Skip to main content 
Firewall
Order now | Download | FAQ
Firewall info
Request Structure: https://<puqvpnvp>/api/v1/firewall/info
Method: GET
Example:
curl \
-b "access_hash=7effe99173b87e9cdebdab66d6fb23c9b244af250cb09b5dd36d8f80d14a8510b2d00bcba7290252" \
-X GET https://dev.softkeel.com/api/v1/firewall/infoResponse example:
{
"error" : "",
"msg" : {
"ip_forward" : "yes",
"iproute2" : "5.10.0-4",
"iptables" : "1.8.7-1"
},
"status" : "success"
}Errors:
-Not authorized
Firewall conf
Request Structure: https://<puqvpnvp>/api/v1/firewall/conf
Method: GET
Example:
curl \
-b "access_hash=7effe99173b87e9cdebdab66d6fb23c9b244af250cb09b5dd36d8f80d14a8510b2d00bcba7290252" \
-X GET https://dev.softkeel.com/api/v1/firewall/confResponse example:
{
"error" : "",
"msg" : {
"internal_traffic" : false,
"ip_forward" : false,
"policy_forward" : "ACCEPT",
"policy_input" : "ACCEPT",
"policy_output" : "ACCEPT"
},
"status" : "success"
}Errors:
-Not authorizedFirewall change conf
Request Structure: https://<puqvpnvp>/api/v1/firewall/conf
Cookie: access_hash=<access_hash>
Method: PUT
PUT data:
"internal_traffic" = false|true
"ip_forward" = false|true
"policy_forward" = "ACCEPT"|"DROP"
"policy_input" = "ACCEPT"|"DROP"
"policy_output" = "ACCEPT"|"DROP"Example:
curl \
-b "access_hash=7effe99173b87e9cdebdab66d6fb23c9b244af250cb09b5dd36d8f80d14a8510b2d00bcba7290252" \
-d "ip_forward=1&internal_traffic=1&policy_forward=ACCEPT&policy_input=ACCEPT&policy_output=ACCEPT" \
-X PUT https://dev.softkeel.com/api/v1/firewall/confResponse example:
{
"error" : "",
"msg" : "success",
"status" : "success"
}Errors:
-Wrong parameter: INPUT policy, should be: ACCEPT or DROP
-Wrong parameter: FORWARD policy, should be: ACCEPT or DROP
-Wrong parameter: OUTPUT policy, should be: ACCEPT or DROPFirewall rules FILTER
Request Structure: https://<puqvpnvp>/api/v1/firewall/rules/filter
Method: GET
Example:
curl \
-b "access_hash=7effe99173b87e9cdebdab66d6fb23c9b244af250cb09b5dd36d8f80d14a8510b2d00bcba7290252" \
-X GET https://dev.softkeel.com/api/v1/firewall/rules/filterResponse example:
{
"error" : "",
"msg" : [
{
"action" : "ACCEPT",
"chain" : "INPUT",
"d_ip" : "0.0.0.0/0",
"d_port" : "8098",
"name" : "system_PUQVPNCP",
"protocol" : "TCP",
"s_ip" : "0.0.0.0/0",
"s_port" : "0"
},
{
"action" : "DROP",
"chain" : "INPUT",
"d_ip" : "0.0.0.0/0",
"d_port" : "23",
"name" : "TEST",
"protocol" : "TCP",
"s_ip" : "0.0.0.0/0",
"s_port" : "0"
}
],
"status" : "success"
}Errors:
-Not authorizedFirewall FILTER add rule
If add at the top of the list
Request Structure: https://<puqvpnvp>/api/v1/firewall/rules/filter/top
If added at the end of the list
Request Structure: https://<puqvpnvp>/api/v1/firewall/rules/filter/end
Method: POST
POST data:
"name" = "NAME"
"action" = "ACCEPT"|"DROP"
"chain" = "INPUT"|
"d_ip" = "CIDR format"
"d_port" = "0-65535"
"protocol" = "TCP"|"UDP"|"ICMP"|"ANY"
"s_ip" = "CIDR format"
"s_port" = "0-65535"Example:
curl \
-b "access_hash=7effe99173b87e9cdebdab66d6fb23c9b244af250cb09b5dd36d8f80d14a8510b2d00bcba7290252" \
-d "action=ACCEPT&\
chain=INPUT&\
d_ip=0.0.0.0/0&\
d_port=22&\
name=TEST_SSH_OPEN&\
protocol=TCP&\
s_ip=0.0.0.0/0&\
s_port=0"\
-X POST https://dev.softkeel.com/api/v1/firewall/rules/filter/topResponse example:
{
"error" : "",
"msg" : "success",
"status" : "success"
}Errors:
-Wrong rule name. Must be letters and numbers only
-A rule with the same name already exists
-Not correct Chain
-Destination IP must be in CIDR format
-Source IP must be in CIDR formatFirewall FILTER delete rule
If add at the top of the list
Request Structure: https://<puqvpnvp>/api/v1/firewall/rules/filter/<rule_name>
Method: DELETE
Example:
curl \
-b "access_hash=7effe99173b87e9cdebdab66d6fb23c9b244af250cb09b5dd36d8f80d14a8510b2d00bcba7290252" \
-X DELETE https://dev.softkeel.com/api/v1/firewall/rules/filter/TEST_SSH_OPENResponse example:
{
"error" : "",
"msg" : "success",
"status" : "success"
}Errors:
-No rule found with given name
-You cannot delete this rule. ONLY name=system_PUQVPNCPFirewall rules NAT
Request Structure: https://<puqvpnvp>/api/v1/firewall/rules/nat
Method: GET
Example:
curl \
-b "access_hash=7effe99173b87e9cdebdab66d6fb23c9b244af250cb09b5dd36d8f80d14a8510b2d00bcba7290252" \
-X GET https://dev.softkeel.com/api/v1/firewall/rules/natResponse example:
{
"error" : "",
"msg" : [
{
"action" : "SNAT",
"chain" : "POSTROUTING",
"d_ip" : "0.0.0.0/0",
"name" : "Default_144_wg144",
"s_ip" : "10.0.143.0/24",
"to-source" : "77.87.125.200"
},
{
"action" : "SNAT",
"chain" : "POSTROUTING",
"d_ip" : "0.0.0.0/0",
"name" : "Default_153_wg153",
"s_ip" : "10.0.152.0/24",
"to-source" : "77.87.125.200"
},
{
"action" : "SNAT",
"chain" : "POSTROUTING",
"d_ip" : "0.0.0.0/0",
"name" : "Default_44_wg44",
"s_ip" : "10.0.43.0/24",
"to-source" : "77.87.125.200"
},
{
"action" : "SNAT",
"chain" : "POSTROUTING",
"d_ip" : "0.0.0.0/0",
"name" : "Default_53_wg53",
"s_ip" : "10.0.52.0/24",
"to-source" : "77.87.125.200"
}
],
"status" : "success"
}Errors:
-Not authorizedFirewall rules MANGLE
Request Structure: https://<puqvpnvp>/api/v1/firewall/rules/mangle
Method: GET
Example:
curl \
-b "access_hash=7effe99173b87e9cdebdab66d6fb23c9b244af250cb09b5dd36d8f80d14a8510b2d00bcba7290252" \
-X GET https://dev.softkeel.com/api/v1/firewall/rules/mangleResponse example:
{
"error" : "",
"msg" : [
{
"action" : "MARK",
"chain" : "FORWARD",
"d_ip" : "0.0.0.0/0",
"name" : "src_peer_121_user_122",
"s_ip" : "10.0.118.3",
"set-mark" : "227"
},
{
"action" : "MARK",
"chain" : "FORWARD",
"d_ip" : "10.0.118.4",
"name" : "dst_peer_122_user_123",
"s_ip" : "0.0.0.0/0",
"set-mark" : "228"
},
{
"action" : "MARK",
"chain" : "FORWARD",
"d_ip" : "0.0.0.0/0",
"name" : "src_peer_122_user_123",
"s_ip" : "10.0.118.4",
"set-mark" : "228"
}
],
"status" : "success"
}Errors:
-Not authorized
No Comments