Secure Programmable Router API (0.3.0)
Download OpenAPI specification:Download
The API service exists for communication between service containers and to support external requests from the web front end or CLI tools.
The internal APIs run over unix sockets and rely on filesystem namespaces for authentication.
Currently there are four internal APIs:
- Support for the wifid service accepting stations
- Support for dynamic networking configuration with DHCP
- Wireguard
- DHCP Tiny Subnets
The external API runs over port :80
or can optionally be configured to run over SSL on port :443
.
Configuration
On the device, the following files contain credentials for access.
config/auth/auth_users.json
is a JSON file with a dictionary for username, password pairsconfigs/auth/auth_tokens.json
is a JSON file with a list of authentication tokensconfigs/auth/otp_settings.json
is a JSON file with OTP user configuration.
OTP Notes
- Certain privileged operations require a valid OTP JWT. The OTP code is there to provide additional security hardening.
- A user can also require OTP codes for all operations.
- The default period is 1 hour for the JWT and can be customized
basicAuth
The API supports Basic Authentication based on the auth_users file, using the Basic Schema.
To implement this, a client should include an "Authorization: Basic" header with the credentials formatted as base64(username:password)
. For a javascript example, see the frontend's Api.js.
basic
bearerAuth
The API also supports Bearer Tokens, based on the auth_tokens
file.
To implement this, a client should include an "Authorization: Bearer" token. See Swagger's page for more examples.
bearer
API extensions operate through a reverse proxy into a unix socket. They allow for hosting extensions to the API on the same web origin while running in a different process or container.
Extensions are configured in configs/base/api.json
This example shows the mapping of unix://state/dns/dns_block_plugin to http://APIHOST/plugins/dns/block/
{
"Plugins" : [{
"Name": "dns block extension",
"URI": "dns/block",
"UnixPath": "/state/dns/dns_block_plugin"
}]
}
See the API documentation for plugins here
Get Devices
Returns a map of registered devices, indexed by MAC address
Authorizations:
Responses
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/devices"
Response samples
- 200
{- "11:22:33:44:55:61": {
- "Name": "rpi4",
- "MAC": "11:22:33:44:55:61",
- "WGPubKey": "pubkey",
- "VLANTag": "vlantag",
- "RecentIP": "192.168.2.102",
- "PSKEntry": {
- "Type": "sae",
- "Psk": "password"
}, - "Policies": [
- "wan",
- "dns",
- "lan_upstream"
], - "Groups": [
- "cameras",
- "tvs"
], - "DeviceTags": [
- "private"
]
}, - "11:22:33:44:55:62": {
- "Name": "rpi4",
- "MAC": "11:22:33:44:55:61",
- "WGPubKey": "pubkey",
- "VLANTag": "vlantag",
- "RecentIP": "192.168.2.102",
- "PSKEntry": {
- "Type": "sae",
- "Psk": "password"
}, - "Policies": [
- "wan",
- "dns",
- "lan_upstream"
], - "Groups": [
- "cameras",
- "tvs"
], - "DeviceTags": [
- "private"
]
}
}
Get Device including PSK
Get a Device specified by the MAC address in the identity parameter. Requires OTP Code
Authorizations:
path Parameters
identity required | string Example: 11:22:33:44:55:61 MAC address |
Responses
Request samples
- CLI
curl -u "admin:pass" -X DELETE -H "X-JWT-OTP:..." \ "http://192.168.2.1/device?identity=11:22:33:44:55:66"
Response samples
- 200
{- "Name": "rpi4",
- "MAC": "11:22:33:44:55:61",
- "WGPubKey": "pubkey",
- "VLANTag": "vlantag",
- "RecentIP": "192.168.2.102",
- "PSKEntry": {
- "Type": "sae",
- "Psk": "password"
}, - "Policies": [
- "wan",
- "dns",
- "lan_upstream"
], - "Groups": [
- "cameras",
- "tvs"
], - "DeviceTags": [
- "private"
]
}
Update Device
Update information specified by the MAC address in the identity parameter. All fields are optional. If a PSKEntry.PskType is set and a PSKEntry.Psk is not set, one will be generated and returned. To create a wildcard PSK for adding a new device, use the string "pending" for the identity.
Authorizations:
path Parameters
identity required | string Example: 11:22:33:44:55:61 MAC address |
Request Body schema: application/jsonrequired
Device object
Name | string Client Name |
MAC | string HW address |
WGPubKey | string PubKey |
VLANTag | string VLANTag |
RecentIP | string RecentIP |
object (PSKEntry) | |
Policies | Array of strings Policies for Device |
Groups | Array of strings Interconnected Groups of Devices |
DeviceTags | Array of strings Tags for Device |
Responses
Request samples
- Payload
- CLI
{- "Name": "rpi4",
- "MAC": "11:22:33:44:55:61",
- "WGPubKey": "pubkey",
- "VLANTag": "vlantag",
- "RecentIP": "192.168.2.102",
- "PSKEntry": {
- "Type": "sae",
- "Psk": "password"
}, - "Policies": [
- "wan",
- "dns",
- "lan_upstream"
], - "Groups": [
- "cameras",
- "tvs"
], - "DeviceTags": [
- "private"
]
}
Response samples
- 200
{- "Name": "rpi4",
- "MAC": "11:22:33:44:55:61",
- "WGPubKey": "pubkey",
- "VLANTag": "vlantag",
- "RecentIP": "192.168.2.102",
- "PSKEntry": {
- "Type": "sae",
- "Psk": "password"
}, - "Policies": [
- "wan",
- "dns",
- "lan_upstream"
], - "Groups": [
- "cameras",
- "tvs"
], - "DeviceTags": [
- "private"
]
}
Delete Device
Delete a Device specified by the MAC address in the identity parameter
Authorizations:
path Parameters
identity required | string Example: 11:22:33:44:55:61 MAC address |
Responses
Request samples
- CLI
curl -u "admin:pass" -X DELETE \ "http://192.168.2.1/device?identity=11:22:33:44:55:66"
Add Group
If the group does not exist, it will be created. If it exists it will be updated. Fields are optional.
Authorizations:
Request Body schema: application/jsonrequired
Group object
Name | string Unique Group Name |
Disabled | bool If Group is disabled |
GroupTags | Array of strings Tags for Group |
Responses
Request samples
- Payload
- CLI
{- "Name": "vpn",
- "Disabled": false,
- "GroupTags": [
- [
- "private"
]
]
}
Delete Group
Authorizations:
Request Body schema: application/jsonrequired
Group object
Name | string Unique Group Name |
Disabled | bool If Group is disabled |
GroupTags | Array of strings Tags for Group |
Responses
Request samples
- Payload
- CLI
{- "Name": "vpn",
- "Disabled": false,
- "GroupTags": [
- [
- "private"
]
]
}
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/ip/addr"
Response samples
- 200
[- {
- "ifindex": 1,
- "ifname": "eth0",
- "flags": [
- "BROADCAST"
], - "mtu": 1550,
- "qdisc": "mq",
- "operstate": "UP",
- "group": "default",
- "txqlen": 1000,
- "link_type": "ether",
- "address": "11:22:33:44:55:66",
- "broadcast": "ff:ff:ff:ff:ff:ff",
- "addr_info": [
- {
- "family": "inet6",
- "local": "::1",
- "prefixlen": 64,
- "scope": "link",
- "valid_life_time": 4294967295,
- "preferred_life_time": "preferred_life_time"
}
]
}
]
NFTable Verdict Map
Returns the output of nft -j
for the verdict map specificed by the name parameter
Authorizations:
path Parameters
name required | string Name of the nfmap to fetch |
Responses
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/nfmap/dns_access"
Response samples
- 200
{ }
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/arp"
Response samples
- 200
[- {
- "IP": "192.168.2.142",
- "HWType": "0x1",
- "Flags": "0x6",
- "MAC": "11:22:33:44:55:66",
- "Mask": "*",
- "Device": "wlan1.4097"
}
]
Get Nearby Wifi Networks
Returns the output of iw dev iface scan
in json format.
Note: the specified interface needs to be in managed mode.
Authorizations:
path Parameters
iface required | string Example: wlan0 interface |
Responses
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/iw/dev/wlan0/scan"
Response samples
- 200
[- {
- "bssid": "11:11:11:11:11:11",
- "interface": "wlan0",
- "freq": 2412,
- "ssid": "sample_ssid1",
- "authentication_suites": "PSK",
- "signal_dbm": -64
}
]
Set Subnet Configuration
Sets or updates the subnet configuration. This will overwrite the existing configuration.
Authorizations:
Request Body schema: application/json
TinyNets required | Array of strings List of subnet pools. |
LeaseTime required | string Duration of the DHCP lease time. |
Responses
Request samples
- Payload
- CLI
{- "TinyNets": [
- "string"
], - "LeaseTime": "string"
}
Update DNS Settings
Updates the DNS settings. This operation overwrites the existing settings.
Authorizations:
Request Body schema: application/json
UpstreamTLSHost required | string DNS name of the upstream TLS host. |
UpstreamIPAddress required | string IP address of the upstream DNS server. |
TlsDisable required | boolean Flag to disable TLS. |
Responses
Request samples
- Payload
- CLI
{- "UpstreamTLSHost": "string",
- "UpstreamIPAddress": "string",
- "TlsDisable": true
}
Perform an ICMP ping test
Performs an ICMP ping test from a specified interface to a given address
path Parameters
interface required | string Network interface to use for the ping test |
address required | string IP address to ping |
Responses
Request samples
- CLI
curl -X PUT http://localhost/ping/eth0/8.8.8.8
Response samples
- 200
[- "10.523ms",
- "9.872ms",
- "11.245ms",
- "10.101ms"
]
Perform a UDP ping test
Performs a UDP ping test from a specified interface to a given address
path Parameters
interface required | string Network interface to use for the UDP ping test |
address required | string IP address and port to ping |
Responses
Request samples
- CLI
curl -X PUT http://localhost/ping/eth0/8.8.8.8:53/udp
Response samples
- 200
[- "15.789ms",
- "14.234ms",
- "16.012ms",
- "15.456ms"
]
Retrieve firewall config
Returns the firewall API configuration
Authorizations:
Responses
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/firewall/config"
Response samples
- 200
{- "ForwardingRules": [
- {
- "DstIP": "1.2.3.4",
- "SrcIP": "0.0.0.0/24",
- "SrcPort": "0-10",
- "DstPort": "any",
- "Protocol": "tcp"
}
], - "BlockRules": [
- {
- "DstIP": "1.2.3.4",
- "SrcIP": "0.0.0.0/24",
- "Protocol": "tcp"
}
], - "ForwardingBlockRules": [
- {
- "DstIP": "1.2.3.4",
- "SrcIP": "0.0.0.0/24",
- "DstPort": "0-65535",
- "Protocol": "tcp"
}
], - "ServicePorts": [
- {
- "UpstreamEnabled": false,
- "Port": "22",
- "Protocol": "tcp"
}
]
}
Add a Forwarding Rule
Authorizations:
Request Body schema: application/jsonrequired
Use 'any' for the port to forward all ports. Specify a port or a port range otherwise
DstIP | string |
SrcIP | string |
SrcPort | string/any|[0-9]+/ |
DstPort | string/any|[0-9]+/ |
Protocol | string/udp|tcp/ |
Responses
Request samples
- Payload
- CLI
{- "DstIP": "1.2.3.4",
- "SrcIP": "0.0.0.0/24",
- "SrcPort": "0-10",
- "DstPort": "any",
- "Protocol": "tcp"
}
Delete a Forwarding Rule
Delete forwarding rule with matching contents
Authorizations:
Request Body schema: application/jsonrequired
Use 'any' for the port to forward all ports. Specify a port or a port range otherwise
DstIP | string |
SrcIP | string |
SrcPort | string/any|[0-9]+/ |
DstPort | string/any|[0-9]+/ |
Protocol | string/udp|tcp/ |
Responses
Request samples
- Payload
- CLI
{- "DstIP": "1.2.3.4",
- "SrcIP": "0.0.0.0/24",
- "SrcPort": "0-10",
- "DstPort": "any",
- "Protocol": "tcp"
}
Delete IP Block
Delete blocking rule with matching contents
Authorizations:
Request Body schema: application/jsonrequired
FirewallBlock
DstIP | string |
SrcIP | string |
Protocol | string/udp|tcp/ |
Responses
Request samples
- Payload
- CLI
{- "DstIP": "1.2.3.4",
- "SrcIP": "0.0.0.0/24",
- "Protocol": "tcp"
}
Add Forward Block
Add Forward Block Rule, to block outbound traffic
Authorizations:
Request Body schema: application/jsonrequired
FirewallBlockForward
DstIP | string |
SrcIP | string |
DstPort | string |
Protocol | string/udp|tcp/ |
Responses
Request samples
- Payload
- CLI
{- "DstIP": "1.2.3.4",
- "SrcIP": "0.0.0.0/24",
- "DstPort": "0-65535",
- "Protocol": "tcp"
}
Delete Forward Block
Delete blocking rule with matching contents
Authorizations:
Request Body schema: application/jsonrequired
FirewallBlockForward
DstIP | string |
SrcIP | string |
DstPort | string |
Protocol | string/udp|tcp/ |
Responses
Request samples
- Payload
- CLI
{- "DstIP": "1.2.3.4",
- "SrcIP": "0.0.0.0/24",
- "DstPort": "0-65535",
- "Protocol": "tcp"
}
Allow Service Port Access
Service Ports are ports that run on the SPR router itself. They can be for LAN clients only or for upstream also
Authorizations:
Request Body schema: application/jsonrequired
ServicePort
UpstreamEnabled | boolean Reachable from WAN/Upstream Interface |
Port | string |
Protocol | string/tcp/ Only TCP services are currently supported |
Responses
Request samples
- Payload
- CLI
{- "UpstreamEnabled": false,
- "Port": "22",
- "Protocol": "tcp"
}
Delete Service Port Access
Delete service port from allow list
Authorizations:
Request Body schema: application/jsonrequired
ServicePort
UpstreamEnabled | boolean Reachable from WAN/Upstream Interface |
Port | string |
Protocol | string/tcp/ Only TCP services are currently supported |
Responses
Request samples
- Payload
- CLI
{- "UpstreamEnabled": false,
- "Port": "22",
- "Protocol": "tcp"
}
Add Firewall Endpoint
Endpoints store common destinations for the UI to populate fields with
Authorizations:
Request Body schema: application/json
RuleName | string |
Disabled | boolean |
Protocol | string |
IP | string |
Domain | string |
Port | string |
Tags | Array of strings Tags for Device |
Responses
Request samples
- Payload
- CLI
{- "RuleName": "string",
- "Disabled": true,
- "Protocol": "string",
- "IP": "1.2.3.4",
- "Domain": "www.domain.com",
- "Port": "22",
- "Tags": [
- "private"
]
}
Delete Firewall Endpoint
Delete an existing endpoint from the firewall configuration.
Authorizations:
Request Body schema: application/json
RuleName | string |
Disabled | boolean |
Protocol | string |
IP | string |
Domain | string |
Port | string |
Tags | Array of strings Tags for Device |
Responses
Request samples
- Payload
- CLI
{- "RuleName": "string",
- "Disabled": true,
- "Protocol": "string",
- "IP": "1.2.3.4",
- "Domain": "www.domain.com",
- "Port": "22",
- "Tags": [
- "private"
]
}
Enable Multicast Port (UDP over a multicast IP/ethernet address)
Configures a multicast port in the firewall.
Authorizations:
Request Body schema: application/json
Upstream | boolean Reachable from Uplinks |
Port | string |
Responses
Request samples
- Payload
- CLI
{- "Upstream": true,
- "Port": "22"
}
Add Custom Interface Rule to join an interface to the network
Adds a custom interface rule to the firewall.
Authorizations:
Request Body schema: application/json
Interface | string interface name |
SrcIP | string IP or CIDR assigned to interface |
RouteDst | string IP destination to route to, for example container host IP |
Policies | Array of strings Policies for Interface |
Groups | Array of strings Groups to join Interfaces to Devices |
Tags | Array of strings Tags to apply. NOTE, no impact for now |
Responses
Request samples
- Payload
- CLI
{- "Interface": "wlan1",
- "SrcIP": "172.16.0.0/16",
- "RouteDst": "172.12.0.2",
- "Policies": [
- "api",
- "wan",
- "dns",
- "lan_upstream"
], - "Groups": [
- "cameras"
], - "Tags": [
- "private"
]
}
Remove Custom Interface Rule
Removes a custom interface rule from the firewall.
Authorizations:
Request Body schema: application/json
Interface | string interface name |
SrcIP | string IP or CIDR assigned to interface |
RouteDst | string IP destination to route to, for example container host IP |
Policies | Array of strings Policies for Interface |
Groups | Array of strings Groups to join Interfaces to Devices |
Tags | Array of strings Tags to apply. NOTE, no impact for now |
Responses
Request samples
- Payload
- CLI
{- "Interface": "wlan1",
- "SrcIP": "172.16.0.0/16",
- "RouteDst": "172.12.0.2",
- "Policies": [
- "api",
- "wan",
- "dns",
- "lan_upstream"
], - "Groups": [
- "cameras"
], - "Tags": [
- "private"
]
}
Configure ICMP Options
Configures ICMP options in the firewall.
Authorizations:
Request Body schema: application/json
PingLan required | boolean Allow ping from LAN |
PingWan required | boolean Allow ping from WAN/upstream |
Responses
Request samples
- Payload
- CLI
{- "PingLan": true,
- "PingWan": false
}
Request samples
- CLI
curl http://localhost/multicastSettings
Response samples
- 200
{- "Disabled": false,
- "Addresses": [
- {
- "Address": "224.0.0.251:5353"
}
], - "DisableMDNSAdvertise": false,
- "MDNSName": "MyDevice"
}
Update multicast settings
Updates the multicast settings
Request Body schema: application/jsonrequired
Disabled | boolean Whether multicast is disabled |
Array of objects (MulticastAddress) List of multicast addresses | |
DisableMDNSAdvertise | boolean Whether MDNS advertisement is disabled |
MDNSName | string MDNS name |
Responses
Request samples
- Payload
- CLI
{- "Disabled": false,
- "Addresses": [
- {
- "Address": "224.0.0.251:5353"
}
], - "DisableMDNSAdvertise": false,
- "MDNSName": "MyDevice"
}
Response samples
- 200
{- "Disabled": false,
- "Addresses": [
- {
- "Address": "224.0.0.251:5353"
}
], - "DisableMDNSAdvertise": false,
- "MDNSName": "MyDevice"
}
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/iptraffic"
Response samples
- 200
[- {
- "Interface": "wlan1",
- "Src": "192.168.2.100",
- "Dst": "192.168.2.102",
- "Packets": 1024,
- "Bytes": 4096
}
]
Retrieve traffic for LAN/WAN
Returns traffic information from the counter specified by the name parameter. Countermap can be one of incoming_traffic_lan
| outgoing_traffic_lan
| outgoing_traffic_wan
| incoming_traffic_wan
. See the accounting.sh NFT rules for additional information
Authorizations:
path Parameters
countermap required | string Example: incoming_traffic_lan Name of counter |
Responses
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/traffic/outgoing_traffic_lan"
Response samples
- 200
[- {
- "IP": "192.168.2.1",
- "Packets": 7544,
- "Bytes": 824606
}
]
Retrieve historical traffic data for devices
Returns traffic information for all devices
Authorizations:
Responses
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/traffic_history"
Response samples
- 200
{- "192.168.2.11": {
- "LanIn": 11125256532,
- "LanOut": 292437928,
- "WanIn": 52664,
- "WanOut": 52664
}, - "192.168.2.12": {
- "LanIn": 11125256532,
- "LanOut": 292437928,
- "WanIn": 52664,
- "WanOut": 52664
}
}
Retrieve hostapd status
Returns current status for hostapd
Authorizations:
path Parameters
interface required | string Name of wireless interface |
Responses
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/hostapd/status"
Response samples
- 200
{- "beacon_int": "100",
- "bss[0]": "wlan1",
- "bssid[0]": "00:c0:ca:33:11:22",
- "cac_time_left_seconds": "N/A",
- "cac_time_seconds": "0",
- "channel": "36",
- "dtim_period": "2",
- "edmg_channel": "0",
- "edmg_enable": "0",
- "freq": "5180",
- "ht_caps_info": "01ff",
- "ht_mcs_bitmask": "ffff0000000000000000",
- "ht_op_mode": "0x6",
- "ieee80211ac": "1",
- "ieee80211ax": "0",
- "ieee80211n": "1",
- "max_txpower": "23",
- "num_sta[0]": "6",
- "num_sta_ht40_intolerant": "0",
- "num_sta_ht_20_mhz": "2",
- "num_sta_ht_no_gf": "6",
- "num_sta_no_ht": "0",
- "num_sta_no_short_preamble": "6",
- "num_sta_no_short_slot_time": "6",
- "num_sta_non_erp": "0",
- "olbc": "0",
- "olbc_ht": "0",
- "phy": "phy1",
- "rx_vht_mcs_map": "fffa",
- "secondary_channel": "1",
- "ssid[0]": "test_ap",
- "state": "ENABLED",
- "supported_rates": "0c 12 18 24 30 48 60 6c",
- "tx_vht_mcs_map": "fffa",
- "vht_caps_info": "318001b0",
- "vht_oper_centr_freq_seg0_idx": "42",
- "vht_oper_centr_freq_seg1_idx": "0",
- "vht_oper_chwidth": "1"
}
Retrieve all_stations output
Returns current status for all stations
Authorizations:
path Parameters
interface required | string Name of wireless interface |
Responses
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/hostapd/all_stations"
Response samples
- 200
{- "11:22:33:44:55:61": {
- "AKMSuiteSelector": "00-0f-ac-2",
- "aid": "3",
- "capability": "0x11",
- "connected_time": "4946",
- "dot11RSNAStatsSTAAddress": "11:22:33:44:55:61",
- "dot11RSNAStatsSelectedPairwiseCipher": "00-0f-ac-4",
- "dot11RSNAStatsTKIPLocalMICFailures": "0",
- "dot11RSNAStatsTKIPRemoteMICFailures": "0",
- "dot11RSNAStatsVersion": "1",
- "flags": "[AUTH][ASSOC][AUTHORIZED][WMM][HT]",
- "hostapdWPAPTKGroupState": "0",
- "hostapdWPAPTKState": "11",
- "ht_caps_info": "0x016e",
- "ht_mcs_bitmask": "ff000000000000000000",
- "inactive_msec": "1584",
- "listen_interval": "1",
- "rx_bytes": "126055",
- "rx_packets": "2394",
- "rx_rate_info": "60",
- "signal": "-85",
- "supported_rates": "8c 12 98 24 b0 48 60 6c",
- "timeout_next": "NULLFUNC POLL",
- "tx_bytes": "485584",
- "tx_packets": "1957",
- "tx_rate_info": "1200 mcs 5 shortGI",
- "vlan_id": "4247",
- "wpa": "2"
}, - "11:22:33:44:55:62": {
- "AKMSuiteSelector": "00-0f-ac-2",
- "aid": "3",
- "capability": "0x11",
- "connected_time": "4946",
- "dot11RSNAStatsSTAAddress": "11:22:33:44:55:61",
- "dot11RSNAStatsSelectedPairwiseCipher": "00-0f-ac-4",
- "dot11RSNAStatsTKIPLocalMICFailures": "0",
- "dot11RSNAStatsTKIPRemoteMICFailures": "0",
- "dot11RSNAStatsVersion": "1",
- "flags": "[AUTH][ASSOC][AUTHORIZED][WMM][HT]",
- "hostapdWPAPTKGroupState": "0",
- "hostapdWPAPTKState": "11",
- "ht_caps_info": "0x016e",
- "ht_mcs_bitmask": "ff000000000000000000",
- "inactive_msec": "1584",
- "listen_interval": "1",
- "rx_bytes": "126055",
- "rx_packets": "2394",
- "rx_rate_info": "60",
- "signal": "-85",
- "supported_rates": "8c 12 98 24 b0 48 60 6c",
- "timeout_next": "NULLFUNC POLL",
- "tx_bytes": "485584",
- "tx_packets": "1957",
- "tx_rate_info": "1200 mcs 5 shortGI",
- "vlan_id": "4247",
- "wpa": "2"
}
}
Set hostapd config
Set hostapd configuration
Authorizations:
path Parameters
interface required | string Name of wireless interface |
Request Body schema: application/jsonrequired
Channel Parameters for WiFi
Country_code | string 2-letter country code |
Vht_capab | string Very High Throughput capabilities for 5ghz (802.11ac). Should be removed for 2.4ghz |
Ht_capab | string High Throughput capabilities (802.11n) |
Hw_mode | string/^(a/b/g)$/ a for 5ghz, b/g for 2.4ghz |
Ieee80211ax | integer WiFi 6 support |
He_su_beamformer | integer High Efficiency (WiFi 6) Single User Beamformer enable |
He_su_beamformee | integer High Efficiency (WiFi 6) Single User Beamformee enable |
He_mu_beamformer | integer High Efficiency (WiFi 6) Multiple User Beamformer enable |
Ssid | string WiFi SSID Name |
Channel | integer See the list of WLAN channels |
Vht_oper_centr_freq_seg0_idx | integer |
He_oper_centr_freq_seg0_idx | integer |
Vht_oper_chwidth | integer |
He_oper_chwidth | integer |
Responses
Request samples
- Payload
{- "Country_code": "US",
- "Vht_capab": "[RXLDPC][SHORT-GI-80][TX-STBC-2BY1][RX-STBC-1][MAX-A-MPDU-LEN-EXP3][RX-ANTENNA-PATTERN][TX-ANTENNA-PATTERN]",
- "Ht_capab": "[LDPC][HT40+][HT40-][GF][SHORT-GI-20][SHORT-GI-40][TX-STBC][RX-STBC1]",
- "Hw_mode": "a",
- "Ieee80211ax": 1,
- "He_su_beamformer": 1,
- "He_su_beamformee": 1,
- "He_mu_beamformer": 1,
- "Ssid": "8hzWANip",
- "Channel": 36,
- "Vht_oper_centr_freq_seg0_idx": 42,
- "He_oper_centr_freq_seg0_idx": 42,
- "Vht_oper_chwidth": 1,
- "He_oper_chwidth": 1
}
Set WiFi Channel
Sets channel configuration
Authorizations:
path Parameters
interface required | string Name of wireless interface |
Request Body schema: application/jsonrequired
Channel Parameters for WiFi
Mode | string/^(a|b|g)$/ g for 2.4Ghz, a for 5Ghz |
Channel | integer See the list of WLAN channels |
Bandwidth | integer Channel width in Mhz. One of 20, 40, 80, 160, or 8080 for 80+80 |
HT_Enable | boolean 802.11n support - High Throughput |
VHT_Enable | boolean 802.11ac support - Very High Throughput (WiFi 5) |
HE_Enable | boolean 802.11ax support - High Effiency (WiFi 6) |
Responses
Request samples
- Payload
- CLI
{- "Mode": "a",
- "Channel": 36,
- "Bandwidth": 80,
- "HT_Enable": true,
- "VHT_Enable": true,
- "HE_Enable": true
}
Response samples
- 200
{- "Vht_oper_centr_freq_seg0_idx": 42,
- "He_oper_centr_freq_seg0_idx": 42,
- "Vht_oper_chwidth": 1,
- "He_oper_chwidth": 1
}
Enable Additional BSS on Interface
Enables an additional BSS (Basic Service Set) on the specified interface. This supports WPA1, and disabled isolation. Requires card support
Authorizations:
path Parameters
interface required | string Name of the network interface. |
Request Body schema: application/json
Ssid | string |
Bssid | string |
Wpa | string |
WpaKeyMgmt | string |
DisableIsolation | boolean |
Responses
Request samples
- Payload
- CLI
{- "Ssid": "string",
- "Bssid": "string",
- "Wpa": "string",
- "WpaKeyMgmt": "string",
- "DisableIsolation": true
}
Disable Extra BSS on Interface
Disables an additional BSS on the specified interface.
Authorizations:
path Parameters
interface required | string Name of the network interface. |
Responses
Request samples
- CLI
curl -u "admin:pass" -X DELETE \ "http://192.168.2.1/hostapd/eth0/enableExtraBSS"
Retrieve interface configuration
SPR Tracks the state of interfaces to decide launching hostap
Authorizations:
Responses
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/interfacesConfiguration"
Response samples
- 200
[- {
- "Name": "wlan1",
- "Type": "AP",
- "Enabled": true
}
]
Get WPA Supplicant Configuration
Retrieves the current WPA supplicant configuration.
Authorizations:
Responses
Response samples
- 200
{- "WPAs": [
- {
- "Iface": "string",
- "Enabled": true,
- "Networks": [
- {
- "Disabled": true,
- "Password": "string",
- "SSID": "string",
- "KeyMgmt": "string",
- "Priority": "string",
- "BSSID": "string"
}
]
}
]
}
Update or Add WPA Supplicant Interface Configuration
Updates an existing WPA interface configuration or adds a new one.
Authorizations:
Request Body schema: application/json
Iface | string |
Enabled | boolean |
Array of objects (WPANetwork) |
Responses
Request samples
- Payload
- CLI
{- "Iface": "string",
- "Enabled": true,
- "Networks": [
- {
- "Disabled": true,
- "Password": "string",
- "SSID": "string",
- "KeyMgmt": "string",
- "Priority": "string",
- "BSSID": "string"
}
]
}
Update or Add PPP Interface Configuration
Updates an existing PPP interface configuration or adds a new one.
Authorizations:
Request Body schema: application/json
Iface | string |
PPPIface | string |
Enabled | boolean |
Username | string |
Secret | string |
VLAN | string or null |
MTU | string or null |
Responses
Request samples
- Payload
- CLI
{- "Iface": "string",
- "PPPIface": "string",
- "Enabled": true,
- "Username": "string",
- "Secret": "string",
- "VLAN": "string",
- "MTU": "string"
}
Update Interface IP Configuration for an existing interface
Updates the IP configuration of a network interface.
Authorizations:
Request Body schema: application/json
Name | string |
Enabled | boolean |
DisableDHCP | boolean or null |
IP | string or null |
Router | string or null |
VLAN | string or null |
Responses
Request samples
- Payload
- CLI
{- "Name": "string",
- "Enabled": true,
- "DisableDHCP": true,
- "IP": "string",
- "Router": "string",
- "VLAN": "string"
}
Update Link Configuration
Updates the configuration of a LAN network interface.
Authorizations:
Request Body schema: application/json
Name | string Interface name on system |
Type | string Enum: "AP" "Uplink" "Downlink" "Other" |
Subtype | string |
Enabled | boolean |
Responses
Request samples
- Payload
- CLI
{- "Name": "string",
- "Type": "AP",
- "Subtype": "string",
- "Enabled": true
}
Update VLAN Trunk State on Interface
Set an interface as a VLAN trunk, enabling or disabling it.
Authorizations:
path Parameters
interface required | string Name of the network interface. |
state required | string Enum: "enable" "disable" State of the VLAN trunk on the interface (enable or disable). |
Responses
Request samples
- CLI
# Example to enable VLAN trunk on eth0 curl -u "admin:pass" -X PUT \ "http://192.168.2.1/link/vlan/eth0/enable" # Example to disable VLAN trunk on eth0 curl -u "admin:pass" -X PUT \ "http://192.168.2.1/link/vlan/eth0/disable"
Get Version
Get latest tag from docker specified by the container parameter. If no container is specified version is fetched for superd
Authorizations:
query Parameters
container | string container to get version for |
Responses
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/version"
Response samples
- 200
"0.1.23"
Retreive System Logs
Returns the output of journalctl in json format
Authorizations:
Responses
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/logs"
Response samples
- 200
[- {
- "CONTAINER_NAME": "superapi",
- "MESSAGE": "192.168.2.101:1234 GET /logs",
- "__REALTIME_TIMESTAMP": 1651066188615770
}
]
Get release settings
Returns an object with the current SPR version and Channel, Version settings
Authorizations:
Responses
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/release"
Response samples
- 200
{- "CustomChannel": "-dev",
- "CustomVersion": "0.1.2",
- "Current": "0.1.2-dev"
}
Set release settings
Set a custom Channel, Version to update into
Authorizations:
Request Body schema: application/json
CustomChannel | string |
CustomVersion | string |
Current | string |
Responses
Request samples
- Payload
- CLI
{- "CustomChannel": "-dev",
- "CustomVersion": "0.1.3"
}
Get releases available
Returns a list of tags available to update into
Authorizations:
path Parameters
container required | string Example: super_superd Container name |
Responses
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/releaseChannels"
Response samples
- 200
[- "latest",
- "0.1.23",
- "0.1.23-dev"
]
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/plugins"
Response samples
- 200
[- {
- "Name": "dns-block",
- "URI": "dns/block",
- "UnixPath": "/state/dns/dns_block_plugin",
- "Enabled": true,
- "Plus": false,
- "ComposeFilePath": "plugins/plugin/docker-compose.yml",
- "HasUI": true,
- "SandboxedUI": true,
- "InstallTokenPath": "/config/plugins/dns-block/install-token",
- "ScopedPaths": [
- "/config/plugins/dns-block",
- "/state/plugins/dns-block"
]
}
]
Add or Update Plugin
Add or update a plugin specified by the name parameter
Authorizations:
path Parameters
name required | string Example: dns-block plugin name |
Request Body schema: application/jsonrequired
PluginEntry to be added or updated
Name | string Plugin name |
URI | string Plugin URI |
UnixPath | string Plugin path for unix socket |
Enabled | boolean Plugin state |
Plus | boolean Indicates if this is a PLUS plugin |
GitURL | string Git repository URL for the plugin |
ComposeFilePath | string Relative path to docker compose file |
HasUI | boolean Indicates if the plugin has a user interface |
SandboxedUI | boolean Indicates if the plugin UI is sandboxed |
InstallTokenPath | string Path to the installation token |
ScopedPaths | Array of strings List of scoped paths for the plugin |
Responses
Request samples
- Payload
- CLI
{- "Name": "dns-block",
- "URI": "dns/block",
- "UnixPath": "/state/dns/dns_block_plugin",
- "Enabled": true,
- "Plus": false,
- "ComposeFilePath": "plugins/plugin/docker-compose.yml",
- "HasUI": true,
- "SandboxedUI": true,
- "InstallTokenPath": "/config/plugins/dns-block/install-token",
- "ScopedPaths": [
- "/config/plugins/dns-block",
- "/state/plugins/dns-block"
]
}
Update Custom Docker Compose Paths for plugins
Updates the permit list of docker compose files that can be launched from disk
Authorizations:
Request Body schema: application/jsonrequired
Responses
Request samples
- Payload
[- "string"
]
Get API Tokens
Get an array of all tokens
Authorizations:
Responses
Request samples
- CLI
curl -u "admin:pass" -H "X-JWT-OTP:..." \ "http://192.168.2.1/tokens"
Response samples
- 200
[- {
- "Name": "TestToken",
- "Token": "dG9rbnRva250b2tudG9rbnRva250b2tudG9rbnRva24K",
- "ScopedPaths": [
- "wifi"
], - "Expire": 1656440879
}
]
Add API Token
Create a new token. If Expire is 0 or undefined the Token will never expire
Authorizations:
Request Body schema: application/json
Expire | integer |
ScopedPaths | Array of strings |
Responses
Request samples
- Payload
- CLI
{- "Expire": 1656440879,
- "ScopedPaths": [
- "/status",
- "/docker/info"
]
}
Response samples
- 200
{- "Name": "TestToken",
- "Token": "dG9rbnRva250b2tudG9rbnRva250b2tudG9rbnRva24K",
- "ScopedPaths": [
- "wifi"
], - "Expire": 1656440879
}
Request samples
- CLI
curl -X GET "http://192.168.2.1/alerts"
Response samples
- 200
[- {
- "TopicPrefix": "string",
- "MatchAnyOne": true,
- "InvertRule": true,
- "Conditions": [
- {
- "JPath": "string"
}
], - "Actions": [
- {
- "SendNotification": true,
- "StoreAlert": true,
- "StoreTopicSuffix": "string",
- "MessageTitle": "string",
- "MessageBody": "string",
- "NotificationType": "string",
- "ActionType": "string",
- "GrabEvent": true,
- "GrabValues": true,
- "GrabFields": [
- "string"
]
}
], - "Name": "string",
- "Disabled": true,
- "RuleId": "string"
}
]
Add or Update Alerts
If an alert setting does not exist, it will be created, otherwise updated
Authorizations:
Request Body schema: application/jsonrequired
AlertSetting object that needs to be added
TopicPrefix | string |
MatchAnyOne | boolean |
InvertRule | boolean |
Array of objects (ConditionEntry) | |
Array of objects (ActionConfig) | |
Name | string |
Disabled | boolean |
RuleId | string |
Responses
Request samples
- Payload
- CLI
{- "TopicPrefix": "string",
- "MatchAnyOne": true,
- "InvertRule": true,
- "Conditions": [
- {
- "JPath": "string"
}
], - "Actions": [
- {
- "SendNotification": true,
- "StoreAlert": true,
- "StoreTopicSuffix": "string",
- "MessageTitle": "string",
- "MessageBody": "string",
- "NotificationType": "string",
- "ActionType": "string",
- "GrabEvent": true,
- "GrabValues": true,
- "GrabFields": [
- "string"
]
}
], - "Name": "string",
- "Disabled": true,
- "RuleId": "string"
}
Update Alert by Index
Update an alert setting at a specific index. If the alert setting does not exist at this index, it will be created. Fields are optional.
Authorizations:
Request Body schema: application/jsonrequired
AlertSetting object that needs to be added
TopicPrefix | string |
MatchAnyOne | boolean |
InvertRule | boolean |
Array of objects (ConditionEntry) | |
Array of objects (ActionConfig) | |
Name | string |
Disabled | boolean |
RuleId | string |
Responses
Request samples
- Payload
- CLI
{- "TopicPrefix": "string",
- "MatchAnyOne": true,
- "InvertRule": true,
- "Conditions": [
- {
- "JPath": "string"
}
], - "Actions": [
- {
- "SendNotification": true,
- "StoreAlert": true,
- "StoreTopicSuffix": "string",
- "MessageTitle": "string",
- "MessageBody": "string",
- "NotificationType": "string",
- "ActionType": "string",
- "GrabEvent": true,
- "GrabValues": true,
- "GrabFields": [
- "string"
]
}
], - "Name": "string",
- "Disabled": true,
- "RuleId": "string"
}
Configure OTP User
Updates an OTP user with the given details. If already registered, a valid code is required
Authorizations:
Request Body schema: application/jsonrequired
Name | string |
Code | string |
UpdateAlwaysOn | boolean |
AlwaysOn | boolean |
Responses
Request samples
- Payload
- CLI
{- "Name": "string",
- "Code": "string",
- "UpdateAlwaysOn": true,
- "AlwaysOn": true
}
Delete OTP User
Deletes an OTP user. Valid code required
Authorizations:
Request Body schema: application/jsonrequired
Name | string |
Code | string |
UpdateAlwaysOn | boolean |
AlwaysOn | boolean |
Responses
Request samples
- Payload
- CLI
{- "Name": "string",
- "Code": "string",
- "UpdateAlwaysOn": true,
- "AlwaysOn": true
}
Generate an OTP JWT
Validates the provided OTP user details and generates the X-JWT-OTP token
Authorizations:
Request Body schema: application/jsonrequired
Name | string |
Code | string |
UpdateAlwaysOn | boolean |
AlwaysOn | boolean |
Responses
Request samples
- Payload
- CLI
{- "Name": "string",
- "Code": "string",
- "UpdateAlwaysOn": true,
- "AlwaysOn": true
}
Response samples
- 200
"string"
Request samples
- CLI
curl -H "Authorization: Bearer [token]" -H "X-JWT-Token: [jwt-token]" \ "http://192.168.2.1/otp_status"
Response samples
- 200
{- "State": "string",
- "AlwaysOn": true
}
Start PLUS extension
Start a PLUS extension. Currently this is the pfw plugin
Authorizations:
query Parameters
name | string Example: name=pfw Name of plus extension |
Responses
Response samples
- 200
[- {
- "Conditions": {
- "Prefix": "drop:input",
- "Protocol": "tcp",
- "DstIP": "1.1.1.1",
- "DstPort": 80,
- "SrcIP": "192.168.2.10",
- "SrcPort": 1234
}, - "Notification": true
}
]
Stop PLUS extension
Stop a PLUS extension. Currently this is the pfw plugin
Authorizations:
query Parameters
name | string Example: name=pfw Name of plus extension |
Responses
Response samples
- 200
[- {
- "Conditions": {
- "Prefix": "drop:input",
- "Protocol": "tcp",
- "DstIP": "1.1.1.1",
- "DstPort": 80,
- "SrcIP": "192.168.2.10",
- "SrcPort": 1234
}, - "Notification": true
}
]
Add override domain
Add domain to be blocked/permitted by DNS
Authorizations:
Request Body schema: application/jsonrequired
DNSDomainOverride object that needs to be added
Type | string type of override (permit or block) |
Domain | string domain name to override |
ResultIP | string/^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$/ ip to return |
ClientIP | string/^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$/ target to apply to, '*' for all |
Expiration | integer if non zero has unix time for when the entry should disappear |
Responses
Request samples
- Payload
- CLI
{- "Type": "permit",
- "Domain": "example.com",
- "ResultIP": "1.2.3.4",
- "ClientIP": "192.168.2.102",
- "Expiration": 0
}
Delete override domain
Delete domain to be blocked/permitted by DNS
Authorizations:
Request Body schema: application/jsonrequired
DNSDomainOverride object that needs to be added
Type | string type of override (permit or block) |
Domain | string domain name to override |
ResultIP | string/^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$/ ip to return |
ClientIP | string/^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$/ target to apply to, '*' for all |
Expiration | integer if non zero has unix time for when the entry should disappear |
Responses
Request samples
- Payload
- CLI
{- "Type": "permit",
- "Domain": "example.com",
- "ResultIP": "1.2.3.4",
- "ClientIP": "192.168.2.102",
- "Expiration": 0
}
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/plugins/dns/block/blocklist"
Response samples
- 200
[
]
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/plugins/dns/log/config"
Response samples
- 200
[- {
- "HostPrivacyIPList": [
- "192.168.1.10"
]
}, - {
- "DomainIgnoreList": [
- "asdf.com",
- "asdf2.com",
- "test.com."
]
}
]
Retrieve recent DNS history for a given IP
Authorizations:
path Parameters
ip required | string Example: 1.1.1.1 ip address |
Responses
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/plugins/dns/log/history/192.168.1.10"
Response samples
- 200
[- {
- "Q": [
- {
- "Name": "supernetworks.org.",
- "Qtype": 1,
- "Qclass": 1
}
], - "A": [
- {
- "Hdr": {
- "Name": "supernetworks.org.",
- "Rrtype": 1,
- "Class": 1,
- "Ttl": 30,
- "Rdlength": 4
}, - "A": "172.67.71.52"
}, - {
- "Hdr": {
- "Name": "supernetworks.org.",
- "Rrtype": 1,
- "Class": 1,
- "Ttl": 30,
- "Rdlength": 4
}, - "A": "104.26.7.38"
}, - {
- "Hdr": {
- "Name": "supernetworks.org.",
- "Rrtype": 1,
- "Class": 1,
- "Ttl": 30,
- "Rdlength": 4
}, - "A": "104.26.6.38"
}
], - "Type": "NOERROR",
- "FirstName": "supernetworks.org.",
- "FirstAnswer": "172.67.71.52",
- "Local": "[::]:53",
- "Remote": "127.0.0.1:60237",
- "Timestamp": "2022-03-28T21:47:49.563958-07:00"
}
]
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/plugins/wireguard/peers"
Response samples
- 200
[- {
- "PublicKey": "7SdFRh8o76RjUn/y4c7cQgCcCXA85s47/gVAdem3bBI=",
- "AllowedIPs": "192.168.3.3/32",
- "Endpoint": "192.168.2.1:51280",
- "PresharedKey": "w9bfMAfqRnLjnlHofX+JSzaRDADrW1tvyW1UWzXJjrg=",
- "PersistentKeepalive": 25
}
]
Peer
Creates a new peer
Authorizations:
Request Body schema: application/jsonoptional
Device object
PublicKey | string Base64 public key |
AllowedIPs | string Allowed IP address |
Endpoint | string Endpoint to connect to |
PresharedKey | any Preshared key |
PersistentKeepalive | integer Keepalive timeout |
Responses
Request samples
- Payload
- CLI
{- "PublicKey": "7SdFRh8o76RjUn/y4c7cQgCcCXA85s47/gVAdem3bBI=",
- "AllowedIPs": "192.168.3.3/32",
- "Endpoint": "192.168.2.1:51280",
- "PresharedKey": "w9bfMAfqRnLjnlHofX+JSzaRDADrW1tvyW1UWzXJjrg=",
- "PersistentKeepalive": 25
}
Response samples
- 200
{- "Interface": {
- "PrivateKey": "6KVVbcmXanU/6mByHy17eNO9DXe9BQJWOyaA204JYH4=",
- "Address": "192.168.3.3/24",
- "DNS": "1.1.1.1"
}, - "Peer": {
- "PublicKey": "7SdFRh8o76RjUn/y4c7cQgCcCXA85s47/gVAdem3bBI=",
- "AllowedIPs": "192.168.3.3/32",
- "Endpoint": "192.168.2.1:51280",
- "PresharedKey": "w9bfMAfqRnLjnlHofX+JSzaRDADrW1tvyW1UWzXJjrg=",
- "PersistentKeepalive": 25
}
}
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/plugins/wireguard/config"
Response samples
- 200
"[Interface]\nAddress = 192.168.3.1/24\nListenPort = 51280\nPrivateKey = 6KVVbcmXanU/6mByHy17eNO9DXe9BQJWOyaA204JYH4=\n\n[Peer]\nPublicKey = 7SdFRh8o76RjUn/y4c7cQgCcCXA85s47/gVAdem3bBI=\nPresharedKey = w9bfMAfqRnLjnlHofX+JSzaRDADrW1tvyW1UWzXJjrg=\nAllowedIPs = 192.168.3.2/32\n"
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/plugins/wireguard/status"
Response samples
- 200
{- "wg0": {
- "privateKey": "6KVVbcmXanU/6mByHy17eNO9DXe9BQJWOyaA204JYH4=",
- "publicKey": "7SdFRh8o76RjUn/y4c7cQgCcCXA85s47/gVAdem3bBI=",
- "listenPort": "51280,",
- "peers": {
- "HvtqvLJ1F33eHmR5Yk9PLZfTHg7w6sazPZtZi9u8pBQ=": {
- "presharedKey": "w9bfMAfqRnLjnlHofX+JSzaRDADrW1tvyW1UWzXJjrg=",
- "allowedIps": [
- "192.168.3.2/32"
]
}
}
}
}
IP ASN
Get ASN information for IP address
Authorizations:
path Parameters
ips required | string Example: 1.1.1.1,2.2.2.2 ip address list, separated by , |
Responses
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/plugins/lookup/asn/1.1.1.1"
Response samples
- 200
{- "IP": "1.1.1.1",
- "ASN": 13335,
- "Name": "CLOUDFLARENET",
- "Country": "US"
}
IPs ASN
Get ASN information for IPs separated by ,
Authorizations:
path Parameters
ips required | string Example: 1.1.1.1,2.2.2.2 ip address list, separated by , |
Responses
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/plugins/lookup/asns/1.1.1.1,8.8.8.8"
Response samples
- 200
[- {
- "IP": "1.1.1.1",
- "ASN": 13335,
- "Name": "CLOUDFLARENET",
- "Country": "US"
}
]
MAC OUI
Get OUI vendor information for MAC address
Authorizations:
path Parameters
mac required | string Example: 11:22:33:44:55:66 MAC address |
Responses
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/plugins/lookup/oui/00:11:22:33:44:55"
Response samples
- 200
{- "MAC": "00:11:22:33:44:66",
- "Vendor": "CIMSYS"
}
MACs OUI
Get OUI vendor information for MACs separated by ,
Authorizations:
path Parameters
macs required | string Example: 00:11:22:33:44:66 MAC address list separated by , |
Responses
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/plugins/lookup/ouis/00:11:22:33:44:66"
Response samples
- 200
[- {
- "MAC": "00:11:22:33:44:66",
- "Vendor": "CIMSYS"
}
]
Get mesh configuration
Retrieves the current mesh network configuration
Authorizations:
Responses
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/plugins/mesh/config"
Response samples
- 200
{- "ParentCredentials": {
- "ParentIP": "string",
- "ParentAPIToken": "string",
- "ParentCA": "string"
}, - "LeafRouters": [
- {
- "APIToken": "string",
- "IP": "string",
- "TLSCA": "string"
}
]
}
Get list of leaf routers
Retrieves a list of all leaf routers the main router has configured
Authorizations:
Responses
Request samples
- CLI
curl -u "admin:pass" \ "http://192.168.2.1/plugins/mesh/leafRouters"
Response samples
- 200
[- {
- "APIToken": "string",
- "IP": "string",
- "TLSCA": "string"
}
]