...
Request Parameters: same with GETPUT's response request
- Request Example: same with GETPUT's response example
Response
...
Request Parameters
Name In Type Description rule-name path string rule name policy body string policy used for the rule src_ip body string (optional) source ip address src_port body string (optional) source port or port range dest_ip body string (optional) destination ip address dest_port body string (optional) destination port or port range proto body string (optional) protocol for the rule. Valid values: "tcp", "udp", "icmp", "all" family body string (optional) address family. Valid values: "ipv4", "ipv6", "all" sticky body string (optional) default: 0, allow traffic from the same source ip address within the timeout limit to use same wan interface as prior session timeout body int (optional) default: 600, Stickiness timeout value in seconds - Request Example
PUT /cgi-bin/luci/sdewan/mwan3/v1/rules/default_rule
{
"dest_ip": "0.0.0.0/0",
"policy": "balanced"
}
...
Request Parameters: same with GETPUT's response request
- Request Example: same with GETPUT's response example
Response
...
Request Parameters:
Name In Type Description zone-name path string zone name {other params} body same with GET response - Request Example
PUT /cgi-bin/luci/sdewan/mwan3/v1/zones/wan
{
"network":"wan",
"input": "REJECT",
"output": "ACCEPT",
"forward": "REJECT",
"masq": "1",
"mtu_fix": "1"
}
...
- Normal response codes: 200
Response Parameters
Name In Type Description redirects body array a list of defined redirects - Response Example
{
"redirects": [{
"name":"DNAT-LANdnat_lan",
"src":"wan",
"src_dport":"19900",
"dest":"lan",
"dest_ip":"192.168.1.1",
"dest_port":"22",
"proto":"tcp",
"target":"DNAT"}
]
}
...
- Normal response codes: 200
- Error response code: 404
Response Parameters
Name In Type Description name body string (Required) forwarding name src body string (Required for DNAT) traffic source zone src_ip body string Match incoming traffic from the specified source ip address. src_dip body string (Required for SNAT) For DNAT, match incoming traffic directed at the given destination ip address. For SNAT rewrite the source address to the given address. src_mac body string Match incoming traffic from the specified mac address. src_port body port or range Match incoming traffic originating from the given source port or port range on the client host. src_dport body port or range For DNAT, match incoming traffic directed at the given destination port or port range on this host. For SNAT rewrite the source ports to the given value. proto body string Match incoming traffic using the given protocol. Can be one of tcp
,udp
,tcpudp
,udplite
,icmp
,esp
,ah
,sctp
, orall
dest body string Specifies the traffic destination zone. Must refer to one of the defined zone names. dest_ip body string For DNAT, redirect matches incoming traffic to the specified internal host. For SNAT, it matches traffic directed at the given address. dest_port body port or range For DNAT, redirect matched incoming traffic to the given port on the internal host. For SNAT, match traffic directed at the given ports. mark body string match traffic against the given firewall mark target body string (Required) NAT target: SNAT, DNAT family body string Protocol family ( ipv4
,ipv6
orany
) to generate iptables rules for- Response Example
{
"name":"DNAT-LANdnat_lan",
"src":"wan",
"src_dport":"19900",
"dest":"lan",
"dest_ip":"192.168.1.1",
"dest_port":"22",
"proto":"tcp",
"target":"DNAT"}
...
Request Parameters: same with GETPUT's response request
- Request Example: same with GETPUT's response example
Response
...
Request Parameters:
Name In Type Description redirect-name path string redirect name {other params} body same with GET response - Request Example
PUT /cgi-bin/luci/sdewan/mwan3/v1/redirects/dnat_lan
{
"src":"wan",
"src_dport":"19900",
"dest":"lan",
"dest_ip":"192.168.1.1",
"dest_port":"22",
"proto":"tcp",
"target":"DNAT"}
...
- Normal response codes: 200
Response Parameters
Name In Type Description rules body array a list of defined rules - Response Example
{
"rules": [{
"name":"REJECTreject_LANlan_80"
"src":"lan",
"src_ip": "192.168.1.2",
"src_port": "80",
"proto":"tcp",
"target":"REJECT"
}
]
}
...
- Normal response codes: 200
- Error response code: 404
Response Parameters
Name In Type Description name body string (Required) rule name src body string (Required) traffic source zone src_ip body string Match incoming traffic from the specified source ip address src_mac body string Match incoming traffic from the specified mac address src_port body port or range Match incoming traffic from the specified source port or port range proto body string Match incoming traffic using the given protocol. Can be one of tcp
,udp
,tcpudp
,udplite
,icmp
,esp
,ah
,sctp
, orall
icmp_type body string For protocol icmp
select specific icmp types to match.dest body string traffic destination zone. Must refer to one of the defined zone names, or * for any zone dest_ip body string Match incoming traffic directed to the specified destination ip address dest_port body port or range Match incoming traffic directed at the given destination port or port range mark body string If specified, match traffic against the given firewall mark target body string (Required) Firewall action ( ACCEPT
,REJECT
,DROP
,MARK
,NOTRACK
) for matched trafficset_mark body string Zeroes out the bits given by mask and ORs value into the packet mark. set_xmark body string Zeroes out the bits given by mask and XORs value into the packet mark family body string Protocol family ( ipv4
,ipv6
orany
) to generate iptables rules forextra body string Extra arguments to pass to iptables. Useful mainly to specify additional match options, such as -m policy --dir in
for IPsec.- Response Example
{
"name":"REJECTreject_LANlan_80"
"src":"lan",
"src_ip": "192.168.1.2",
"src_port": "80",
"proto":"tcp",
"target":"REJECT"
}
...
Request Parameters: same with GETPUT's response request
- Request Example: same with GETPUT's response example
Response
...
Request Parameters:
Name In Type Description rule-name path string rule name {other params} body same with GET response - Request Example
PUT /cgi-bin/luci/sdewan/mwan3/v1/rules/reject_lan_80
{
"src":"lan",
"src_ip": "192.168.1.2",
"src_port": "80",
"proto":"tcp",
"target":"REJECT"
}
...
- Normal response codes: 200
Response Parameters
Name In Type Description forwardings body array a list of defined forwardings - Response Example
{
"forwardings": [{
"name":"lan-_wan",
"src":"lan",
"dest": "wan"
}
]
}
...
- Normal response codes: 200
- Error response code: 404
Response Parameters
Name In Type Description name body string (Required) forwarding name src body string (Required) traffic source zone dest body string (Required) traffic destination zone family body string Protocol family ( ipv4
,ipv6
orany
) to generate iptables rules for.- Response Example
{
"name":"lan-_wan",
"src":"lan",
"dest": "wan"
}
...
Request Parameters: same with GETPUT's response request
- Request Example: same with GETPUT's response example
Response
...
Request Parameters:
Name In Type Description forwarding-name path string forwarding name {other params} body same with GET response - Request Example
PUT /cgi-bin/luci/sdewan/mwan3/v1/forwardings/lan_wan
{
"src":"lan",
"dest": "wan"
}
...