 0,
- "tcp_window": "string",
- "mss": "string",
- "id": "string",
- "topts": "string",
- "ws": "string",
- "df": true,
- "ua_type": "string",
- "user_agent": [
- {
- "substring": "string"
}
], - "host_name": "string",
- "device": "string",
- "dhcp55": "string",
- "dhcp60": "string",
- "major": 0,
- "minor": 0,
- "flags": 0
}
]
}, - "sip": {
- "ignore_call_channel": true,
- "max_call_id_len": 0,
- "max_contact_len": 0,
- "max_content_len": 0,
- "max_dialogs": 0,
- "max_from_len": 0,
- "max_request_name_len": 0,
- "max_to_len": 0,
- "max_uri_len": 0,
- "max_via_len": 0,
- "methods": "string",
- "sip_timeout": 0,
- "sip_media_timeout": 0,
- "sip_invite_timeout": 0,
- "sip_disconnect_timeout": 0
}, - "smtp": {
- "alt_max_command_line_len": [
- {
- "command": "string",
- "length": 0
}
], - "auth_cmds": "string",
- "b64_decode_depth": 0,
- "binary_data_cmds": "string",
- "bitenc_decode_depth": 0,
- "data_cmds": "string",
- "decompress_pdf": true,
- "decompress_swf": true,
- "decompress_zip": true,
- "decompress_vba": true,
- "email_hdrs_log_depth": 0,
- "ignore_data": true,
- "ignore_tls_data": true,
- "invalid_cmds": "string",
- "log_email_hdrs": true,
- "log_filename": true,
- "log_mailfrom": true,
- "log_rcptto": true,
- "max_auth_command_line_len": 0,
- "max_command_line_len": 0,
- "max_header_line_len": 0,
- "max_response_line_len": 0,
- "normalize": "string",
- "normalize_cmds": "string",
- "qp_decode_depth": 0,
- "uu_decode_depth": 0,
- "valid_cmds": "string",
- "xlink2state": "string"
}, - "snort_ml": {
- "uri_depth": 0,
- "client_body_depth": 0,
- "http_param_threshold": 0.1
}, - "snort_ml_engine": {
- "http_param_model": "string"
}, - "ssh": {
- "max_encrypted_packets": 0,
- "max_client_bytes": 0,
- "max_server_version_len": 0
}, - "ssl": {
- "trust_servers": true,
- "max_heartbeat_length": 0
}, - "stream": {
- "held_packet_timeout": 0,
- "ip_frags_only": true,
- "max_flows": 0,
- "prune_flows": 0,
- "pruning_timeout": 0,
- "require_3whs": 0,
- "allowlist_cache": {
- "enable": true,
- "move_on_excess": true
}, - "drop_stale_packets": true,
- "ip_cache": {
- "idle_timeout": 0
}, - "icmp_cache": {
- "idle_timeout": 0
}, - "tcp_cache": {
- "idle_timeout": 0
}, - "udp_cache": {
- "idle_timeout": 0
}, - "user_cache": {
- "idle_timeout": 0
}, - "file_cache": {
- "idle_timeout": 0
}
}, - "stream_file": {
- "upload": true
}, - "stream_icmp": {
- "session_timeout": 0
}, - "stream_ip": {
- "max_frags": 0,
- "max_overlaps": 0,
- "min_frag_length": 0,
- "min_ttl": 0,
- "policy": "string",
- "session_timeout": 0
}, - "stream_tcp": {
- "flush_factor": 0,
- "max_window": 0,
- "overlap_limit": 0,
- "max_pdu": 0,
- "no_ack": true,
- "policy": "string",
- "reassemble_async": true,
- "show_rebuilt_packets": true,
- "queue_limit": {
- "max_bytes": 0,
- "max_segments": 0,
- "asymmetric_ids_flush_threshold": 0
}, - "small_segments": {
- "count": 0,
- "maximum_size": 0
}, - "session_timeout": 0,
- "track_only": true,
- "embryonic_timeout": 0,
- "idle_timeout": 0
}, - "stream_udp": {
- "session_timeout": 0
}, - "stream_user": {
- "session_timeout": 0
}, - "telnet": {
- "ayt_attack_thresh": 0,
- "check_encrypted": true,
- "encrypted_traffic": true,
- "normalize": true
}, - "tlv_pdu": {
- "offset": 0,
- "size": 0,
- "skip": 0,
- "relative": true
}, - "wizard": {
- "hexes": [
- {
- "service": "string",
- "proto": "string",
- "to_server": [
- {
- "hex": "string"
}
], - "to_client": [
- {
- "hex": "string"
}
]
}
], - "spells": [
- {
- "service": "string",
- "proto": "string",
- "to_server": [
- {
- "spell": "string"
}
], - "to_client": [
- {
- "spell": "string"
}
]
}
], - "curses": [
- "string"
], - "max_search_depth": 0
}
}, - "reputation": {
- "enable": true,
- "max_mem_mb": 0,
- "scan_local": true,
- "nested_ip": "string",
- "priority_allowlist": true,
- "allowlist_trust": true,
- "blocklist_names": [
- "string"
], - "allowlist_names": [
- "string"
]
}, - "rule_sets": {
- "rulesets": [
- {
- "name": "string",
- "policy": "string",
- "cat": [
- "string"
]
}
], - "overrides": [
- {
- "gid": "string",
- "sid": "string",
- "enable": true,
- "suppress": true,
- "reset_entry": true
}
]
}, - "raw_config": "string",
- "config_path": "string",
- "custom_raw_config": "string"
}{- "id": "string",
- "log_id": 0,
- "enable": true,
- "status": "string",
- "descr": "string",
- "interfaces": [
- "string"
], - "inline_ips": true,
- "home_networks": [
- "string"
], - "external_networks": [
- "string"
], - "overrides": {
- "dns_servers": [
- "string"
], - "ftp_servers": [
- "string"
], - "http_servers": [
- "string"
], - "sip_servers": [
- "string"
], - "smtp_servers": [
- "string"
], - "imap_servers": [
- "string"
], - "sql_servers": [
- "string"
], - "ssh_servers": [
- "string"
], - "telnet_servers": [
- "string"
]
}, - "use_syslog": true,
- "use_alert_unified2": true,
- "block_on_alert": true,
- "kill_states": true,
- "block_addr_opt": "src",
- "detection_method": "ac_bnfa",
- "split_any_any": true,
- "search_optimize": true,
- "stream_inserts": true,
- "csum_disabled": true,
- "pass_list_name": "string",
- "suppress_list_name": "string",
- "custom_head_include": "string",
- "custom_tail_include": "string",
- "bindings": [
- {
- "when": {
- "ips_policy_id": 0,
- "vlans": [
- "string"
], - "nets": [
- "string"
], - "src_nets": [
- "string"
], - "dst_nets": [
- "string"
], - "proto": "string",
- "ports": [
- "string"
], - "src_ports": [
- "string"
], - "dst_ports": [
- "string"
], - "intfs": "string",
- "src_intfs": "string",
- "dst_intfs": "string",
- "groups": "string",
- "src_groups": "string",
- "dst_groups": "string",
- "addr_spaces": "string",
- "tenants": "string",
- "role": "string",
- "service": "string"
}, - "use": {
- "action": "string",
- "file": "string",
- "inspection_policy": "string",
- "ips_policy": "string",
- "service": "string",
- "type": "string",
- "name": "string"
}
}
], - "inspectors": {
- "enabled": [
- "string"
], - "appid": {
- "memcap": 0,
- "log_stats": true,
- "app_stats_period": 0,
- "app_stats_rollover_size": 0,
- "app_detector_dir": "string",
- "list_odp_detectors": true,
- "tp_appid_path": "string",
- "tp_appid_config": "string",
- "tp_appid_stats_enable": true,
- "tp_appid_config_dump": true,
- "log_all_sessions": true,
- "enable_rna_filter": true,
- "rna_conf_path": "string"
}, - "appid_listener": {
- "json_logging": true,
- "file": "string"
}, - "arp_spoof": {
- "hosts": [
- {
- "ip": "string",
- "mac": "string"
}
]
}, - "cip": {
- "embedded_cip_path": "string",
- "unconnected_timeout": 0,
- "max_cip_connections": 0,
- "max_unconnected_messages": 0
}, - "data_log": {
- "key": "string",
- "limit": 0
}, - "dce_smb": {
- "limit_alerts": true,
- "disable_defrag": true,
- "max_frag_len": 0,
- "reassemble_threshold": 0,
- "smb_fingerprint_policy": "string",
- "policy": "string",
- "smb_max_chain": 0,
- "smb_max_compound": 0,
- "valid_smb_versions": [
- "string"
], - "smb_file_depth": 0,
- "smb_invalid_shares": "string",
- "smb_legacy_mode": true,
- "smb_max_credit": 0,
- "memcap": 0
}, - "dce_tcp": {
- "limit_alerts": true,
- "disable_defrag": true,
- "max_frag_len": 0,
- "reassemble_threshold": 0,
- "policy": "string"
}, - "dce_udp": {
- "limit_alerts": true,
- "disable_defrag": true,
- "max_frag_len": 0
}, - "dnp3": {
- "check_crc": true
}, - "dns": {
- "publish_response": true
}, - "domain_filter": {
- "file": "string",
- "hosts": "string"
}, - "dpx": {
- "port": 0,
- "max": 0
}, - "extractor": {
- "formatting": "string",
- "connector": "string",
- "time": "string",
- "default_filter": "string",
- "protocols": [
- {
- "service": "string",
- "tenant_id": 0,
- "on_events": "string",
- "fields": "string"
}
]
}, - "file_id": {
- "type_depth": 0,
- "signature_depth": 0,
- "block_timeout": 0,
- "lookup_timeout": 0,
- "block_timeout_lookup": true,
- "capture_memcap": 0,
- "capture_max_size": 0,
- "capture_min_size": 0,
- "capture_block_size": 0,
- "max_files_cached": 0,
- "max_files_per_flow": 0,
- "show_data_depth": 0,
- "rules_file": "string",
- "trace_type": true,
- "trace_signature": true,
- "trace_stream": true,
- "decompress_buffer_size": 0
}, - "file_log": {
- "log_pkt_time": true,
- "log_sys_time": true
}, - "ftp_client": {
- "bounce": true,
- "bounce_to": [
- {
- "address": "string",
- "port": 0,
- "last_port": 0
}
], - "ignore_telnet_erase_cmds": true,
- "max_resp_len": 0,
- "telnet_cmds": true
}, - "ftp_server": {
- "chk_str_fmt": "string",
- "data_chan_cmds": "string",
- "data_rest_cmds": "string",
- "data_xfer_cmds": "string",
- "directory_cmds": [
- {
- "dir_cmd": "string",
- "rsp_code": 0
}
], - "file_put_cmds": "string",
- "file_get_cmds": "string",
- "encr_cmds": "string",
- "login_cmds": "string",
- "check_encrypted": true,
- "cmd_validity": [
- {
- "command": "string",
- "format": "string",
- "length": 0
}
], - "def_max_param_len": 0,
- "encrypted_traffic": true,
- "ftp_cmds": "string",
- "ignore_data_chan": true,
- "ignore_telnet_erase_cmds": true,
- "print_cmds": true,
- "telnet_cmds": true
}, - "gtp_inspect": {
- "version": 0,
- "messages": [
- {
- "type": 0,
- "name": "string"
}
], - "infos": [
- {
- "type": 0,
- "name": "string",
- "length": 0
}
]
}, - "http2_inspect": {
- "concurrent_streams_limit": 0,
- "settings_max_frame_size": 0
}, - "http_inspect": {
- "request_depth": 0,
- "response_depth": 0,
- "unzip": true,
- "maximum_host_length": 0,
- "maximum_chunk_length": 0,
- "maximum_header_length": 0,
- "maximum_headers": 0,
- "maximum_pipelined_requests": 0,
- "normalize_utf": true,
- "decompress_pdf": true,
- "decompress_swf": true,
- "decompress_zip": true,
- "decompress_vba": true,
- "max_mime_attach": 0,
- "script_detection": true,
- "normalize_javascript": true,
- "max_javascript_whitespaces": 0,
- "bad_characters": [
- "string"
], - "ignore_unreserved": "string",
- "percent_u": true,
- "utf8": true,
- "utf8_bare_byte": true,
- "iis_unicode": true,
- "iis_unicode_map_file": "string",
- "iis_unicode_code_page": 0,
- "iis_double_decode": true,
- "oversize_dir_length": 0,
- "backslash_to_slash": true,
- "plus_to_space": true,
- "simplify_path": true,
- "xff_headers": "string",
- "request_body_app_detection": true,
- "allowed_methods": "string",
- "disallowed_methods": "string"
}, - "imap": {
- "b64_decode_depth": 0,
- "bitenc_decode_depth": 0,
- "decompress_pdf": true,
- "decompress_swf": true,
- "decompress_zip": true,
- "decompress_vba": true,
- "qp_decode_depth": 0,
- "uu_decode_depth": 0
}, - "netflow": {
- "dump_file": "string",
- "update_timeout": 0,
- "rules": [
- {
- "device_ip": "string",
- "exclude": true,
- "zones": "string",
- "networks": "string",
- "create_host": true,
- "create_service": true
}
], - "flow_memcap": 0,
- "template_memcap": 0,
- "netflow_service_id_path": "string"
}, - "normalizer": {
- "ip4": {
- "base": true,
- "df": true,
- "rf": true,
- "tos": true,
- "trim": true
}, - "tcp": {
- "base": true,
- "block": true,
- "urp": true,
- "ips": true,
- "ecn": "string",
- "pad": true,
- "trim_syn": true,
- "trim_rst": true,
- "trim_win": true,
- "trim_mss": true,
- "opts": true,
- "req_urg": true,
- "req_pay": true,
- "rsv": true,
- "req_urp": true,
- "allow_names": [
- "string"
], - "allow_codes": "string"
}, - "ip6": true,
- "icmp4": true,
- "icmp6": true
}, - "packet_capture": {
- "enable": true,
- "filter": "string",
- "group": 0,
- "tenants": "string",
- "check_inner_pkt": true,
- "capture_path": "string",
- "max_packet_count": 0
}, - "perf_monitor": {
- "base": true,
- "cpu": true,
- "flow": true,
- "flow_ip": true,
- "flow_ip_all": true,
- "packets": 0,
- "seconds": 0,
- "flow_ip_memcap": 0,
- "max_file_size": 0,
- "flow_ports": 0,
- "output": "string",
- "modules": [
- {
- "name": "string",
- "pegs": "string"
}
], - "format": "string",
- "summary": true
}, - "pop": {
- "b64_decode_depth": 0,
- "bitenc_decode_depth": 0,
- "decompress_pdf": true,
- "decompress_swf": true,
- "decompress_zip": true,
- "decompress_vba": true,
- "qp_decode_depth": 0,
- "uu_decode_depth": 0
}, - "port_scan": {
- "memcap": 0,
- "protos": [
- "string"
], - "scan_types": [
- "string"
], - "watch_ip": "string",
- "ignore_scanners": "string",
- "ignore_scanned": "string",
- "alert_all": true,
- "include_midstream": true,
- "tcp_ports": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "tcp_decoy": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "tcp_sweep": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "tcp_dist": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "udp_ports": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "udp_decoy": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "udp_sweep": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "udp_dist": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "ip_proto": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "ip_decoy": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "ip_sweep": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "ip_dist": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "icmp_sweep": {
- "scans": 0,
- "rejects": 0,
- "nets": 0,
- "ports": 0
}, - "tcp_window": 0,
- "udp_window": 0,
- "ip_window": 0,
- "icmp_window": 0
}, - "rna": {
- "rna_conf_path": "string",
- "enable_logger": true,
- "log_when_idle": true,
- "dump_file": "string",
- "tcp_fingerprints": [
- {
- "fpid": 0,
- "type": 0,
- "uuid": "string",
- "ttl": 0,
- "tcp_window": "string",
- "mss": "string",
- "id": "string",
- "topts": "string",
- "ws": "string",
- "df": true,
- "ua_type": "string",
- "user_agent": [
- {
- "substring": "string"
}
], - "host_name": "string",
- "device": "string",
- "dhcp55": "string",
- "dhcp60": "string",
- "major": 0,
- "minor": 0,
- "flags": 0
}
], - "ua_fingerprints": [
- {
- "fpid": 0,
- "type": 0,
- "uuid": "string",
- "ttl": 0,
- "tcp_window": "string",
- "mss": "string",
- "id": "string",
- "topts": "string",
- "ws": "string",
- "df": true,
- "ua_type": "string",
- "user_agent": [
- {
- "substring": "string"
}
], - "host_name": "string",
- "device": "string",
- "dhcp55": "string",
- "dhcp60": "string",
- "major": 0,
- "minor": 0,
- "flags": 0
}
], - "udp_fingerprints": [
- {
- "fpid": 0,
- "type": 0,
- "uuid": "string",
- "ttl": 0,
- "tcp_window": "string",
- "mss": "string",
- "id": "string",
- "topts": "string",
- "ws": "string",
- "df": true,
- "ua_type": "string",
- "user_agent": [
- {
- "substring": "string"
}
], - "host_name": "string",
- "device": "string",
- "dhcp55": "string",
- "dhcp60": "string",
- "major": 0,
- "minor": 0,
- "flags": 0
}
], - "smb_fingerprints": [
- {
- "fpid": 0,
- "type": 0,
- "uuid": "string",
- "ttl": 0,
- "tcp_window": "string",
- "mss": "string",
- "id": "string",
- "topts": "string",
- "ws": "string",
- "df": true,
- "ua_type": "string",
- "user_agent": [
- {
- "substring": "string"
}
], - "host_name": "string",
- "device": "string",
- "dhcp55": "string",
- "dhcp60": "string",
- "major": 0,
- "minor": 0,
- "flags": 0
}
]
}, - "sip": {
- "ignore_call_channel": true,
- "max_call_id_len": 0,
- "max_contact_len": 0,
- "max_content_len": 0,
- "max_dialogs": 0,
- "max_from_len": 0,
- "max_request_name_len": 0,
- "max_to_len": 0,
- "max_uri_len": 0,
- "max_via_len": 0,
- "methods": "string",
- "sip_timeout": 0,
- "sip_media_timeout": 0,
- "sip_invite_timeout": 0,
- "sip_disconnect_timeout": 0
}, - "smtp": {
- "alt_max_command_line_len": [
- {
- "command": "string",
- "length": 0
}
], - "auth_cmds": "string",
- "b64_decode_depth": 0,
- "binary_data_cmds": "string",
- "bitenc_decode_depth": 0,
- "data_cmds": "string",
- "decompress_pdf": true,
- "decompress_swf": true,
- "decompress_zip": true,
- "decompress_vba": true,
- "email_hdrs_log_depth": 0,
- "ignore_data": true,
- "ignore_tls_data": true,
- "invalid_cmds": "string",
- "log_email_hdrs": true,
- "log_filename": true,
- "log_mailfrom": true,
- "log_rcptto": true,
- "max_auth_command_line_len": 0,
- "max_command_line_len": 0,
- "max_header_line_len": 0,
- "max_response_line_len": 0,
- "normalize": "string",
- "normalize_cmds": "string",
- "qp_decode_depth": 0,
- "uu_decode_depth": 0,
- "valid_cmds": "string",
- "xlink2state": "string"
}, - "snort_ml": {
- "uri_depth": 0,
- "client_body_depth": 0,
- "http_param_threshold": 0.1
}, - "snort_ml_engine": {
- "http_param_model": "string"
}, - "ssh": {
- "max_encrypted_packets": 0,
- "max_client_bytes": 0,
- "max_server_version_len": 0
}, - "ssl": {
- "trust_servers": true,
- "max_heartbeat_length": 0
}, - "stream": {
- "held_packet_timeout": 0,
- "ip_frags_only": true,
- "max_flows": 0,
- "prune_flows": 0,
- "pruning_timeout": 0,
- "require_3whs": 0,
- "allowlist_cache": {
- "enable": true,
- "move_on_excess": true
}, - "drop_stale_packets": true,
- "ip_cache": {
- "idle_timeout": 0
}, - "icmp_cache": {
- "idle_timeout": 0
}, - "tcp_cache": {
- "idle_timeout": 0
}, - "udp_cache": {
- "idle_timeout": 0
}, - "user_cache": {
- "idle_timeout": 0
}, - "file_cache": {
- "idle_timeout": 0
}
}, - "stream_file": {
- "upload": true
}, - "stream_icmp": {
- "session_timeout": 0
}, - "stream_ip": {
- "max_frags": 0,
- "max_overlaps": 0,
- "min_frag_length": 0,
- "min_ttl": 0,
- "policy": "string",
- "session_timeout": 0
}, - "stream_tcp": {
- "flush_factor": 0,
- "max_window": 0,
- "overlap_limit": 0,
- "max_pdu": 0,
- "no_ack": true,
- "policy": "string",
- "reassemble_async": true,
- "show_rebuilt_packets": true,
- "queue_limit": {
- "max_bytes": 0,
- "max_segments": 0,
- "asymmetric_ids_flush_threshold": 0
}, - "small_segments": {
- "count": 0,
- "maximum_size": 0
}, - "session_timeout": 0,
- "track_only": true,
- "embryonic_timeout": 0,
- "idle_timeout": 0
}, - "stream_udp": {
- "session_timeout": 0
}, - "stream_user": {
- "session_timeout": 0
}, - "telnet": {
- "ayt_attack_thresh": 0,
- "check_encrypted": true,
- "encrypted_traffic": true,
- "normalize": true
}, - "tlv_pdu": {
- "offset": 0,
- "size": 0,
- "skip": 0,
- "relative": true
}, - "wizard": {
- "hexes": [
- {
- "service": "string",
- "proto": "string",
- "to_server": [
- {
- "hex": "string"
}
], - "to_client": [
- {
- "hex": "string"
}
]
}
], - "spells": [
- {
- "service": "string",
- "proto": "string",
- "to_server": [
- {
- "spell": "string"
}
], - "to_client": [
- {
- "spell": "string"
}
]
}
], - "curses": [
- "string"
], - "max_search_depth": 0
}
}, - "reputation": {
- "enable": true,
- "max_mem_mb": 0,
- "scan_local": true,
- "nested_ip": "string",
- "priority_allowlist": true,
- "allowlist_trust": true,
- "blocklist_names": [
- "string"
], - "allowlist_names": [
- "string"
]
}, - "rule_sets": {
- "rulesets": [
- {
- "name": "string",
- "policy": "string",
- "cat": [
- "string"
]
}
], - "overrides": [
- {
- "gid": "string",
- "sid": "string",
- "enable": true,
- "suppress": true,
- "reset_entry": true
}
]
}, - "raw_config": "string",
- "config_path": "string",
- "custom_raw_config": "string"
}| id required | string |
| action | string start, stop, reload, restart |
{- "action": "string"
}{- "result": "string"
}{- "alerts": [
- {
- "timestamp": 0,
- "priority": 0,
- "protocol": "string",
- "class": "string",
- "src_addr": "string",
- "src_port": 0,
- "dst_addr": "string",
- "dst_port": 0,
- "sid": 0,
- "gid": 0,
- "descr": "string",
- "action": "string"
}
]
}Set the interfaces list of the snort configuration. If no interfaces are provided, then the configuration is disabled. It cannot be enabled until one or more interfaces are applied.
When the interface list changes, the snort service will be restarted to apply interface set.
| id required | string |
| interfaces | Array of strings |
{- "interfaces": [
- "string"
]
}{- "result": "string"
}| id required | string |
{- "rulesets": [
- {
- "name": "string",
- "ruleset_type": "string",
- "rules": [
- {
- "action": "string",
- "gid": "string",
- "sid": "string",
- "proto": "string",
- "src": "string",
- "src_port": "string",
- "dst": "string",
- "dst_port": "string",
- "msg": "string",
- "rawrule": "string",
- "orig_disabled": true,
- "user_disabled": true,
- "ips_enabled": true,
- "user_override": "string",
- "cat": "string",
- "ruleset": "string"
}
], - "cat": [
- "string"
]
}
]
}Set the interface configuration to use the specified rulesets.
If Talos LightSPD rulesets are used, then the snort configuration will use the Lua scripts provided by the package, with overrides applied as required. All other rulesets are ignored.
For other rulesets, select the rules file to apply.
Note that when this API handler completes, a new Snort configuration will be generated for the interface and the snort Service is restarted (if it was running).
| id required | string |
Array of objects (SnortIntfRulesetOpt) | |
Array of objects (SnortRuleToggleEntry) |
{- "rulesets": [
- {
- "name": "string",
- "policy": "string",
- "cat": [
- "string"
]
}
], - "overrides": [
- {
- "gid": "string",
- "sid": "string",
- "enable": true,
- "suppress": true,
- "reset_entry": true
}
]
}{- "rulesets": [
- {
- "name": "string",
- "ruleset_type": "string",
- "rules": [
- {
- "action": "string",
- "gid": "string",
- "sid": "string",
- "proto": "string",
- "src": "string",
- "src_port": "string",
- "dst": "string",
- "dst_port": "string",
- "msg": "string",
- "rawrule": "string",
- "orig_disabled": true,
- "user_disabled": true,
- "ips_enabled": true,
- "user_override": "string",
- "cat": "string",
- "ruleset": "string"
}
], - "cat": [
- "string"
]
}
]
}Get the list of rule state customizations. The returned list can be used as a template to apply to other interface configurations.
| id required | string |
{- "rule_options": [
- {
- "gid": "string",
- "sid": "string",
- "enable": true,
- "suppress": true,
- "reset_entry": true
}
], - "reset_all": true
}| id required | string |
Array of objects (SnortRuleToggleEntry) | |
| reset_all | boolean reset all rule overrides; rule_options is ignored |
{- "rule_options": [
- {
- "gid": "string",
- "sid": "string",
- "enable": true,
- "suppress": true,
- "reset_entry": true
}
], - "reset_all": true
}{- "result": "string"
}{- "pass_lists": [
- {
- "name": "string",
- "descr": "string",
- "local_networks": true,
- "wan_gateways": true,
- "wan_dns_servers": true,
- "virtual_ips": true,
- "vpn_addrs": true,
- "aliases": [
- "string"
], - "addresses": [
- "string"
], - "new_name": "string"
}
]
}Pass Lists are lists of IP addresses that Snort should never block. Pass lists can be created and managed on the Pass Lists tab. When an IP address is listed on a Pass List, Snort will never insert a block on that address even when malicious traffic is detected.
When a pass list is applied to an interface configuration, it will white list those addresses in Snort as part of the reputation allowlist.
| name | string unique name for pass list |
| descr | string |
| local_networks | boolean add firewall locally-attached networks to the list |
| wan_gateways | boolean add WAN gateways |
| wan_dns_servers | boolean add WAN DNS servers |
| virtual_ips | boolean add virtual IP addresses |
| vpn_addrs | boolean add VPN addresses |
| aliases | Array of strings |
| addresses | Array of strings |
| new_name | string for updating with new name |
{- "name": "string",
- "descr": "string",
- "local_networks": true,
- "wan_gateways": true,
- "wan_dns_servers": true,
- "virtual_ips": true,
- "vpn_addrs": true,
- "aliases": [
- "string"
], - "addresses": [
- "string"
], - "new_name": "string"
}{- "pass_lists": [
- {
- "name": "string",
- "descr": "string",
- "local_networks": true,
- "wan_gateways": true,
- "wan_dns_servers": true,
- "virtual_ips": true,
- "vpn_addrs": true,
- "aliases": [
- "string"
], - "addresses": [
- "string"
], - "new_name": "string"
}
]
}{- "rulesets": [
- {
- "name": "string",
- "ruleset_type": "string",
- "policies": [
- "string"
], - "rules": {
- "property1": [
- {
- "action": "string",
- "gid": "string",
- "sid": "string",
- "proto": "string",
- "src": "string",
- "src_port": "string",
- "dst": "string",
- "dst_port": "string",
- "msg": "string",
- "rawrule": "string",
- "orig_disabled": true,
- "user_disabled": true,
- "ips_enabled": true,
- "user_override": "string",
- "cat": "string",
- "ruleset": "string"
}
], - "property2": [
- {
- "action": "string",
- "gid": "string",
- "sid": "string",
- "proto": "string",
- "src": "string",
- "src_port": "string",
- "dst": "string",
- "dst_port": "string",
- "msg": "string",
- "rawrule": "string",
- "orig_disabled": true,
- "user_disabled": true,
- "ips_enabled": true,
- "user_override": "string",
- "cat": "string",
- "ruleset": "string"
}
]
}, - "ips_states": {
- "property1": [
- {
- "action": "string",
- "gid": "string",
- "sid": "string",
- "enable": true
}
], - "property2": [
- {
- "action": "string",
- "gid": "string",
- "sid": "string",
- "enable": true
}
]
}, - "so_rules": {
- "property1": [
- {
- "action": "string",
- "gid": "string",
- "sid": "string",
- "proto": "string",
- "src": "string",
- "src_port": "string",
- "dst": "string",
- "dst_port": "string",
- "msg": "string",
- "rawrule": "string",
- "orig_disabled": true,
- "user_disabled": true,
- "ips_enabled": true,
- "user_override": "string",
- "cat": "string",
- "ruleset": "string"
}
], - "property2": [
- {
- "action": "string",
- "gid": "string",
- "sid": "string",
- "proto": "string",
- "src": "string",
- "src_port": "string",
- "dst": "string",
- "dst_port": "string",
- "msg": "string",
- "rawrule": "string",
- "orig_disabled": true,
- "user_disabled": true,
- "ips_enabled": true,
- "user_override": "string",
- "cat": "string",
- "ruleset": "string"
}
]
}, - "so_ips_states": {
- "property1": [
- {
- "action": "string",
- "gid": "string",
- "sid": "string",
- "enable": true
}
], - "property2": [
- {
- "action": "string",
- "gid": "string",
- "sid": "string",
- "enable": true
}
]
}, - "archive_info": {
- "files": [
- "string"
], - "version": "string",
- "download_time": "string",
- "download_location": "string",
- "in_progress": true,
- "percent_avail": 0
}, - "errors": [
- "string"
]
}
]
}Upload the rule set, specifying a name to give to it. The contents can be a single .rules file or an archive containing a batch of rules. Archive contents will be inspected to locate .rules files in the following manner:
The request can be a regular API call with SnortRulesUploadReq provided, or as a multi-part piece, with the SnortRulesUploadReq in the req section, and the archive or rules file in the rules section.
How the upload request is handled:
object (SnortRulesUploadReq) | |
| rules | string <binary> |
{- "result": "string"
}{- "name": "string",
- "ruleset_type": "string",
- "policies": [
- "string"
], - "rules": {
- "property1": [
- {
- "action": "string",
- "gid": "string",
- "sid": "string",
- "proto": "string",
- "src": "string",
- "src_port": "string",
- "dst": "string",
- "dst_port": "string",
- "msg": "string",
- "rawrule": "string",
- "orig_disabled": true,
- "user_disabled": true,
- "ips_enabled": true,
- "user_override": "string",
- "cat": "string",
- "ruleset": "string"
}
], - "property2": [
- {
- "action": "string",
- "gid": "string",
- "sid": "string",
- "proto": "string",
- "src": "string",
- "src_port": "string",
- "dst": "string",
- "dst_port": "string",
- "msg": "string",
- "rawrule": "string",
- "orig_disabled": true,
- "user_disabled": true,
- "ips_enabled": true,
- "user_override": "string",
- "cat": "string",
- "ruleset": "string"
}
]
}, - "ips_states": {
- "property1": [
- {
- "action": "string",
- "gid": "string",
- "sid": "string",
- "enable": true
}
], - "property2": [
- {
- "action": "string",
- "gid": "string",
- "sid": "string",
- "enable": true
}
]
}, - "so_rules": {
- "property1": [
- {
- "action": "string",
- "gid": "string",
- "sid": "string",
- "proto": "string",
- "src": "string",
- "src_port": "string",
- "dst": "string",
- "dst_port": "string",
- "msg": "string",
- "rawrule": "string",
- "orig_disabled": true,
- "user_disabled": true,
- "ips_enabled": true,
- "user_override": "string",
- "cat": "string",
- "ruleset": "string"
}
], - "property2": [
- {
- "action": "string",
- "gid": "string",
- "sid": "string",
- "proto": "string",
- "src": "string",
- "src_port": "string",
- "dst": "string",
- "dst_port": "string",
- "msg": "string",
- "rawrule": "string",
- "orig_disabled": true,
- "user_disabled": true,
- "ips_enabled": true,
- "user_override": "string",
- "cat": "string",
- "ruleset": "string"
}
]
}, - "so_ips_states": {
- "property1": [
- {
- "action": "string",
- "gid": "string",
- "sid": "string",
- "enable": true
}
], - "property2": [
- {
- "action": "string",
- "gid": "string",
- "sid": "string",
- "enable": true
}
]
}, - "archive_info": {
- "files": [
- "string"
], - "version": "string",
- "download_time": "string",
- "download_location": "string",
- "in_progress": true,
- "percent_avail": 0
}, - "errors": [
- "string"
]
}Obtain the contents of the specified file in the ruleset. This is intended for inspecting scripts provided by it.
| name required | string |
| file required | string |
{- "filename": "string",
- "ruleset": "string",
- "contents": "string",
- "content_type": "string"
}Suppression Lists allow control over the alerts generated by Snort rules. When an alert is suppressed, then Snort no longer logs an alert entry (or blocks the IP address if block offenders is enabled) when a particular rule fires. Snort still inspects all network traffic against the rule, but even when traffic matches the rule signature, no alert will be generated.
This function supports both v2 and Lua based suppression list definitions.
Refer to https://www.snort.org/faq/readme-filters for the valid commands that can be set in the suppression lists; these include:
| name | string |
| descr | string |
| text | string text contents of suppression list |
| new_name | string for updating an existing suppression list |
| lua_text | string |
{- "name": "string",
- "descr": "string",
- "text": "string",
- "new_name": "string",
- "lua_text": "string"
}{- "suppress_lists": [
- {
- "name": "string",
- "descr": "string"
}
]
}| name | string |
| enabled | boolean |
| mode | string block, alias |
{- "items": [
- {
- "id": "string",
- "name": "string",
- "enabled": true,
- "mode": "string",
- "threatClass": {
- "countries": [
- "string"
], - "asns": [
- "string"
], - "categories": [
- "string"
]
}, - "cidrs": [
- "string"
], - "domains": [
- "string"
]
}
]
}| id | string |
| name | string |
| enabled | boolean |
| mode | string block, alias |
object (ThreatClass) | |
| cidrs | Array of strings |
| domains | Array of strings |
{- "id": "string",
- "name": "string",
- "enabled": true,
- "mode": "string",
- "threatClass": {
- "countries": [
- "string"
], - "asns": [
- "string"
], - "categories": [
- "string"
]
}, - "cidrs": [
- "string"
], - "domains": [
- "string"
]
}{- "id": "string",
- "name": "string",
- "enabled": true,
- "mode": "string",
- "threatClass": {
- "countries": [
- "string"
], - "asns": [
- "string"
], - "categories": [
- "string"
]
}, - "cidrs": [
- "string"
], - "domains": [
- "string"
]
}{- "id": "string",
- "name": "string",
- "enabled": true,
- "mode": "string",
- "threatClass": {
- "countries": [
- "string"
], - "asns": [
- "string"
], - "categories": [
- "string"
]
}, - "cidrs": [
- "string"
], - "domains": [
- "string"
]
}{- "id": "string",
- "name": "string",
- "enabled": true,
- "mode": "string",
- "threatClass": {
- "countries": [
- "string"
], - "asns": [
- "string"
], - "categories": [
- "string"
]
}, - "cidrs": [
- "string"
], - "domains": [
- "string"
]
}| name | string |
| enabled | boolean |
| mode | string block, alias |
{- "items": [
- {
- "id": "string",
- "name": "string",
- "enabled": true,
- "mode": "string",
- "url": "string",
- "headers": {
- "property1": "string",
- "property2": "string"
}, - "suppressDomains": [
- "string"
], - "suppressPrefixes": [
- "string"
]
}
]
}| id | string |
| name | string |
| enabled | boolean |
| mode | string block, alias |
| url | string Valid url http/https |
object | |
| suppressDomains | Array of strings |
| suppressPrefixes | Array of strings |
{- "id": "string",
- "name": "string",
- "enabled": true,
- "mode": "string",
- "url": "string",
- "headers": {
- "property1": "string",
- "property2": "string"
}, - "suppressDomains": [
- "string"
], - "suppressPrefixes": [
- "string"
]
}{- "id": "string",
- "name": "string",
- "enabled": true,
- "mode": "string",
- "url": "string",
- "headers": {
- "property1": "string",
- "property2": "string"
}, - "suppressDomains": [
- "string"
], - "suppressPrefixes": [
- "string"
]
}{- "id": "string",
- "name": "string",
- "enabled": true,
- "mode": "string",
- "url": "string",
- "headers": {
- "property1": "string",
- "property2": "string"
}, - "suppressDomains": [
- "string"
], - "suppressPrefixes": [
- "string"
]
}{- "id": "string",
- "name": "string",
- "enabled": true,
- "mode": "string",
- "url": "string",
- "headers": {
- "property1": "string",
- "property2": "string"
}, - "suppressDomains": [
- "string"
], - "suppressPrefixes": [
- "string"
]
}{- "config": {
- "enable": true,
- "enable_upnp": true,
- "enable_natpmp": true,
- "ext_iface": "string",
- "iface_array": [
- "string"
], - "download": "string",
- "upload": "string",
- "overridewanip": "string",
- "upnpqueue": "string",
- "logpackets": true,
- "sysuptime": true,
- "permdefault": true,
- "row": [
- {
- "id": "string",
- "permuser": "string"
}
], - "presentationurl": "string",
- "modelnumber": "string",
- "enable_stun": true,
- "stun_host": "string",
- "stun_port": "string"
}, - "interfaces": [
- "string"
]
}{- "config": {
- "enable": true,
- "enable_upnp": true,
- "enable_natpmp": true,
- "ext_iface": "string",
- "iface_array": [
- "string"
], - "download": "string",
- "upload": "string",
- "overridewanip": "string",
- "upnpqueue": "string",
- "logpackets": true,
- "sysuptime": true,
- "permdefault": true,
- "row": [
- {
- "id": "string",
- "permuser": "string"
}
], - "presentationurl": "string",
- "modelnumber": "string",
- "enable_stun": true,
- "stun_host": "string",
- "stun_port": "string"
}
}{- "result": "string"
}object (AwsWizardVpc) | |
| loc_if_ident | string interface for the local endpoint of the tunnels |
| loccidrs | Array of strings |
| routing | string Enum: "static" "BGP" routing type |
| custgwcfg | string base64 encoded customer gateway configuration |
{- "vpc": {
- "vpcid": "string",
- "cidrblock": "string"
}, - "loc_if_ident": "string",
- "loccidrs": [
- "string"
], - "routing": "static",
- "custgwcfg": "string"
}{- "result": "string"
}object (AwsWizardCred) | |
object (AwsWizardVpc) | |
| vp_gw_id | string virtual private gateway id |
| routing | string Enum: "static" "BGP" routing type |
| bgpasn | string bgp as number. Defaults to 65000 |
| locpubip | string local public ip address |
| loccidrs | Array of strings |
| updatesecgroups | boolean update security groups |
| max_wait_time | integer maximum number of minute to wait for the vpn to be created. default 15 mintues |
{- "cred": {
- "awskey": "string",
- "secret": "string",
- "awsrole": "string",
- "partition": "aws",
- "region": "string"
}, - "vpc": {
- "vpcid": "string",
- "cidrblock": "string"
}, - "vp_gw_id": "string",
- "routing": "static",
- "bgpasn": "string",
- "locpubip": "string",
- "loccidrs": [
- "string"
], - "updatesecgroups": true,
- "max_wait_time": 0
}{- "vpnconnid": "string",
- "custgwcfg": "string"
}| awskey | string access key id |
| secret | string aws secret key |
| awsrole | string use ec2 instance profile to assume role instead of keys |
| partition | string Enum: "aws" "aws-us-gov" the aws partition the vpc resides in |
| region | string aws region for the operation, set it to empty string when list regions |
{- "awskey": "string",
- "secret": "string",
- "awsrole": "string",
- "partition": "aws",
- "region": "string"
}{- "regions": [
- "string"
]
}| awskey | string access key id |
| secret | string aws secret key |
| awsrole | string use ec2 instance profile to assume role instead of keys |
| partition | string Enum: "aws" "aws-us-gov" the aws partition the vpc resides in |
| region | string aws region for the operation, set it to empty string when list regions |
{- "awskey": "string",
- "secret": "string",
- "awsrole": "string",
- "partition": "aws",
- "region": "string"
}{- "vpcs": [
- {
- "vpcid": "string",
- "cidrblock": "string"
}
]
}object (AwsWizardCred) | |
object (AwsWizardVpc) |
{- "cred": {
- "awskey": "string",
- "secret": "string",
- "awsrole": "string",
- "partition": "aws",
- "region": "string"
}, - "vpc": {
- "vpcid": "string",
- "cidrblock": "string"
}
}{- "vp_gw_id": "string"
}{- "phase1": [
- {
- "ikeid": "string",
- "iketype": "string",
- "interface": "string",
- "remote_gateway": "string",
- "protocol": "string",
- "myid_type": "string",
- "myid_data": "string",
- "peerid_type": "string",
- "peerid_data": "string",
- "encryption": {
- "item": [
- {
- "encryption_algorithm": {
- "name": "string",
- "keylen": "string"
}, - "hash_algorithm": "string",
- "prf_algorithm": "string",
- "dhgroup": "string"
}
]
}, - "lifetime": 0,
- "rekey_time": 0,
- "reauth_time": 0,
- "rand_time": 0,
- "pre_shared_key": "string",
- "private_key": "string",
- "certref": "string",
- "pkcs11certref": "string",
- "pkcs11pin": "string",
- "caref": "string",
- "authentication_method": "string",
- "descr": "string",
- "nat_traversal": "string",
- "mobike": "string",
- "startaction": "string",
- "closeaction": "string",
- "dpd_delay": 0,
- "dpd_maxfail": 0,
- "prfselect_enable": true,
- "gw_duplicates": true,
- "mobile": true,
- "disabled": true
}
], - "phase2": [
- {
- "ikeid": "string",
- "uniqid": "string",
- "mode": "string",
- "reqid": "string",
- "localid": {
- "type": "string",
- "address": "string",
- "netbits": "string"
}, - "remoteid": {
- "type": "string",
- "address": "string",
- "netbits": "string"
}, - "protocol": "string",
- "encryption_algorithm_option": [
- {
- "name": "string",
- "keylen": "string"
}
], - "hash_algorithm_option": [
- "string"
], - "pfsgroup": "string",
- "lifetime": 0,
- "rekey_time": 0,
- "rand_time": 0,
- "pinghost": "string",
- "keepalive": true,
- "mobile": true,
- "disabled": true,
- "descr": "string"
}
], - "ipsec_capable_ifs": [
- {
- "if_identity": "string",
- "if_assigned_name": "string"
}
]
}{- "logging": {
- "dmn": "string",
- "mgr": "string",
- "ike": "string",
- "chd": "string",
- "job": "string",
- "cfg": "string",
- "knl": "string",
- "net": "string",
- "asn": "string",
- "enc": "string",
- "imc": "string",
- "imv": "string",
- "pts": "string",
- "tls": "string",
- "esp": "string",
- "lib": "string"
}, - "async_crypto": true,
- "uniqueids": "string",
- "filtermode": "string",
- "bypassrules": {
- "rules": [
- {
- "source": "string",
- "sourcemask": "string",
- "destination": "string",
- "dstmask": "string"
}
]
}, - "pkcs11support": true,
- "enableinterfacesuse": true,
- "unityplugin": true,
- "strictcrlpolicy": true,
- "makebeforebreak": true,
- "ipsecbypass": true,
- "acceptunencryptedmainmode": true,
- "maxexchange": 0,
- "port_nat_t": 0,
- "port": 0,
- "compression": true,
- "noshuntlaninterfaces": true,
- "maxmss": "string",
- "dns_interval": 0,
- "ikev2_retransmit_enable": true,
- "ikev2_retransmit_tries": 0,
- "ikev2_retransmit_timeout": 0,
- "ikev2_retransmit_base": 0,
- "ikev2_retransmit_jitter": 0,
- "ikev2_retransmit_limit": 0
}object (IPSecLogging) | |
| async_crypto | boolean |
| uniqueids | string |
| filtermode | string |
object (IPSecBypassRules) | |
| pkcs11support | boolean |
| enableinterfacesuse | boolean |
| unityplugin | boolean |
| strictcrlpolicy | boolean |
| makebeforebreak | boolean |
| ipsecbypass | boolean |
| acceptunencryptedmainmode | boolean |
| maxexchange | integer |
| port_nat_t | integer |
| port | integer |
| compression | boolean |
| noshuntlaninterfaces | boolean |
| maxmss | string |
| dns_interval | integer |
| ikev2_retransmit_enable | boolean |
| ikev2_retransmit_tries | integer |
| ikev2_retransmit_timeout | integer |
| ikev2_retransmit_base | integer |
| ikev2_retransmit_jitter | integer |
| ikev2_retransmit_limit | integer |
{- "logging": {
- "dmn": "string",
- "mgr": "string",
- "ike": "string",
- "chd": "string",
- "job": "string",
- "cfg": "string",
- "knl": "string",
- "net": "string",
- "asn": "string",
- "enc": "string",
- "imc": "string",
- "imv": "string",
- "pts": "string",
- "tls": "string",
- "esp": "string",
- "lib": "string"
}, - "async_crypto": true,
- "uniqueids": "string",
- "filtermode": "string",
- "bypassrules": {
- "rules": [
- {
- "source": "string",
- "sourcemask": "string",
- "destination": "string",
- "dstmask": "string"
}
]
}, - "pkcs11support": true,
- "enableinterfacesuse": true,
- "unityplugin": true,
- "strictcrlpolicy": true,
- "makebeforebreak": true,
- "ipsecbypass": true,
- "acceptunencryptedmainmode": true,
- "maxexchange": 0,
- "port_nat_t": 0,
- "port": 0,
- "compression": true,
- "noshuntlaninterfaces": true,
- "maxmss": "string",
- "dns_interval": 0,
- "ikev2_retransmit_enable": true,
- "ikev2_retransmit_tries": 0,
- "ikev2_retransmit_timeout": 0,
- "ikev2_retransmit_base": 0,
- "ikev2_retransmit_jitter": 0,
- "ikev2_retransmit_limit": 0
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "client": {
- "enable": true,
- "radiusaccounting": true,
- "user_source": "string",
- "user_source_array": [
- "string"
], - "group_source": true,
- "auth_groups": "string",
- "auth_groups_array": [
- "string"
], - "pool_address": "string",
- "pool_netbits": "string",
- "pool_address_v6": "string",
- "pool_netbits_v6": "string",
- "net_list": true,
- "save_passwd": true,
- "dns_domain": "string",
- "dns_split": "string",
- "dns_server1": "string",
- "dns_server2": "string",
- "dns_server3": "string",
- "dns_server4": "string",
- "wins_server1": "string",
- "wins_server2": "string",
- "pfs_group": "string",
- "login_banner": "string",
- "radius_ip_priority_enable": true,
- "radius_retransmit_base": "string",
- "radius_retransmit_timeout": "string",
- "radius_retransmit_tries": "string",
- "radius_sockets": "string"
}, - "user_groups": [
- {
- "name": "string",
- "description": "string",
- "scope": "string",
- "gid": 0,
- "members": [
- 0
], - "privs": [
- "string"
]
}
], - "auth_servers": {
- "active_type": "string",
- "active_name": "string",
- "ldap": [
- {
- "type": "string",
- "name": "string",
- "host": "string",
- "version": 0,
- "port": 0,
- "transport": "string",
- "timeout": 0,
- "search_scope": "string",
- "base_dn": "string",
- "auth_containers": "string",
- "extended_query": "string",
- "extended_enabled": true,
- "bind_user_dn": "string",
- "bind_password": "string",
- "user_naming_attrib": "string",
- "group_naming_attrib": "string",
- "group_member_attrib": "string",
- "rfc2307": true,
- "rfc2307_group_class": "string",
- "rfc2307_use_userdn": true,
- "rfc2307_group_use_basedn": true,
- "shell_group_dn": "string",
- "username_alterations": true,
- "utf8_encode": true,
- "unauthenticated_bind": true,
- "no_strip_at": true,
- "caref": "string",
- "certref": "string",
- "refid": "string",
- "nexus_group_prefix": "string"
}
], - "radius": [
- {
- "type": "string",
- "name": "string",
- "host": "string",
- "protocol": "string",
- "nasip_attribute": "string",
- "secret": "string",
- "timeout": 0,
- "auth_port": 0,
- "acct_port": 0,
- "refid": "string"
}
], - "saml": [
- {
- "type": "string",
- "name": "string",
- "enable": true,
- "entity_id": "string",
- "acs_url": "string",
- "metadata_url": "string",
- "idp_entity_id": "string",
- "idp_sso_url": "string",
- "idp_cert_pem": "string",
- "sp_cert_pem": "string",
- "sp_key_pem": "string",
- "sign_requests": true,
- "user_attr": "string",
- "group_attr": "string",
- "session_timeout": 0,
- "group_map": {
- "property1": "string",
- "property2": "string"
}
}
], - "local": {
- "name": "string",
- "type": "string",
- "host": "string"
}, - "radius_nas_list": [
- {
- "value": "string",
- "text": "string"
}
]
}
}| enable required | boolean |
| radiusaccounting | boolean |
| user_source | string |
| user_source_array | Array of strings |
| group_source | boolean |
| auth_groups | string |
| auth_groups_array | Array of strings |
| pool_address | string |
| pool_netbits | string |
| pool_address_v6 | string |
| pool_netbits_v6 | string |
| net_list | boolean |
| save_passwd | boolean |
| dns_domain | string |
| dns_split | string |
| dns_server1 | string |
| dns_server2 | string |
| dns_server3 | string |
| dns_server4 | string |
| wins_server1 | string |
| wins_server2 | string |
| pfs_group | string |
| login_banner | string |
| radius_ip_priority_enable | boolean |
| radius_retransmit_base | string |
| radius_retransmit_timeout | string |
| radius_retransmit_tries | string |
| radius_sockets | string |
{- "enable": true,
- "radiusaccounting": true,
- "user_source": "string",
- "user_source_array": [
- "string"
], - "group_source": true,
- "auth_groups": "string",
- "auth_groups_array": [
- "string"
], - "pool_address": "string",
- "pool_netbits": "string",
- "pool_address_v6": "string",
- "pool_netbits_v6": "string",
- "net_list": true,
- "save_passwd": true,
- "dns_domain": "string",
- "dns_split": "string",
- "dns_server1": "string",
- "dns_server2": "string",
- "dns_server3": "string",
- "dns_server4": "string",
- "wins_server1": "string",
- "wins_server2": "string",
- "pfs_group": "string",
- "login_banner": "string",
- "radius_ip_priority_enable": true,
- "radius_retransmit_base": "string",
- "radius_retransmit_timeout": "string",
- "radius_retransmit_tries": "string",
- "radius_sockets": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| id | string generated by system when create group pool |
| ident required | Array of strings |
| pool_address required | string must be ipv4 address |
| pool_netbits required | integer [ 0 .. 32 ] subnet for the pool address |
| dns_address | string optional, if used, must be ipv4 address |
{- "id": "string",
- "ident": [
- "string"
], - "pool_address": "string",
- "pool_netbits": 32,
- "dns_address": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| id required | string |
| id | string generated by system when create group pool |
| ident required | Array of strings |
| pool_address required | string must be ipv4 address |
| pool_netbits required | integer [ 0 .. 32 ] subnet for the pool address |
| dns_address | string optional, if used, must be ipv4 address |
{- "id": "string",
- "ident": [
- "string"
], - "pool_address": "string",
- "pool_netbits": 32,
- "dns_address": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| connect_p1 | boolean |
| p1_ikeid | string |
| connect_p2 | boolean |
| p2_reqid | string |
{- "connect_p1": true,
- "p1_ikeid": "string",
- "connect_p2": true,
- "p2_reqid": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| phase | string Enum: "1" "2" |
| conid | string |
| uniqueid | string |
{- "phase": "1",
- "conid": "string",
- "uniqueid": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "installed": true,
- "mobile_p1_exist": true,
- "mobile_p2_exist": true,
- "mobile_p2_is_tunnel": true,
- "mobile_p1_descr": "string",
- "mobile_p1_authmethod": "string",
- "system_hostname": "string",
- "server_addresses": [
- "string"
], - "vpnclients": [
- {
- "value": "string",
- "text": "string"
}
]
}| target required | string |
| name | string the name of the VPN |
| server_address | string the server address to be used by the client |
| server_hostname | string address to which clients will connect when server_address value is "Custom Hostname" |
| vpnclient | string (for target apple) the client to export |
| external_username | string (for target apple) this is the username when vpnclient value is " |
| user_certref | string (for target windows) the TLS client certificate to include in the download archive |
| download | boolean indicate whether response http header Content-Disposition is set as attachment for front-end to download the exported profile |
{- "name": "string",
- "server_address": "string",
- "server_hostname": "string",
- "vpnclient": "string",
- "external_username": "string",
- "user_certref": "string",
- "download": true
}{- "errcode": 0,
- "errlevel": "string",
- "errmsg": "string",
- "alerts": {
- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}
}| ident | string |
| type | string |
| pre_shared_key | string |
| ident_type | string |
| pool_address | string |
| pool_netbits | string |
| dns_address | string |
{- "ident": "string",
- "type": "string",
- "pre_shared_key": "string",
- "ident_type": "string",
- "pool_address": "string",
- "pool_netbits": "string",
- "dns_address": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| name required | string |
| ident | string |
| type | string |
| pre_shared_key | string |
| ident_type | string |
| pool_address | string |
| pool_netbits | string |
| dns_address | string |
{- "ident": "string",
- "type": "string",
- "pre_shared_key": "string",
- "ident_type": "string",
- "pool_address": "string",
- "pool_netbits": "string",
- "dns_address": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| ikeid | string |
| iketype required | string |
| interface | string |
| remote_gateway | string |
| protocol | string |
| myid_type | string |
| myid_data | string |
| peerid_type | string |
| peerid_data | string |
object (Phase1Encryption) | |
| lifetime | integer |
| rekey_time | integer |
| reauth_time | integer |
| rand_time | integer |
| pre_shared_key | string |
| private_key | string |
| certref | string |
| pkcs11certref | string |
| pkcs11pin | string |
| caref | string |
| authentication_method | string |
| descr | string |
| nat_traversal | string |
| mobike | string |
| startaction | string |
| closeaction | string |
| dpd_delay | integer |
| dpd_maxfail | integer |
| prfselect_enable | boolean |
| gw_duplicates | boolean |
| mobile | boolean |
| disabled | boolean |
{- "ikeid": "string",
- "iketype": "string",
- "interface": "string",
- "remote_gateway": "string",
- "protocol": "string",
- "myid_type": "string",
- "myid_data": "string",
- "peerid_type": "string",
- "peerid_data": "string",
- "encryption": {
- "item": [
- {
- "encryption_algorithm": {
- "name": "string",
- "keylen": "string"
}, - "hash_algorithm": "string",
- "prf_algorithm": "string",
- "dhgroup": "string"
}
]
}, - "lifetime": 0,
- "rekey_time": 0,
- "reauth_time": 0,
- "rand_time": 0,
- "pre_shared_key": "string",
- "private_key": "string",
- "certref": "string",
- "pkcs11certref": "string",
- "pkcs11pin": "string",
- "caref": "string",
- "authentication_method": "string",
- "descr": "string",
- "nat_traversal": "string",
- "mobike": "string",
- "startaction": "string",
- "closeaction": "string",
- "dpd_delay": 0,
- "dpd_maxfail": 0,
- "prfselect_enable": true,
- "gw_duplicates": true,
- "mobile": true,
- "disabled": true
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| ikeid required | string |
| ikeid | string |
| iketype required | string |
| interface | string |
| remote_gateway | string |
| protocol | string |
| myid_type | string |
| myid_data | string |
| peerid_type | string |
| peerid_data | string |
object (Phase1Encryption) | |
| lifetime | integer |
| rekey_time | integer |
| reauth_time | integer |
| rand_time | integer |
| pre_shared_key | string |
| private_key | string |
| certref | string |
| pkcs11certref | string |
| pkcs11pin | string |
| caref | string |
| authentication_method | string |
| descr | string |
| nat_traversal | string |
| mobike | string |
| startaction | string |
| closeaction | string |
| dpd_delay | integer |
| dpd_maxfail | integer |
| prfselect_enable | boolean |
| gw_duplicates | boolean |
| mobile | boolean |
| disabled | boolean |
{- "ikeid": "string",
- "iketype": "string",
- "interface": "string",
- "remote_gateway": "string",
- "protocol": "string",
- "myid_type": "string",
- "myid_data": "string",
- "peerid_type": "string",
- "peerid_data": "string",
- "encryption": {
- "item": [
- {
- "encryption_algorithm": {
- "name": "string",
- "keylen": "string"
}, - "hash_algorithm": "string",
- "prf_algorithm": "string",
- "dhgroup": "string"
}
]
}, - "lifetime": 0,
- "rekey_time": 0,
- "reauth_time": 0,
- "rand_time": 0,
- "pre_shared_key": "string",
- "private_key": "string",
- "certref": "string",
- "pkcs11certref": "string",
- "pkcs11pin": "string",
- "caref": "string",
- "authentication_method": "string",
- "descr": "string",
- "nat_traversal": "string",
- "mobike": "string",
- "startaction": "string",
- "closeaction": "string",
- "dpd_delay": 0,
- "dpd_maxfail": 0,
- "prfselect_enable": true,
- "gw_duplicates": true,
- "mobile": true,
- "disabled": true
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| ikeid | string |
| uniqid | string |
| mode | string |
| reqid | string |
object (Phase2LocalId) | |
object (Phase2RemoteId) | |
| protocol | string |
Array of objects (EncryptionAlgorithm) | |
| hash_algorithm_option | Array of strings |
| pfsgroup | string |
| lifetime | integer |
| rekey_time | integer |
| rand_time | integer |
| pinghost | string |
| keepalive | boolean |
| mobile | boolean |
| disabled | boolean |
| descr | string |
{- "ikeid": "string",
- "uniqid": "string",
- "mode": "string",
- "reqid": "string",
- "localid": {
- "type": "string",
- "address": "string",
- "netbits": "string"
}, - "remoteid": {
- "type": "string",
- "address": "string",
- "netbits": "string"
}, - "protocol": "string",
- "encryption_algorithm_option": [
- {
- "name": "string",
- "keylen": "string"
}
], - "hash_algorithm_option": [
- "string"
], - "pfsgroup": "string",
- "lifetime": 0,
- "rekey_time": 0,
- "rand_time": 0,
- "pinghost": "string",
- "keepalive": true,
- "mobile": true,
- "disabled": true,
- "descr": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| reqid required | string |
| ikeid | string |
| uniqid | string |
| mode | string |
| reqid | string |
object (Phase2LocalId) | |
object (Phase2RemoteId) | |
| protocol | string |
Array of objects (EncryptionAlgorithm) | |
| hash_algorithm_option | Array of strings |
| pfsgroup | string |
| lifetime | integer |
| rekey_time | integer |
| rand_time | integer |
| pinghost | string |
| keepalive | boolean |
| mobile | boolean |
| disabled | boolean |
| descr | string |
{- "ikeid": "string",
- "uniqid": "string",
- "mode": "string",
- "reqid": "string",
- "localid": {
- "type": "string",
- "address": "string",
- "netbits": "string"
}, - "remoteid": {
- "type": "string",
- "address": "string",
- "netbits": "string"
}, - "protocol": "string",
- "encryption_algorithm_option": [
- {
- "name": "string",
- "keylen": "string"
}
], - "hash_algorithm_option": [
- "string"
], - "pfsgroup": "string",
- "lifetime": 0,
- "rekey_time": 0,
- "rand_time": 0,
- "pinghost": "string",
- "keepalive": true,
- "mobile": true,
- "disabled": true,
- "descr": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "enabled": true,
- "daemon_running": true,
- "status": {
- "list_sa": [
- {
- "name": "string",
- "uniqueid": "string",
- "version": 0,
- "state": "string",
- "local_host": "string",
- "local_port": "string",
- "local_id": "string",
- "remote_host": "string",
- "remote_port": "string",
- "remote_id": "string",
- "initiator": "string",
- "initiator_spi": "string",
- "responder_spi": "string",
- "encr_alg": "string",
- "encr_keysize": 0,
- "integ_alg": "string",
- "integ_keysize": 0,
- "prf_alg": "string",
- "dh_group": "string",
- "established": 0,
- "rekey_time": 0,
- "reauth_time": 0,
- "childsas": [
- {
- "name": "string",
- "uniqueid": "string",
- "reqid": "string",
- "state": "string",
- "mode": "string",
- "protocol": "string",
- "encap": "string",
- "spi_in": "string",
- "spi_out": "string",
- "cpi_in": "string",
- "cpi_out": "string",
- "mark_in": "string",
- "mark_mask_in": "string",
- "mark_out": "string",
- "mark_mask_out": "string",
- "if_id_in": "string",
- "if_id_out": "string",
- "label": "string",
- "encr_alg": "string",
- "encr_keysize": "string",
- "integ_alg": "string",
- "integ_keysize": "string",
- "prf_alg": "string",
- "dh_group": "string",
- "esn": "string",
- "bytes_in": 0,
- "packets_in": 0,
- "use_in": 0,
- "bytes_out": 0,
- "packets_out": 0,
- "use_out": 0,
- "rekey_time": 0,
- "life_time": 0,
- "install_time": 0,
- "local_ts": [
- "string"
], - "remote_ts": [
- "string"
]
}
]
}
], - "phases": {
- "phase1": [
- {
- "ikeid": "string",
- "iketype": "string",
- "interface": "string",
- "remote_gateway": "string",
- "protocol": "string",
- "myid_type": "string",
- "myid_data": "string",
- "peerid_type": "string",
- "peerid_data": "string",
- "encryption": {
- "item": [
- {
- "encryption_algorithm": {
- "name": "string",
- "keylen": "string"
}, - "hash_algorithm": "string",
- "prf_algorithm": "string",
- "dhgroup": "string"
}
]
}, - "lifetime": 0,
- "rekey_time": 0,
- "reauth_time": 0,
- "rand_time": 0,
- "pre_shared_key": "string",
- "private_key": "string",
- "certref": "string",
- "pkcs11certref": "string",
- "pkcs11pin": "string",
- "caref": "string",
- "authentication_method": "string",
- "descr": "string",
- "nat_traversal": "string",
- "mobike": "string",
- "startaction": "string",
- "closeaction": "string",
- "dpd_delay": 0,
- "dpd_maxfail": 0,
- "prfselect_enable": true,
- "gw_duplicates": true,
- "mobile": true,
- "disabled": true
}
], - "phase2": [
- {
- "ikeid": "string",
- "uniqid": "string",
- "mode": "string",
- "reqid": "string",
- "localid": {
- "type": "string",
- "address": "string",
- "netbits": "string"
}, - "remoteid": {
- "type": "string",
- "address": "string",
- "netbits": "string"
}, - "protocol": "string",
- "encryption_algorithm_option": [
- {
- "name": "string",
- "keylen": "string"
}
], - "hash_algorithm_option": [
- "string"
], - "pfsgroup": "string",
- "lifetime": 0,
- "rekey_time": 0,
- "rand_time": 0,
- "pinghost": "string",
- "keepalive": true,
- "mobile": true,
- "disabled": true,
- "descr": "string"
}
], - "ipsec_capable_ifs": [
- {
- "if_identity": "string",
- "if_assigned_name": "string"
}
]
}
}, - "lease": [
- {
- "name": "string",
- "base": "string",
- "online": "string",
- "offline": "string",
- "size": "string",
- "lease": [
- {
- "host": "string",
- "status": "string",
- "id": "string"
}
]
}
], - "sads": [
- {
- "src": "string",
- "dst": "string",
- "proto": "string",
- "spi": "string",
- "reqid": "string",
- "ealgo": "string",
- "aalgo": "string",
- "data": "string"
}
], - "spds": [
- {
- "dir": "string",
- "scope": "string",
- "ifname": "string",
- "srcid": "string",
- "dstid": "string",
- "proto": "string",
- "src": "string",
- "dst": "string",
- "unique": "string"
}
]
}{- "l2tp": {
- "mode": "string",
- "radius": {
- "server": "string",
- "secret": "string",
- "enable": true,
- "accounting": true,
- "radiusissueips": true
}, - "remoteip": "string",
- "localip": "string",
- "l2tp_subnet": "string",
- "interface": "string",
- "n_l2tp_units": "string",
- "secret": "string",
- "paporchap": "string",
- "dns1": "string",
- "dns2": "string",
- "mtu": 0,
- "user": [
- {
- "name": "string",
- "ip": "string",
- "password": "string"
}
]
}, - "interfaces": [
- "string"
]
}| mode required | string |
object (L2TPRadius) | |
| remoteip | string |
| localip | string |
| l2tp_subnet | string |
| interface | string |
| n_l2tp_units | string |
| secret | string |
| paporchap | string |
| dns1 | string |
| dns2 | string |
| mtu | integer defaults to 1500 in most cases if not provided (valid values 576-9000) |
Array of objects (L2TPUser) |
{- "mode": "string",
- "radius": {
- "server": "string",
- "secret": "string",
- "enable": true,
- "accounting": true,
- "radiusissueips": true
}, - "remoteip": "string",
- "localip": "string",
- "l2tp_subnet": "string",
- "interface": "string",
- "n_l2tp_units": "string",
- "secret": "string",
- "paporchap": "string",
- "dns1": "string",
- "dns2": "string",
- "mtu": 0,
- "user": [
- {
- "name": "string",
- "ip": "string",
- "password": "string"
}
]
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "config": [
- {
- "server": "string",
- "useaddr": "string",
- "useaddr_hostname": "string",
- "verifyservercn": "auto",
- "blockoutsidedns": true,
- "legacy": true,
- "silent": true,
- "bindmode": "nobind",
- "usepkcs11": true,
- "pkcs11providers": [
- "string"
], - "pkcs11id": "string",
- "usetoken": true,
- "usepass": true,
- "pass": "string",
- "p12encryption": "high",
- "useproxy": true,
- "useproxytype": "string",
- "proxyaddr": "string",
- "proxyport": "string",
- "useproxypass": "string",
- "proxyuser": "string",
- "proxypass": "string",
- "advancedoptions": "string"
}
], - "server_list": [
- {
- "vpnid": "string",
- "desc": "string",
- "mode": "string",
- "user_list": [
- {
- "userid": "string",
- "certid": "string",
- "name": "string",
- "certname": "string"
}
], - "cert_list": [
- {
- "userid": "string",
- "certid": "string",
- "name": "string",
- "certname": "string"
}
]
}
], - "useaddr_list": [
- {
- "value": "string",
- "text": "string"
}
]
}| server | string vpnid of a openvpn server in remote access mode |
| useaddr | string host name resolution, the format of remote directive entries uses in client configuration files |
| useaddr_hostname | string when useaddr is "other", this specify the hostname or ip address the client will use to connect to this server |
| verifyservercn | string Enum: "auto" "none" verify server common name |
| blockoutsidedns | boolean block outside dns |
| legacy | boolean do not include openvpn 2.5 and later settings in the client configuration |
| silent | boolean create a silent windows installer for unattended deploy |
| bindmode | string Enum: "nobind" "lport0" "bind" bind mode |
| usepkcs11 | boolean use pkcs11 storage device |
| pkcs11providers | Array of strings |
| pkcs11id | string when usepkcs11 is true, specify the object's id on the pkcs11 device |
| usetoken | boolean use microsoft certificate storage instead of local files |
| usepass | boolean use a password to protect the pkcs12 file contents or key in viscosity bundle |
| pass | string when usepass is true, specify the password used to protect the certificate file contents |
| p12encryption | string Enum: "high" "low" "legacy" level of encryption |
| useproxy | boolean use proxy to communicate with the openvpn server |
| useproxytype | string when useproxy is true, specify proxy type (http or socks) |
| proxyaddr | string when useproxy is true, specify hostname or ip address of proxy server |
| proxyport | string when useproxy is true, specify proxy server's port |
| useproxypass | string when useproxy is true, specify proxy authentication method (none, basic, ntlm) |
| proxyuser | string when useproxy is true, specify username for authentication to proxy |
| proxypass | string when useproxy is true, specify password for authentication to proxy |
| advancedoptions | string base64 encoded of additional options to add to the openvpn client export configuration |
{- "server": "string",
- "useaddr": "string",
- "useaddr_hostname": "string",
- "verifyservercn": "auto",
- "blockoutsidedns": true,
- "legacy": true,
- "silent": true,
- "bindmode": "nobind",
- "usepkcs11": true,
- "pkcs11providers": [
- "string"
], - "pkcs11id": "string",
- "usetoken": true,
- "usepass": true,
- "pass": "string",
- "p12encryption": "high",
- "useproxy": true,
- "useproxytype": "string",
- "proxyaddr": "string",
- "proxyport": "string",
- "useproxypass": "string",
- "proxyuser": "string",
- "proxypass": "string",
- "advancedoptions": "string"
}{- "result": "string"
}object (OpenVPNClientExportConfig) | |
| type | string |
| userid | string |
| certid | string |
{- "config": {
- "server": "string",
- "useaddr": "string",
- "useaddr_hostname": "string",
- "verifyservercn": "auto",
- "blockoutsidedns": true,
- "legacy": true,
- "silent": true,
- "bindmode": "nobind",
- "usepkcs11": true,
- "pkcs11providers": [
- "string"
], - "pkcs11id": "string",
- "usetoken": true,
- "usepass": true,
- "pass": "string",
- "p12encryption": "high",
- "useproxy": true,
- "useproxytype": "string",
- "proxyaddr": "string",
- "proxyport": "string",
- "useproxypass": "string",
- "proxyuser": "string",
- "proxypass": "string",
- "advancedoptions": "string"
}, - "type": "string",
- "userid": "string",
- "certid": "string"
}{- "errcode": 0,
- "errlevel": "string",
- "errmsg": "string",
- "alerts": {
- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}
}| ovpn_config | string base64 encoded content of the ovpn file |
| disable | boolean disable the client after import |
| server_mode | string server mode of the openvpn client |
| descr | string |
| if_ident | string interface used to originate this openvpn client connection |
| username | string username if the imported tunnel requires username/password authentication |
| password | string base64 encoded password if the imported tunnel requires username/password authentication |
{- "ovpn_config": "string",
- "disable": true,
- "server_mode": "string",
- "descr": "string",
- "if_ident": "string",
- "username": "string",
- "password": "string"
}{- "result": "string"
}{- "clients": [
- {
- "vpnid": "string",
- "disable": true,
- "dco": true,
- "protocol": "string",
- "dev_mode": "string",
- "interface": "string",
- "ipaddr": "string",
- "local_port": 0,
- "server_addr": "string",
- "server_port": "string",
- "proxy_addr": "string",
- "proxy_port": "string",
- "proxy_authtype": "string",
- "description": "string",
- "mode": "string",
- "topology": "string",
- "custom_options": "string",
- "caref": "string",
- "certref": "string",
- "crlref": "string",
- "tlsauth_enable": true,
- "autokey_enable": true,
- "autotls_enable": true,
- "tls": "string",
- "tls_type": "string",
- "tlsauth_keydir": "string",
- "remote_cert_tls": true,
- "shared_key": "string",
- "digest": "string",
- "tunnel_network": "string",
- "tunnel_networkv6": "string",
- "remote_network": "string",
- "remote_networkv6": "string",
- "use_shaper": "string",
- "allow_compression": "string",
- "compression": "string",
- "auth_retry_none": true,
- "passtos": true,
- "udp_fast_io": true,
- "exit_notify": "string",
- "sndrcvbuf": "string",
- "route_no_pull": true,
- "route_no_exec": true,
- "dns_add": true,
- "verbosity_level": "string",
- "create_gw": "string",
- "dh_length": "string",
- "data_ciphers": [
- "string"
], - "data_ciphers_fallback": "string",
- "ping_method": "string",
- "keepalive_interval": "string",
- "keepalive_timeout": "string",
- "ping_seconds": "string",
- "ping_action": "string",
- "ping_action_seconds": "string",
- "inactive_seconds": "string"
}
], - "openvpn_capable_ifs": [
- {
- "if_identity": "string",
- "if_assigned_name": "string"
}
]
}| vpnid | string generated by system when create openvpn server |
| disable | boolean |
| dco | boolean |
| protocol | string |
| dev_mode | string |
| interface | string |
| ipaddr | string |
| local_port | integer |
| server_addr | string |
| server_port | string |
| proxy_addr | string |
| proxy_port | string |
| proxy_authtype | string |
| description | string |
| mode | string |
| topology | string |
| custom_options | string |
| caref | string |
| certref | string |
| crlref | string |
| tlsauth_enable | boolean |
| autokey_enable | boolean |
| autotls_enable | boolean |
| tls | string OpenVPN TLS key |
| tls_type | string "auth" or "crypt" |
| tlsauth_keydir | string |
| remote_cert_tls | boolean |
| shared_key | string |
| digest | string |
| tunnel_network | string |
| tunnel_networkv6 | string |
| remote_network | string |
| remote_networkv6 | string |
| use_shaper | string |
| allow_compression | string "asym", "yes", "no" |
| compression | string |
| auth_retry_none | boolean |
| passtos | boolean |
| udp_fast_io | boolean |
| exit_notify | string |
| sndrcvbuf | string |
| route_no_pull | boolean |
| route_no_exec | boolean |
| dns_add | boolean |
| verbosity_level | string |
| create_gw | string |
| dh_length | string |
| data_ciphers | Array of strings |
| data_ciphers_fallback | string |
| ping_method | string |
| keepalive_interval | string |
| keepalive_timeout | string |
| ping_seconds | string |
| ping_action | string |
| ping_action_seconds | string |
| inactive_seconds | string |
{- "vpnid": "string",
- "disable": true,
- "dco": true,
- "protocol": "string",
- "dev_mode": "string",
- "interface": "string",
- "ipaddr": "string",
- "local_port": 0,
- "server_addr": "string",
- "server_port": "string",
- "proxy_addr": "string",
- "proxy_port": "string",
- "proxy_authtype": "string",
- "description": "string",
- "mode": "string",
- "topology": "string",
- "custom_options": "string",
- "caref": "string",
- "certref": "string",
- "crlref": "string",
- "tlsauth_enable": true,
- "autokey_enable": true,
- "autotls_enable": true,
- "tls": "string",
- "tls_type": "string",
- "tlsauth_keydir": "string",
- "remote_cert_tls": true,
- "shared_key": "string",
- "digest": "string",
- "tunnel_network": "string",
- "tunnel_networkv6": "string",
- "remote_network": "string",
- "remote_networkv6": "string",
- "use_shaper": "string",
- "allow_compression": "string",
- "compression": "string",
- "auth_retry_none": true,
- "passtos": true,
- "udp_fast_io": true,
- "exit_notify": "string",
- "sndrcvbuf": "string",
- "route_no_pull": true,
- "route_no_exec": true,
- "dns_add": true,
- "verbosity_level": "string",
- "create_gw": "string",
- "dh_length": "string",
- "data_ciphers": [
- "string"
], - "data_ciphers_fallback": "string",
- "ping_method": "string",
- "keepalive_interval": "string",
- "keepalive_timeout": "string",
- "ping_seconds": "string",
- "ping_action": "string",
- "ping_action_seconds": "string",
- "inactive_seconds": "string"
}{- "vpnid": "string"
}{- "client": {
- "vpnid": "string",
- "disable": true,
- "dco": true,
- "protocol": "string",
- "dev_mode": "string",
- "interface": "string",
- "ipaddr": "string",
- "local_port": 0,
- "server_addr": "string",
- "server_port": "string",
- "proxy_addr": "string",
- "proxy_port": "string",
- "proxy_authtype": "string",
- "description": "string",
- "mode": "string",
- "topology": "string",
- "custom_options": "string",
- "caref": "string",
- "certref": "string",
- "crlref": "string",
- "tlsauth_enable": true,
- "autokey_enable": true,
- "autotls_enable": true,
- "tls": "string",
- "tls_type": "string",
- "tlsauth_keydir": "string",
- "remote_cert_tls": true,
- "shared_key": "string",
- "digest": "string",
- "tunnel_network": "string",
- "tunnel_networkv6": "string",
- "remote_network": "string",
- "remote_networkv6": "string",
- "use_shaper": "string",
- "allow_compression": "string",
- "compression": "string",
- "auth_retry_none": true,
- "passtos": true,
- "udp_fast_io": true,
- "exit_notify": "string",
- "sndrcvbuf": "string",
- "route_no_pull": true,
- "route_no_exec": true,
- "dns_add": true,
- "verbosity_level": "string",
- "create_gw": "string",
- "dh_length": "string",
- "data_ciphers": [
- "string"
], - "data_ciphers_fallback": "string",
- "ping_method": "string",
- "keepalive_interval": "string",
- "keepalive_timeout": "string",
- "ping_seconds": "string",
- "ping_action": "string",
- "ping_action_seconds": "string",
- "inactive_seconds": "string"
}
}| vpnid required | string |
| vpnid | string generated by system when create openvpn server |
| disable | boolean |
| dco | boolean |
| protocol | string |
| dev_mode | string |
| interface | string |
| ipaddr | string |
| local_port | integer |
| server_addr | string |
| server_port | string |
| proxy_addr | string |
| proxy_port | string |
| proxy_authtype | string |
| description | string |
| mode | string |
| topology | string |
| custom_options | string |
| caref | string |
| certref | string |
| crlref | string |
| tlsauth_enable | boolean |
| autokey_enable | boolean |
| autotls_enable | boolean |
| tls | string OpenVPN TLS key |
| tls_type | string "auth" or "crypt" |
| tlsauth_keydir | string |
| remote_cert_tls | boolean |
| shared_key | string |
| digest | string |
| tunnel_network | string |
| tunnel_networkv6 | string |
| remote_network | string |
| remote_networkv6 | string |
| use_shaper | string |
| allow_compression | string "asym", "yes", "no" |
| compression | string |
| auth_retry_none | boolean |
| passtos | boolean |
| udp_fast_io | boolean |
| exit_notify | string |
| sndrcvbuf | string |
| route_no_pull | boolean |
| route_no_exec | boolean |
| dns_add | boolean |
| verbosity_level | string |
| create_gw | string |
| dh_length | string |
| data_ciphers | Array of strings |
| data_ciphers_fallback | string |
| ping_method | string |
| keepalive_interval | string |
| keepalive_timeout | string |
| ping_seconds | string |
| ping_action | string |
| ping_action_seconds | string |
| inactive_seconds | string |
{- "vpnid": "string",
- "disable": true,
- "dco": true,
- "protocol": "string",
- "dev_mode": "string",
- "interface": "string",
- "ipaddr": "string",
- "local_port": 0,
- "server_addr": "string",
- "server_port": "string",
- "proxy_addr": "string",
- "proxy_port": "string",
- "proxy_authtype": "string",
- "description": "string",
- "mode": "string",
- "topology": "string",
- "custom_options": "string",
- "caref": "string",
- "certref": "string",
- "crlref": "string",
- "tlsauth_enable": true,
- "autokey_enable": true,
- "autotls_enable": true,
- "tls": "string",
- "tls_type": "string",
- "tlsauth_keydir": "string",
- "remote_cert_tls": true,
- "shared_key": "string",
- "digest": "string",
- "tunnel_network": "string",
- "tunnel_networkv6": "string",
- "remote_network": "string",
- "remote_networkv6": "string",
- "use_shaper": "string",
- "allow_compression": "string",
- "compression": "string",
- "auth_retry_none": true,
- "passtos": true,
- "udp_fast_io": true,
- "exit_notify": "string",
- "sndrcvbuf": "string",
- "route_no_pull": true,
- "route_no_exec": true,
- "dns_add": true,
- "verbosity_level": "string",
- "create_gw": "string",
- "dh_length": "string",
- "data_ciphers": [
- "string"
], - "data_ciphers_fallback": "string",
- "ping_method": "string",
- "keepalive_interval": "string",
- "keepalive_timeout": "string",
- "ping_seconds": "string",
- "ping_action": "string",
- "ping_action_seconds": "string",
- "inactive_seconds": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "cscs": [
- {
- "id": "string",
- "disable": true,
- "server_list": [
- "string"
], - "override_options": "string",
- "remove_options": [
- "string"
], - "common_name": "string",
- "block": true,
- "description": "string",
- "tunnel_network": "string",
- "tunnel_networkv6": "string",
- "local_network": "string",
- "local_networkv6": "string",
- "remote_network": "string",
- "remote_networkv6": "string",
- "gwredir": true,
- "push_reset": true,
- "push_blockoutsidedns": true,
- "push_register_dns": true,
- "keep_minimum": true,
- "remove_route": true,
- "dns_domain_enable": true,
- "dns_domain": "string",
- "dns_server_enable": true,
- "dns_server1": "string",
- "dns_server2": "string",
- "dns_server3": "string",
- "dns_server4": "string",
- "ntp_server_enable": true,
- "ntp_server1": "string",
- "ntp_server2": "string",
- "ntp_server3": "string",
- "ntp_server4": "string",
- "netbios_enable": true,
- "netbios_ntype": "string",
- "netbios_scope": "string",
- "wins_server_enable": true,
- "wins_server1": "string",
- "wins_server2": "string",
- "nbdd_server_enable": true,
- "nbdd_server1": "string",
- "nbdd_server2": "string",
- "ping_action": "string",
- "ping_seconds": "string",
- "ping_action_seconds": "string",
- "inactive_seconds": 0,
- "custom_options": "string"
}
], - "removable_options": [
- {
- "value": "string",
- "text": "string"
}
]
}| id | string generated by system when create openvpn client specific override |
| disable | boolean |
| server_list | Array of strings |
| override_options | string default, push_reset, or remove_specified |
| remove_options | Array of strings |
| common_name required | string |
| block | boolean |
| description | string |
| tunnel_network | string |
| tunnel_networkv6 | string |
| local_network | string |
| local_networkv6 | string |
| remote_network | string |
| remote_networkv6 | string |
| gwredir | boolean |
| push_reset | boolean |
| push_blockoutsidedns | boolean |
| push_register_dns | boolean |
| keep_minimum | boolean |
| remove_route | boolean |
| dns_domain_enable | boolean |
| dns_domain | string |
| dns_server_enable | boolean |
| dns_server1 | string |
| dns_server2 | string |
| dns_server3 | string |
| dns_server4 | string |
| ntp_server_enable | boolean |
| ntp_server1 | string |
| ntp_server2 | string |
| ntp_server3 | string |
| ntp_server4 | string |
| netbios_enable | boolean |
| netbios_ntype | string |
| netbios_scope | string |
| wins_server_enable | boolean |
| wins_server1 | string |
| wins_server2 | string |
| nbdd_server_enable | boolean |
| nbdd_server1 | string |
| nbdd_server2 | string |
| ping_action | string |
| ping_seconds | string |
| ping_action_seconds | string |
| inactive_seconds | integer |
| custom_options | string |
{- "id": "string",
- "disable": true,
- "server_list": [
- "string"
], - "override_options": "string",
- "remove_options": [
- "string"
], - "common_name": "string",
- "block": true,
- "description": "string",
- "tunnel_network": "string",
- "tunnel_networkv6": "string",
- "local_network": "string",
- "local_networkv6": "string",
- "remote_network": "string",
- "remote_networkv6": "string",
- "gwredir": true,
- "push_reset": true,
- "push_blockoutsidedns": true,
- "push_register_dns": true,
- "keep_minimum": true,
- "remove_route": true,
- "dns_domain_enable": true,
- "dns_domain": "string",
- "dns_server_enable": true,
- "dns_server1": "string",
- "dns_server2": "string",
- "dns_server3": "string",
- "dns_server4": "string",
- "ntp_server_enable": true,
- "ntp_server1": "string",
- "ntp_server2": "string",
- "ntp_server3": "string",
- "ntp_server4": "string",
- "netbios_enable": true,
- "netbios_ntype": "string",
- "netbios_scope": "string",
- "wins_server_enable": true,
- "wins_server1": "string",
- "wins_server2": "string",
- "nbdd_server_enable": true,
- "nbdd_server1": "string",
- "nbdd_server2": "string",
- "ping_action": "string",
- "ping_seconds": "string",
- "ping_action_seconds": "string",
- "inactive_seconds": 0,
- "custom_options": "string"
}{- "id": "string"
}{- "csc": {
- "id": "string",
- "disable": true,
- "server_list": [
- "string"
], - "override_options": "string",
- "remove_options": [
- "string"
], - "common_name": "string",
- "block": true,
- "description": "string",
- "tunnel_network": "string",
- "tunnel_networkv6": "string",
- "local_network": "string",
- "local_networkv6": "string",
- "remote_network": "string",
- "remote_networkv6": "string",
- "gwredir": true,
- "push_reset": true,
- "push_blockoutsidedns": true,
- "push_register_dns": true,
- "keep_minimum": true,
- "remove_route": true,
- "dns_domain_enable": true,
- "dns_domain": "string",
- "dns_server_enable": true,
- "dns_server1": "string",
- "dns_server2": "string",
- "dns_server3": "string",
- "dns_server4": "string",
- "ntp_server_enable": true,
- "ntp_server1": "string",
- "ntp_server2": "string",
- "ntp_server3": "string",
- "ntp_server4": "string",
- "netbios_enable": true,
- "netbios_ntype": "string",
- "netbios_scope": "string",
- "wins_server_enable": true,
- "wins_server1": "string",
- "wins_server2": "string",
- "nbdd_server_enable": true,
- "nbdd_server1": "string",
- "nbdd_server2": "string",
- "ping_action": "string",
- "ping_seconds": "string",
- "ping_action_seconds": "string",
- "inactive_seconds": 0,
- "custom_options": "string"
}
}| id required | string |
| id | string generated by system when create openvpn client specific override |
| disable | boolean |
| server_list | Array of strings |
| override_options | string default, push_reset, or remove_specified |
| remove_options | Array of strings |
| common_name required | string |
| block | boolean |
| description | string |
| tunnel_network | string |
| tunnel_networkv6 | string |
| local_network | string |
| local_networkv6 | string |
| remote_network | string |
| remote_networkv6 | string |
| gwredir | boolean |
| push_reset | boolean |
| push_blockoutsidedns | boolean |
| push_register_dns | boolean |
| keep_minimum | boolean |
| remove_route | boolean |
| dns_domain_enable | boolean |
| dns_domain | string |
| dns_server_enable | boolean |
| dns_server1 | string |
| dns_server2 | string |
| dns_server3 | string |
| dns_server4 | string |
| ntp_server_enable | boolean |
| ntp_server1 | string |
| ntp_server2 | string |
| ntp_server3 | string |
| ntp_server4 | string |
| netbios_enable | boolean |
| netbios_ntype | string |
| netbios_scope | string |
| wins_server_enable | boolean |
| wins_server1 | string |
| wins_server2 | string |
| nbdd_server_enable | boolean |
| nbdd_server1 | string |
| nbdd_server2 | string |
| ping_action | string |
| ping_seconds | string |
| ping_action_seconds | string |
| inactive_seconds | integer |
| custom_options | string |
{- "id": "string",
- "disable": true,
- "server_list": [
- "string"
], - "override_options": "string",
- "remove_options": [
- "string"
], - "common_name": "string",
- "block": true,
- "description": "string",
- "tunnel_network": "string",
- "tunnel_networkv6": "string",
- "local_network": "string",
- "local_networkv6": "string",
- "remote_network": "string",
- "remote_networkv6": "string",
- "gwredir": true,
- "push_reset": true,
- "push_blockoutsidedns": true,
- "push_register_dns": true,
- "keep_minimum": true,
- "remove_route": true,
- "dns_domain_enable": true,
- "dns_domain": "string",
- "dns_server_enable": true,
- "dns_server1": "string",
- "dns_server2": "string",
- "dns_server3": "string",
- "dns_server4": "string",
- "ntp_server_enable": true,
- "ntp_server1": "string",
- "ntp_server2": "string",
- "ntp_server3": "string",
- "ntp_server4": "string",
- "netbios_enable": true,
- "netbios_ntype": "string",
- "netbios_scope": "string",
- "wins_server_enable": true,
- "wins_server1": "string",
- "wins_server2": "string",
- "nbdd_server_enable": true,
- "nbdd_server1": "string",
- "nbdd_server2": "string",
- "ping_action": "string",
- "ping_seconds": "string",
- "ping_action_seconds": "string",
- "inactive_seconds": 0,
- "custom_options": "string"
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "authservers": [
- "string"
], - "servers": [
- {
- "vpnid": "string",
- "dco": true,
- "mode": "string",
- "authmode": [
- "string"
], - "protocol": "string",
- "dev_mode": "string",
- "interface": "string",
- "local_port": 0,
- "description": "string",
- "tls": "string",
- "tls_type": "string",
- "certref": "string",
- "caref": "string",
- "crlref": "string",
- "dh_length": "string",
- "data_ciphers": [
- "string"
], - "data_ciphers_fallback": "string",
- "digest": "string",
- "engine": "string",
- "tunnel_network": "string",
- "local_network": "string",
- "maxclients": "string",
- "allow_compression": "string",
- "dynamic_ip": true,
- "topology": "string",
- "dns_domain": "string",
- "exit_notify": "string",
- "inactive_seconds": "string",
- "disable": true,
- "tlsauth_enable": true,
- "autotls_enable": true,
- "tlsauth_keydir": "string",
- "ocspcheck": true,
- "ocspurl": "string",
- "ecdh_curve": "string",
- "autokey_enable": true,
- "shared_key": "string",
- "cert_depth": "string",
- "remote_cert_tls": true,
- "tunnel_networkv6": "string",
- "serverbridge_dhcp": true,
- "serverbridge_interface": "string",
- "serverbridge_routegateway": true,
- "serverbridge_dhcp_start": "string",
- "serverbridge_dhcp_end": "string",
- "gwredir": true,
- "gwredir6": true,
- "local_networkv6": "string",
- "remote_network": "string",
- "remote_networkv6": "string",
- "compression": "string",
- "compression_push": true,
- "passtos": true,
- "client2client": true,
- "duplicate_cn": true,
- "ping_method": "string",
- "keepalive_interval": "string",
- "keepalive_timeout": "string",
- "ping_seconds": "string",
- "ping_push": true,
- "ping_action": "string",
- "ping_action_seconds": "string",
- "ping_action_push": true,
- "dns_domain_enable": true,
- "dns_server_enable": true,
- "dns_server1": "string",
- "dns_server2": "string",
- "dns_server3": "string",
- "dns_server4": "string",
- "push_blockoutsidedns": true,
- "push_register_dns": true,
- "ntp_server_enable": true,
- "ntp_server1": "string",
- "ntp_server2": "string",
- "netbios_enable": true,
- "netbios_ntype": "string",
- "netbios_scope": "string",
- "wins_server_enable": true,
- "wins_server1": "string",
- "wins_server2": "string",
- "custom_options": "string",
- "username_as_common_name": true,
- "udp_fast_io": true,
- "sndrcvbuf": "string",
- "create_gw": "string",
- "verbosity_level": "string",
- "strictusercn": true
}
], - "openvpn_capable_ifs": [
- {
- "if_identity": "string",
- "if_assigned_name": "string"
}
]
}| vpnid | string generated by system when create openvpn server |
| dco | boolean |
| mode | string |
| authmode | Array of strings |
| protocol | string |
| dev_mode | string |
| interface | string |
| local_port | integer |
| description | string |
| tls | string OpenVPN PEM TLS key |
| tls_type | string "auth" or "crypt" |
| certref | string |
| caref | string |
| crlref | string Certificate revocation list reference |
| dh_length | string |
| data_ciphers | Array of strings |
| data_ciphers_fallback | string |
| digest | string |
| engine | string |
| tunnel_network | string |
| local_network | string |
| maxclients | string |
| allow_compression | string "asym", "yes", "no" |
| dynamic_ip | boolean |
| topology | string |
| dns_domain | string |
| exit_notify | string |
| inactive_seconds | string |
| disable | boolean |
| tlsauth_enable | boolean |
| autotls_enable | boolean |
| tlsauth_keydir | string |
| ocspcheck | boolean |
| ocspurl | string |
| ecdh_curve | string |
| autokey_enable | boolean |
| shared_key | string |
| cert_depth | string |
| remote_cert_tls | boolean |
| tunnel_networkv6 | string |
| serverbridge_dhcp | boolean |
| serverbridge_interface | string |
| serverbridge_routegateway | boolean |
| serverbridge_dhcp_start | string |
| serverbridge_dhcp_end | string |
| gwredir | boolean |
| gwredir6 | boolean |
| local_networkv6 | string |
| remote_network | string |
| remote_networkv6 | string |
| compression | string |
| compression_push | boolean |
| passtos | boolean |
| client2client | boolean |
| duplicate_cn | boolean |
| ping_method | string |
| keepalive_interval | string |
| keepalive_timeout | string |
| ping_seconds | string |
| ping_push | boolean |
| ping_action | string |
| ping_action_seconds | string |
| ping_action_push | boolean |
| dns_domain_enable | boolean |
| dns_server_enable | boolean |
| dns_server1 | string |
| dns_server2 | string |
| dns_server3 | string |
| dns_server4 | string |
| push_blockoutsidedns | boolean |
| push_register_dns | boolean |
| ntp_server_enable | boolean |
| ntp_server1 | string |
| ntp_server2 | string |
| netbios_enable | boolean |
| netbios_ntype | string |
| netbios_scope | string |
| wins_server_enable | boolean |
| wins_server1 | string |
| wins_server2 | string |
| custom_options | string |
| username_as_common_name | boolean |
| udp_fast_io | boolean |
| sndrcvbuf | string |
| create_gw | string |
| verbosity_level | string |
| strictusercn | boolean |
{- "vpnid": "string",
- "dco": true,
- "mode": "string",
- "authmode": [
- "string"
], - "protocol": "string",
- "dev_mode": "string",
- "interface": "string",
- "local_port": 0,
- "description": "string",
- "tls": "string",
- "tls_type": "string",
- "certref": "string",
- "caref": "string",
- "crlref": "string",
- "dh_length": "string",
- "data_ciphers": [
- "string"
], - "data_ciphers_fallback": "string",
- "digest": "string",
- "engine": "string",
- "tunnel_network": "string",
- "local_network": "string",
- "maxclients": "string",
- "allow_compression": "string",
- "dynamic_ip": true,
- "topology": "string",
- "dns_domain": "string",
- "exit_notify": "string",
- "inactive_seconds": "string",
- "disable": true,
- "tlsauth_enable": true,
- "autotls_enable": true,
- "tlsauth_keydir": "string",
- "ocspcheck": true,
- "ocspurl": "string",
- "ecdh_curve": "string",
- "autokey_enable": true,
- "shared_key": "string",
- "cert_depth": "string",
- "remote_cert_tls": true,
- "tunnel_networkv6": "string",
- "serverbridge_dhcp": true,
- "serverbridge_interface": "string",
- "serverbridge_routegateway": true,
- "serverbridge_dhcp_start": "string",
- "serverbridge_dhcp_end": "string",
- "gwredir": true,
- "gwredir6": true,
- "local_networkv6": "string",
- "remote_network": "string",
- "remote_networkv6": "string",
- "compression": "string",
- "compression_push": true,
- "passtos": true,
- "client2client": true,
- "duplicate_cn": true,
- "ping_method": "string",
- "keepalive_interval": "string",
- "keepalive_timeout": "string",
- "ping_seconds": "string",
- "ping_push": true,
- "ping_action": "string",
- "ping_action_seconds": "string",
- "ping_action_push": true,
- "dns_domain_enable": true,
- "dns_server_enable": true,
- "dns_server1": "string",
- "dns_server2": "string",
- "dns_server3": "string",
- "dns_server4": "string",
- "push_blockoutsidedns": true,
- "push_register_dns": true,
- "ntp_server_enable": true,
- "ntp_server1": "string",
- "ntp_server2": "string",
- "netbios_enable": true,
- "netbios_ntype": "string",
- "netbios_scope": "string",
- "wins_server_enable": true,
- "wins_server1": "string",
- "wins_server2": "string",
- "custom_options": "string",
- "username_as_common_name": true,
- "udp_fast_io": true,
- "sndrcvbuf": "string",
- "create_gw": "string",
- "verbosity_level": "string",
- "strictusercn": true
}{- "vpnid": "string"
}{- "authservers": [
- "string"
], - "server": {
- "vpnid": "string",
- "dco": true,
- "mode": "string",
- "authmode": [
- "string"
], - "protocol": "string",
- "dev_mode": "string",
- "interface": "string",
- "local_port": 0,
- "description": "string",
- "tls": "string",
- "tls_type": "string",
- "certref": "string",
- "caref": "string",
- "crlref": "string",
- "dh_length": "string",
- "data_ciphers": [
- "string"
], - "data_ciphers_fallback": "string",
- "digest": "string",
- "engine": "string",
- "tunnel_network": "string",
- "local_network": "string",
- "maxclients": "string",
- "allow_compression": "string",
- "dynamic_ip": true,
- "topology": "string",
- "dns_domain": "string",
- "exit_notify": "string",
- "inactive_seconds": "string",
- "disable": true,
- "tlsauth_enable": true,
- "autotls_enable": true,
- "tlsauth_keydir": "string",
- "ocspcheck": true,
- "ocspurl": "string",
- "ecdh_curve": "string",
- "autokey_enable": true,
- "shared_key": "string",
- "cert_depth": "string",
- "remote_cert_tls": true,
- "tunnel_networkv6": "string",
- "serverbridge_dhcp": true,
- "serverbridge_interface": "string",
- "serverbridge_routegateway": true,
- "serverbridge_dhcp_start": "string",
- "serverbridge_dhcp_end": "string",
- "gwredir": true,
- "gwredir6": true,
- "local_networkv6": "string",
- "remote_network": "string",
- "remote_networkv6": "string",
- "compression": "string",
- "compression_push": true,
- "passtos": true,
- "client2client": true,
- "duplicate_cn": true,
- "ping_method": "string",
- "keepalive_interval": "string",
- "keepalive_timeout": "string",
- "ping_seconds": "string",
- "ping_push": true,
- "ping_action": "string",
- "ping_action_seconds": "string",
- "ping_action_push": true,
- "dns_domain_enable": true,
- "dns_server_enable": true,
- "dns_server1": "string",
- "dns_server2": "string",
- "dns_server3": "string",
- "dns_server4": "string",
- "push_blockoutsidedns": true,
- "push_register_dns": true,
- "ntp_server_enable": true,
- "ntp_server1": "string",
- "ntp_server2": "string",
- "netbios_enable": true,
- "netbios_ntype": "string",
- "netbios_scope": "string",
- "wins_server_enable": true,
- "wins_server1": "string",
- "wins_server2": "string",
- "custom_options": "string",
- "username_as_common_name": true,
- "udp_fast_io": true,
- "sndrcvbuf": "string",
- "create_gw": "string",
- "verbosity_level": "string",
- "strictusercn": true
}
}| vpnid required | string |
| vpnid | string generated by system when create openvpn server |
| dco | boolean |
| mode | string |
| authmode | Array of strings |
| protocol | string |
| dev_mode | string |
| interface | string |
| local_port | integer |
| description | string |
| tls | string OpenVPN PEM TLS key |
| tls_type | string "auth" or "crypt" |
| certref | string |
| caref | string |
| crlref | string Certificate revocation list reference |
| dh_length | string |
| data_ciphers | Array of strings |
| data_ciphers_fallback | string |
| digest | string |
| engine | string |
| tunnel_network | string |
| local_network | string |
| maxclients | string |
| allow_compression | string "asym", "yes", "no" |
| dynamic_ip | boolean |
| topology | string |
| dns_domain | string |
| exit_notify | string |
| inactive_seconds | string |
| disable | boolean |
| tlsauth_enable | boolean |
| autotls_enable | boolean |
| tlsauth_keydir | string |
| ocspcheck | boolean |
| ocspurl | string |
| ecdh_curve | string |
| autokey_enable | boolean |
| shared_key | string |
| cert_depth | string |
| remote_cert_tls | boolean |
| tunnel_networkv6 | string |
| serverbridge_dhcp | boolean |
| serverbridge_interface | string |
| serverbridge_routegateway | boolean |
| serverbridge_dhcp_start | string |
| serverbridge_dhcp_end | string |
| gwredir | boolean |
| gwredir6 | boolean |
| local_networkv6 | string |
| remote_network | string |
| remote_networkv6 | string |
| compression | string |
| compression_push | boolean |
| passtos | boolean |
| client2client | boolean |
| duplicate_cn | boolean |
| ping_method | string |
| keepalive_interval | string |
| keepalive_timeout | string |
| ping_seconds | string |
| ping_push | boolean |
| ping_action | string |
| ping_action_seconds | string |
| ping_action_push | boolean |
| dns_domain_enable | boolean |
| dns_server_enable | boolean |
| dns_server1 | string |
| dns_server2 | string |
| dns_server3 | string |
| dns_server4 | string |
| push_blockoutsidedns | boolean |
| push_register_dns | boolean |
| ntp_server_enable | boolean |
| ntp_server1 | string |
| ntp_server2 | string |
| netbios_enable | boolean |
| netbios_ntype | string |
| netbios_scope | string |
| wins_server_enable | boolean |
| wins_server1 | string |
| wins_server2 | string |
| custom_options | string |
| username_as_common_name | boolean |
| udp_fast_io | boolean |
| sndrcvbuf | string |
| create_gw | string |
| verbosity_level | string |
| strictusercn | boolean |
{- "vpnid": "string",
- "dco": true,
- "mode": "string",
- "authmode": [
- "string"
], - "protocol": "string",
- "dev_mode": "string",
- "interface": "string",
- "local_port": 0,
- "description": "string",
- "tls": "string",
- "tls_type": "string",
- "certref": "string",
- "caref": "string",
- "crlref": "string",
- "dh_length": "string",
- "data_ciphers": [
- "string"
], - "data_ciphers_fallback": "string",
- "digest": "string",
- "engine": "string",
- "tunnel_network": "string",
- "local_network": "string",
- "maxclients": "string",
- "allow_compression": "string",
- "dynamic_ip": true,
- "topology": "string",
- "dns_domain": "string",
- "exit_notify": "string",
- "inactive_seconds": "string",
- "disable": true,
- "tlsauth_enable": true,
- "autotls_enable": true,
- "tlsauth_keydir": "string",
- "ocspcheck": true,
- "ocspurl": "string",
- "ecdh_curve": "string",
- "autokey_enable": true,
- "shared_key": "string",
- "cert_depth": "string",
- "remote_cert_tls": true,
- "tunnel_networkv6": "string",
- "serverbridge_dhcp": true,
- "serverbridge_interface": "string",
- "serverbridge_routegateway": true,
- "serverbridge_dhcp_start": "string",
- "serverbridge_dhcp_end": "string",
- "gwredir": true,
- "gwredir6": true,
- "local_networkv6": "string",
- "remote_network": "string",
- "remote_networkv6": "string",
- "compression": "string",
- "compression_push": true,
- "passtos": true,
- "client2client": true,
- "duplicate_cn": true,
- "ping_method": "string",
- "keepalive_interval": "string",
- "keepalive_timeout": "string",
- "ping_seconds": "string",
- "ping_push": true,
- "ping_action": "string",
- "ping_action_seconds": "string",
- "ping_action_push": true,
- "dns_domain_enable": true,
- "dns_server_enable": true,
- "dns_server1": "string",
- "dns_server2": "string",
- "dns_server3": "string",
- "dns_server4": "string",
- "push_blockoutsidedns": true,
- "push_register_dns": true,
- "ntp_server_enable": true,
- "ntp_server1": "string",
- "ntp_server2": "string",
- "netbios_enable": true,
- "netbios_ntype": "string",
- "netbios_scope": "string",
- "wins_server_enable": true,
- "wins_server1": "string",
- "wins_server2": "string",
- "custom_options": "string",
- "username_as_common_name": true,
- "udp_fast_io": true,
- "sndrcvbuf": "string",
- "create_gw": "string",
- "verbosity_level": "string",
- "strictusercn": true
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "servers": [
- {
- "vpnid": "string",
- "port": "string",
- "mode": "string",
- "name": "string",
- "mgmt": "string",
- "conns": [
- {
- "common_name": "string",
- "remote_host": "string",
- "virtual_addr": "string",
- "virtual_addr6": "string",
- "bytes_recv": "string",
- "bytes_sent": "string",
- "connect_time": "string",
- "connect_time_unix": "string",
- "user_name": "string",
- "client_id": "string",
- "peer_id": "string",
- "cipher": "string"
}
], - "routes": [
- {
- "virtual_addr": "string",
- "common_name": "string",
- "remote_host": "string",
- "last_time": "string"
}
], - "connect_time": "string",
- "state": "string",
- "state_detail": "string",
- "virtual_addr": "string",
- "remote_host": "string",
- "remote_port": "string",
- "local_host": "string",
- "local_port": "string",
- "virtual_addr6": "string",
- "status": "string",
- "bytes_recv": "string",
- "bytes_sent": "string"
}
], - "sk_servers": [
- {
- "vpnid": "string",
- "port": "string",
- "mode": "string",
- "name": "string",
- "mgmt": "string",
- "conns": [
- {
- "common_name": "string",
- "remote_host": "string",
- "virtual_addr": "string",
- "virtual_addr6": "string",
- "bytes_recv": "string",
- "bytes_sent": "string",
- "connect_time": "string",
- "connect_time_unix": "string",
- "user_name": "string",
- "client_id": "string",
- "peer_id": "string",
- "cipher": "string"
}
], - "routes": [
- {
- "virtual_addr": "string",
- "common_name": "string",
- "remote_host": "string",
- "last_time": "string"
}
], - "connect_time": "string",
- "state": "string",
- "state_detail": "string",
- "virtual_addr": "string",
- "remote_host": "string",
- "remote_port": "string",
- "local_host": "string",
- "local_port": "string",
- "virtual_addr6": "string",
- "status": "string",
- "bytes_recv": "string",
- "bytes_sent": "string"
}
], - "clients": [
- {
- "vpnid": "string",
- "port": "string",
- "mode": "string",
- "name": "string",
- "mgmt": "string",
- "conns": [
- {
- "common_name": "string",
- "remote_host": "string",
- "virtual_addr": "string",
- "virtual_addr6": "string",
- "bytes_recv": "string",
- "bytes_sent": "string",
- "connect_time": "string",
- "connect_time_unix": "string",
- "user_name": "string",
- "client_id": "string",
- "peer_id": "string",
- "cipher": "string"
}
], - "routes": [
- {
- "virtual_addr": "string",
- "common_name": "string",
- "remote_host": "string",
- "last_time": "string"
}
], - "connect_time": "string",
- "state": "string",
- "state_detail": "string",
- "virtual_addr": "string",
- "remote_host": "string",
- "remote_port": "string",
- "local_host": "string",
- "local_port": "string",
- "virtual_addr6": "string",
- "status": "string",
- "bytes_recv": "string",
- "bytes_sent": "string"
}
]
}{- "config": [
- {
- "enable": true,
- "keep_conf": true,
- "resolve_interval": "string",
- "resolve_interval_track": true,
- "interface_group": "string",
- "hide_secrets": true,
- "hide_peers": true
}
], - "tunnels": {
- "item": [
- {
- "name": "string",
- "descr": "string",
- "enabled": true,
- "listenport": 0,
- "privatekey": "string",
- "publickey": "string",
- "mtu": "string",
- "addresses": [
- {
- "address": "string",
- "descr": "string"
}
]
}
]
}, - "peers": {
- "item": [
- {
- "enabled": true,
- "tun": "string",
- "descr": "string",
- "endpoint": "string",
- "port": "string",
- "persistentkeepalive": "string",
- "publickey": "string",
- "presharedkey": "string",
- "allowedips": [
- {
- "address": "string",
- "descr": "string"
}
]
}
]
}
}| enabled | boolean |
| tun | string |
| descr | string |
| endpoint | string |
| port | string |
| persistentkeepalive | string |
| publickey required | string |
| presharedkey | string |
Array of objects (WGIPAddress) |
{- "enabled": true,
- "tun": "string",
- "descr": "string",
- "endpoint": "string",
- "port": "string",
- "persistentkeepalive": "string",
- "publickey": "string",
- "presharedkey": "string",
- "allowedips": [
- {
- "address": "string",
- "descr": "string"
}
]
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| pubkey required | string |
| enabled | boolean |
| tun | string |
| descr | string |
| endpoint | string |
| port | string |
| persistentkeepalive | string |
| publickey required | string |
| presharedkey | string |
Array of objects (WGIPAddress) |
{- "enabled": true,
- "tun": "string",
- "descr": "string",
- "endpoint": "string",
- "port": "string",
- "persistentkeepalive": "string",
- "publickey": "string",
- "presharedkey": "string",
- "allowedips": [
- {
- "address": "string",
- "descr": "string"
}
]
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| enable | boolean |
| keep_conf | boolean |
| resolve_interval | string |
| resolve_interval_track | boolean |
| interface_group | string |
| hide_secrets | boolean |
| hide_peers | boolean |
{- "enable": true,
- "keep_conf": true,
- "resolve_interval": "string",
- "resolve_interval_track": true,
- "interface_group": "string",
- "hide_secrets": true,
- "hide_peers": true
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}{- "config": [
- {
- "enable": true,
- "keep_conf": true,
- "resolve_interval": "string",
- "resolve_interval_track": true,
- "interface_group": "string",
- "hide_secrets": true,
- "hide_peers": true
}
], - "status": [
- {
- "private_key": "string",
- "public_key": "string",
- "listen_port": "string",
- "fwmark": "string",
- "status": "string",
- "transfer_rx": 0,
- "transfer_tx": 0,
- "inpkts": 0,
- "outpkts": 0,
- "mtu": 0,
- "config": {
- "name": "string",
- "descr": "string",
- "enabled": true,
- "listenport": 0,
- "privatekey": "string",
- "publickey": "string",
- "mtu": "string",
- "addresses": [
- {
- "address": "string",
- "descr": "string"
}
]
}, - "peers": [
- {
- "public_key": "string",
- "preshared_key": "string",
- "endpoint": "string",
- "allowed_ips": "string",
- "latest_handshake": "string",
- "transfer_rx": "string",
- "transfer_tx": "string",
- "persistent_keepalive": "string",
- "config": {
- "enabled": true,
- "tun": "string",
- "descr": "string",
- "endpoint": "string",
- "port": "string",
- "persistentkeepalive": "string",
- "publickey": "string",
- "presharedkey": "string",
- "allowedips": [
- {
- "address": "string",
- "descr": "string"
}
]
}
}
]
}
]
}| name required | string |
| descr | string |
| enabled | boolean |
| listenport | integer |
| privatekey required | string |
| publickey required | string |
| mtu | string |
Array of objects (WGIPAddress) |
{- "name": "string",
- "descr": "string",
- "enabled": true,
- "listenport": 0,
- "privatekey": "string",
- "publickey": "string",
- "mtu": "string",
- "addresses": [
- {
- "address": "string",
- "descr": "string"
}
]
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}| name required | string |
| name required | string |
| descr | string |
| enabled | boolean |
| listenport | integer |
| privatekey required | string |
| publickey required | string |
| mtu | string |
Array of objects (WGIPAddress) |
{- "name": "string",
- "descr": "string",
- "enabled": true,
- "listenport": 0,
- "privatekey": "string",
- "publickey": "string",
- "mtu": "string",
- "addresses": [
- {
- "address": "string",
- "descr": "string"
}
]
}{- "msg": "string",
- "alrt": true,
- "sb": true,
- "alrtoln": true,
- "alrtclr": "string",
- "auth": true,
- "status": "string",
- "message": "string",
- "result": "string"
}