Page Comparison

...

SD-EWAN MWAN3 CNF API provides support to get/create/update/delete MWAN3 Rule, Policy (with Member).

MWAN3 Policy

GET POST /cgi-bin/luci/sdewan/mwan3/v1/policies

Lists all defined policies

Request: N/A

create a new policy

Request:

Request Parameters: same with PUT's response request
Request Example: same with PUT's response example

Response

Normal response codes: 200

Response Parameters

Name

In

Type

Description

policies

body

array

a list of defined policies

Response Example

{
"policies": [

{

"name":"balanced",

"members": [

{

"interface": "net1",

"metric" 1,

"weight": 2

}

{

"interface": "net2",

"metric" 1,

"weight": 1

}

]

}

]
}

...

201
Error response codes: 400, 401

PUT /cgi-bin/luci/sdewan/mwan3/v1/policies/{policy-name}

update a policy

Request:

Request Parameters:

Name	In	Type	Description
policy-name	path	string	policy name
members	body	array	policy members
interface	body	string	member interface name
metric	body	int	(optional) default: 1, members within one policy with a lower metric have precedence over higher metric members
weight	body	int	(optional) default: 1, members with same metric will distribute load based on this weight value

Request Example
PUT /cgi-bin/luci/sdewan/mwan3/v1/policies/balanced
{

...

Get a policy

Request: N/A

Request Parameters

policy name

Name

In

Type

Description

policy-name

path

string

"members": [

{

"interface": "net1",

"metric" 1,

"weight": 2

}

{

"interface": "net2",

"metric" 1,

"weight": 1

}

]

}

Response

Normal response codes: 200204
Error response codecodes: 400, 401, 404

GET /cgi-bin/luci/sdewan/mwan3/v1/policies

Lists all defined policies

Request: N/A

Response

Normal response codes: 200
Response Parameters
Name In Type Description
name
policies body
stringpolicy namemembersbodyarraypolicy membersinterfacebodystringmember interface namemetricbodyint(optional) default: 1, members within one policy with a lower metric have precedence over higher metric membersweightbodyint(optional) default: 1, members with same metric will distribute load based on this weight value
Response Example
{
      "name": "balanced",
       "members": [
       {
               "interface": "net1",
               "metric" 1,
               "weight": 2
          }
            {
                "interface": "net2",
                "metric" 1,
                 "weight": 1
        }
       ]
}

...

array a list of defined policies

Response Example

{
"policies": [

{

"name":"balanced",

"members": [

{

"interface": "net1",

"metric" 1,

"weight": 2

}

{

"interface": "net2",

"metric" 1,

"weight": 1

}

]

}

]
}

GET /cgi-bin/luci/sdewan/mwan3/v1/policiescreate a new /{policy-name}

Get a policy

Request: N/A

Request Parameters: same with PUT's response request
Request Example: same with PUT's response example
Name In Type Description
policy-name path string policy name

Response

Normal response codes: 201200
Error response codescode: 400, 401

PUT /cgi-bin/luci/sdewan/mwan3/v1/policies/{policy-name}

update a policy

Request:

Request Parameters:

404

Response Parameters

Name	In	Type	Description

policy-

name

path

body	string	policy name
members	body	array	policy members
interface	body	string	member interface name
metric	body	int	(optional) default: 1, members within one policy with a lower metric have precedence over higher metric members
weight	body	int	(optional) default: 1, members with same metric will distribute load based on this weight value

Normal response codes: 204

Error response codes: 400, 401, 404

Request Example

PUT /cgi-bin/luci/sdewan/mwan3/v1/policies/balanced

{

Response Example

{

"name": "balanced",

"members": [

{

"interface": "net1",

"metric" 1,

"weight": 2

}

{

"interface": "net2",

"metric" 1,

"weight": 1

}

]

}

Response

DELETE /cgi-bin/luci/sdewan/mwan3/v1/policies/{policy-name}

...

Normal response codes: 200
Error response codes: 401, 404

MWAN3 Rule

GET POST /cgi-bin/luci/sdewan/mwan3/v1/rulesLists all defined rules

create a new rule

Request: N/A

Response

...

Request Parameters: same with PUT's response request
Request Example: same with PUT's response example

Response

Normal response codes: 201
Error response codes: 400, 401

PUT /cgi-bin/luci/sdewan/mwan3/v1/rules/{rule-name}

update a policy

Request:

Request Parameters

Response

Normal response codes: 200
Error response code: 404
Response Parameters
Name In Type Description
rules
rule-name
body
path
arraya list of defined rules
Response Example
{
"rules": [
        {
            "name":"default_rule",
            "dest_ip": "0.0.0.0/0"，
            "policy": "balanced"
        }
     ]
}

GET /cgi-bin/luci/sdewan/mwan3/v1/rules/{rule-name}

Get a rule

Request: N/A

Request Parameters

...

family

Name	In	Type	Description
name	body	string	rule name
policy	body	string	policy used for the rule
src_ip	body	string	(optional) source ip address
src_port	body	string	(optional) source port or port range
dest_ip	body	string	(optional) destination ip address
dest_port	body	string	(optional) destination port or port range
proto	body	string	(optional) protocol for the rule. Valid values: "tcp", "udp", "icmp", "all"
string	rule name
policy	body	string	policy used for the rule
src_ip	body	string	(optional) source ip address
src_port	body	string	(optional) source port or port range
dest_ip	body	string	(optional) destination ip address
dest_port	body	string	(optional) destination port or port range
proto	body	string	(optional) protocol for the rule. Valid values: "tcp", "udp", "icmp", "all"
family	body	string	(optional) address family. Valid values: "ipv4", "ipv6", "all"
sticky	body	string	(optional) address family. Valid values: "ipv4", "ipv6", "all"	sticky	body	string	(optional) defaultdefault: 0, allow traffic from the same source ip address within the timeout limit to use same wan interface as prior session
timeout	body	int	(optional) default: 600, Stickiness timeout value in seconds

Response Example
#ipv4 example
{
    "name":"default_rule",Request Example
PUT /cgi-bin/luci/sdewan/mwan3/v1/rules/default_rule
{
    "dest_ip": "0.0.0.0/0"，
     "policy": "balanced"
}
#ipv6 example
{
    "name":"default_ipv6_rule",
    "dest_ip": "fdca:f00:ba3::/64"，
     "policy": "balanced"
}

POST Response

Normal response codes: 204
Error response codes: 400, 401, 404

GET /cgi-bin/luci/sdewan/mwan3/v1/rules

create a new ruleLists all defined rules

Request:

...

Request Parameters: same with PUT's response request

...

Response

Normal response codes: 201
Error response codes: 400, 401

PUT /cgi-bin/luci/sdewan/mwan3/v1/rules/{rule-name}

update a policy

Request:

...

N/A

Response

Normal response codes: 200
Response Parameters
Name In Type Description
rule-name
rules
path
body
stringrule namepolicybodystringpolicy used for the rulesrc_ipbodystring(optional) source ip addresssrc_portbodystring(optional) source port or port rangedest_ipbodystring(optional) destination ip addressdest_portbodystring(optional) destination port or port rangeprotobody string (optional) protocol for the rule. Valid values: "tcp", "udp", "icmp", "all"familybody string (optional) address family. Valid values: "ipv4", "ipv6", "all" sticky
array a list of defined rules
Response Example

{
"rules": [
        {
            "name":"default_rule",
            "dest_ip": "0.0.0.0/0"，
            "policy": "balanced"
        }
     ]
}

GET /cgi-bin/luci/sdewan/mwan3/v1/rules/{rule-name}

Get a rule

Request: N/A

Request Parameters
Name In Type Description
rule-name path string rule name

Response

Normal response codes: 200
Error response code: 404

Response Parameters

Name	In	Type	Description
name	body	string	rule name
policy	body	string	policy used for the rule
src_ip	body	string	(optional) source ip address
src_port	body	string	(optional) source port or port range
dest_ip	body	string	(optional) destination ip address
dest_port	body	string	(optional) destination port or port range
proto	body	string	(optional) protocol for the rule. Valid values: "tcp", "udp", "icmp", "all"
family	body	string	(optional)

default

address family. Valid values: "ipv4", "ipv6", "all"
sticky	body	string	(optional) default: 0, allow traffic from the same source ip address within the timeout limit to use same wan interface as prior session
timeout	body	int	(optional) default: 600, Stickiness timeout value in seconds

Normal response codes: 204

Error response codes: 400, 401, 404

Request Example
PUT /cgi-bin/luci/sdewan/mwan3/v1/rules/default_rule
{Response Example

#ipv4 example
{
    "name":"default_rule",
    "dest_ip": "0.0.0.0/0"，
     "policy": "balanced"
}

Response

#ipv6 example
{
    "name":"default_ipv6_rule",
    "dest_ip": "fdca:f00:ba3::/64"，
     "policy": "balanced"
}

DELETE /cgi-bin/luci/sdewan/mwan3/v1/rules/{rule-name}

...

SD-EWAN Firewall API provides support to get/create/update/delete Firewall Zone, Redirect, Rule and Forwardings

Zone

GET POST /cgi-bin/luci/sdewan/firewall/v1/zonesLists all defined zones

create a new zone

Request: N/A

Response

...

Request Parameters: same with PUT's response request
Request Example: same with PUT's response example

Response

Normal response codes: 201
Error response codes: 400, 401

PUT /cgi-bin/luci/sdewan/firewall/v1/zones/{zone-name}

update a zone

Request:

Request Parameters:
zonesbody
Name In Type Description
zone-name path array a list of defined zones
Response Example
{
"zones": [
        {
            "name":"wan"，

string zone name
{other params} body
same with GET response

Request Example

PUT /cgi-bin/luci/sdewan/mwan3/v1/zones/wan

{

"network":"wan"，

"input": "REJECT"，

"output": "ACCEPT"，

"forward": "REJECT"，

"masq": "1"，

"mtu_fix": "1"

}

]

}

Response

Normal response codes: 204
Error response codes: 400, 401, 404

GET /cgi-bin/luci/sdewan/firewall/v1/zones/{zone-name}

Get a zone

Lists all defined zones

Request: N/A

Request Parameters

...

Response

Normal response codes: 200Error response code: 404
Response Parameters
Name In Type Description
namenetworkbody
zones body
string(Required) zone name
array
List of interfaces attached to this zonemasqbodybooleanSpecifies whether outgoing zone traffic should be masqueraded. "0" or "1"masq_srcbodystringLimit masquerading to the given source subnets.masq_destbodystringLimit masquerading to the given destination subnetsmasq_allow_invalidbodybooleanwhether add DROP INVALID rules mtu_fix bodybooleanEnable MSS clamping for outgoing zone traffic input body string Default policy (ACCEPT, REJECT, DROP) for incoming zone traffic. forward body string Default policy (ACCEPT, REJECT, DROP) for forwarded zone traffic. outputbody string Default policy (ACCEPT, REJECT, DROP) for output zone traffic. family body string The protocol family (ipv4, ipv6 or any) these iptables rules are for. subnet body string List of IP subnets attached to this zone extra_src body string Extra arguments passed directly to iptables for source classification rules. etra_dest body string Extra arguments passed directly to iptables for destination classification rules.
Response Example
{
      "name":"wan",
       "network":"wan"，
       "input": "REJECT"，
       "output": "ACCEPT"，
      "forward": "REJECT"，
       "masq": "1"，
       "mtu_fix": "1"，
}

POST /cgi-bin/luci/sdewan/firewall/v1/zones

create a new zone

Request:

...

Request Parameters: same with PUT's response request

...

Response

Normal response codes: 201
Error response codes: 400, 401

PUT /cgi-bin/luci/sdewan/firewall/v1/zones/{zone-name}

update a zone

Request:

Request Parameters:
NameInTypeDescriptionzone-namepathstringzone name{other params}bodysame with GET responseRequest Example
PUT /cgi-bin/luci/sdewan/mwan3/v1/zones/wan
{
"
a list of defined zones

Response Example

{
"zones": [

{

"name":"wan"，

"network":"wan"，

"input": "REJECT"，

"output": "ACCEPT"，

"forward": "REJECT"，

"masq": "1"，

"mtu_fix": "1"

}

]

}

GET /cgi-bin/luci/sdewan/firewall/v1/zones/{zone-name}

Get a zone

Request: N/A

Request Parameters
Name In Type Description
zone-name path string zone name

Response

Normal response codes: 200
Error response code: 404

Response Parameters

Name	In	Type	Description
name	body	string	(Required) zone name
network	body	array	List of interfaces attached to this zone
masq	body	boolean	Specifies whether outgoing zone traffic should be masqueraded. "0" or "1"
masq_src	body	string	Limit masquerading to the given source subnets.
masq_dest	body	string	Limit masquerading to the given destination subnets
masq_allow_invalid	body	boolean	whether add `DROP INVALID` rules
mtu_fix	body	boolean	Enable MSS clamping for outgoing zone traffic
input	body	string	Default policy (`ACCEPT`, `REJECT`, `DROP`) for incoming zone traffic.
forward	body	string	Default policy (`ACCEPT`, `REJECT`, `DROP`) for forwarded zone traffic.
output	body	string	Default policy (`ACCEPT`, `REJECT`, `DROP`) for output zone traffic.
family	body	string	The protocol family (`ipv4`, `ipv6` or `any`) these iptables rules are for.
subnet	body	string	List of IP subnets attached to this zone
extra_src	body	string	Extra arguments passed directly to iptables for source classification rules.
etra_dest	body	string	Extra arguments passed directly to iptables for destination classification rules.

Normal response codes: 204

Response Example

{

"name":"wan",

"network":"wan"，

"input": "REJECT"，

"output": "ACCEPT"，

"forward": "REJECT"，

"masq": "1"，

"mtu_fix": "1"，

}

Response

Error response codes: 400, 401, 404

DELETE /cgi-bin/luci/sdewan/firewall/v1/zones/{zone-name}

...

Normal response codes: 200
Error response codes: 401, 404

Redirect

GET POST /cgi-bin/luci/sdewan/firewall/v1/redirects

Lists all defined redirects

Request: N/A

create a new redirect

Request:

Request Parameters: same with PUT's response request
Request Example: same with PUT's response example

Response

Normal response codes: 200

Response Parameters

201
Error response codes: 400, 401

PUT /cgi-bin/luci/sdewan/firewall/v1/redirects/{redirect-name}

update a redirect

Request:

Request Parameters:
redirectsbody
Name In Type Description
redirect-name path array a list of defined redirects
Response Example
{
"redirects": [
        {
           "name":"dnat_lan",

string redirect name
{other params} body
same with GET response

Request Example

PUT /cgi-bin/luci/sdewan/mwan3/v1/redirects/dnat_lan

{

    "src":"wan",
                "src_dport":"19900",
                "dest":"lan",
              "dest_ip":"192.168.1.1",
                "dest_port":"22",
                "proto":"tcp",
              "target":"DNAT"

}

]

}

Response

Normal response codes: 204
Error response codes: 400, 401, 404

GET /cgi-bin/luci/sdewan/firewall/v1/redirects/{redirect-name}Get a redirect

Lists all defined redirects

Request: N/A

Request Parameters

...

Response

Normal response codes: 200Error response code: 404
Response Parameters
Name In Type Description
name
redirects body
string(Required) forwarding namesrcbodystring(Required for DNAT) traffic source zonesrc_ipbodystringMatch incoming traffic from the specified source ip address.src_dipbodystring(Required for SNAT) For DNAT, match incoming traffic directed at the given destination ip address. For SNAT rewrite the source address to the given address.src_macbody string Match incoming traffic from the specified mac address. src_port body port or range Match incoming traffic originating from the given source port or port range on the client host.src_dport body port or range
array a list of defined redirects

Response Example

{
"redirects": [

{

           "name":"dnat_lan",
           "src":"wan",
            "src_dport":"19900",
            "dest":"lan",
          "dest_ip":"192.168.1.1",
            "dest_port":"22",
            "proto":"tcp",
          "target":"DNAT"

}

]

}

GET /cgi-bin/luci/sdewan/firewall/v1/redirects/{redirect-name}

Get a redirect

Request: N/A

Request Parameters
Name In Type Description
redirect-name path string redirect name

Response

Normal response codes: 200
Error response code: 404

Response Parameters

Name	In	Type	Description
name	body	string	(Required) forwarding name
src	body	string	(Required for DNAT) traffic source zone
src_ip	body	string	Match incoming traffic from the specified source ip address.
src_dip	body	string	(Required for SNAT) For DNAT, match incoming traffic directed at the given destination

port or port range on this host

ip address. For SNAT rewrite the source

ports

address to the given

value

address.

proto body string Match incoming traffic using the given protocol. Can be one of tcp, udp, tcpudp, udplite, icmp, esp, ah, sctp, or all dest


src_mac	body	string

Specifies the traffic destination zone. Must refer to one of the defined zone names

Match incoming traffic from the specified mac address.

dest

src_

ip

port

body

string For DNAT, redirect matches incoming traffic to the specified internal host. For SNAT, it matches traffic directed at the given address. dest_port body

port or range	Match incoming traffic originating from the given source port or port range on the client host.
src_dport	body	port or range	For DNAT,

redirect matched

match incoming traffic

to the given port on the internal

directed at the given destination port or port range on this host. For SNAT

, match traffic directed at

rewrite the source ports to the given

ports

value.

mark body string match traffic against the given firewall mark target body string (Required) NAT target: SNAT, DNATfamily body string Protocol family (ipv4, ipv6 or any) to generate iptables rules for

Response Example

{

    "name":"dnat_lan",
    "src":"wan",
    "src_dport":"19900",
    "dest":"lan",
    "dest_ip":"192.168.1.1",
    "dest_port":"22",
    "proto":"tcp",
    "target":"DNAT"

}

POST /cgi-bin/luci/sdewan/firewall/v1/redirects

create a new redirect

Request:

...

Request Parameters: same with PUT's response request

...

Response

Normal response codes: 201
Error response codes: 400, 401

PUT /cgi-bin/luci/sdewan/firewall/v1/redirects/{redirect-name}

update a redirect

Request:

Request Parameters:

NameInTypeDescriptionredirect-namepathstringredirect name{other params}bodysame with GET responseRequest Example

PUT /cgi-bin/luci/sdewan/mwan3/v1/redirects/dnat_lan

{

proto	body	string	Match incoming traffic using the given protocol. Can be one of `tcp`, `udp`, `tcpudp`, `udplite`, `icmp`, `esp`, `ah`, `sctp`, or `all`
dest	body	string	Specifies the traffic destination zone. Must refer to one of the defined zone names.
dest_ip	body	string	For DNAT, redirect matches incoming traffic to the specified internal host. For SNAT, it matches traffic directed at the given address.
dest_port	body	port or range	For DNAT, redirect matched incoming traffic to the given port on the internal host. For SNAT, match traffic directed at the given ports.
mark	body	string	match traffic against the given firewall mark
target	body	string	(Required) NAT target: SNAT, DNAT
family	body	string	Protocol family (`ipv4`, `ipv6` or `any`) to generate iptables rules for

Normal response codes: 204

Error response codes: 400, 401, 404

Response Example

{
    "name":"dnat_lan",
    "src":"wan",
    "src_dport":"19900",
    "dest":"lan",
    "dest_ip":"192.168.1.1",
    "dest_port":"22",
    "proto":"tcp",
    "target":"DNAT"
}

Response

DELETE /cgi-bin/luci/sdewan/firewall/v1/redirects/{redirect-name}

...

Normal response codes: 200
Error response codes: 401, 404

Rule

GET POST /cgi-bin/luci/sdewan/firewall/v1/rules

Lists all defined rules

Request: N/A

Response

...

create a new rule

Request:

Request Parameters: same with PUT's response request
Request Example: same with PUT's response example

Response

Normal response codes: 201
Error response codes: 400, 401

PUT /cgi-bin/luci/sdewan/firewall/v1/rules/{rule-name}

update a rule

Request:

Request Parameters:
rulesbody
Name In Type Description
rule-name path array a list of defined rules
Response Example
{
    "rules": [
       {
          "name":"
string rule name
{other params} body
same with GET response

Request Example

PUT /cgi-bin/luci/sdewan/mwan3/v1/rules/reject_lan_80

"

{

"src":"lan"，

"src_ip": "192.168.1.2",

"src_port": "80",

"proto":"tcp",

"target":"REJECT"

}

]

}

Response

Normal response codes: 204
Error response codes: 400, 401, 404

GET /cgi-bin/luci/sdewan/firewall/v1/rules/{rule-name}Get a rule

Lists all defined rules

Request: N/A

...

Response

Normal response codes: 200
Response Parameters
Name In Type Description
rule-name
rules
path
body
stringrule name

Response

...

Response Parameters

...

{

"name":"reject_lan_80"

"src":"lan"，

"src_ip": "192.168.1.2",

"src_port": "80",

"proto":"tcp",

"target":"REJECT"

}

POST /cgi-bin/luci/sdewan/firewall/v1/rules

create a new rule

Request:

...

Request Parameters: same with PUT's response request

...

Response

Normal response codes: 201
Error response codes: 400, 401

PUT /cgi-bin/luci/sdewan/firewall/v1/rules/{rule-name}

update a rule

Request:

Request Parameters:
NameInTypeDescriptionrule-namepathstringrule name{other params}bodysame with GET responseRequest Example
PUT /cgi-bin/luci/sdewan/mwan3/v1/rules/reject_lan_80
{
array a list of defined rules

Response Example

{
"rules": [

{

"name":"reject_lan_80"

"src":"lan"，

"src_ip": "192.168.1.2",

"src_port": "80",

"proto":"tcp",

"target":"REJECT"

}

]

}

GET /cgi-bin/luci/sdewan/firewall/v1/rules/{rule-name}

Get a rule

Request: N/A

Request Parameters
Name In Type Description
rule-name path string rule name

Response

Normal response codes: 200
Error response code: 404

Response Parameters

Name	In	Type	Description
name	body	string	(Required) rule name
src	body	string	(Required) traffic source zone
src_ip	body	string	Match incoming traffic from the specified source ip address
src_mac	body	string	Match incoming traffic from the specified mac address
src_port	body	port or range	Match incoming traffic from the specified source port or port range
proto	body	string	Match incoming traffic using the given protocol. Can be one of `tcp`, `udp`, `tcpudp`, `udplite`, `icmp`, `esp`, `ah`, `sctp`, or `all`
icmp_type	body	string	For protocol `icmp` select specific icmp types to match.
dest	body	string	traffic destination zone. Must refer to one of the defined zone names, or * for any zone
dest_ip	body	string	Match incoming traffic directed to the specified destination ip address
dest_port	body	port or range	Match incoming traffic directed at the given destination port or port range
mark	body	string	If specified, match traffic against the given firewall mark
target	body	string	(Required) Firewall action (`ACCEPT`, `REJECT`, `DROP`, `MARK`, `NOTRACK`) for matched traffic
set_mark	body	string	Zeroes out the bits given by mask and ORs value into the packet mark.
set_xmark	body	string	Zeroes out the bits given by mask and XORs value into the packet mark
family	body	string	Protocol family (`ipv4`, `ipv6` or `any`) to generate iptables rules for
extra	body	string	Extra arguments to pass to iptables. Useful mainly to specify additional match options, such as `-m policy --dir in` for IPsec.

Normal response codes: 204

Error response codes: 400, 401, 404

Response Example

{
       "name":"reject_lan_80"
       "src":"lan"，
       "src_ip": "192.168.1.2",
       "src_port": "80",
      "proto":"tcp",
       "target":"REJECT"
}

Response

}

DELETE /cgi-bin/luci/sdewan/firewall/v1/rules/{rule-name}

...

Normal response codes: 200
Error response codes: 401, 404

Forwarding

...

POST /cgi-bin/luci/sdewan/firewall/v1/forwardings
create a new forwarding
Request:
Request Parameters: same with PUT's response request
Request Example: same with PUT's response example

Response
Normal response codes: 201
Error response codes: 400, 401

PUT /cgi-bin/luci/sdewan/firewall/v1/forwardingsLists all defined forwardings/{forwarding-name}
update a forwarding
Request: N/A
Response
...
Response Parameters
Request Parameters:
forwardingsbody
Name In Type Description
forwarding-name path array a list of defined forwardings
Response Example
{
"forwardings": [
        {
         "name":"lan_wan",

string forwarding name
{other params} body
same with GET response

Request Example
PUT /cgi-bin/luci/sdewan/mwan3/v1/forwardings/lan_wan
{
       "src":"lan"，
                 "dest": "wan"
      }
    ]
}

Response
Normal response codes: 204
Error response codes: 400, 401, 404

GET /cgi-bin/luci/sdewan/firewall/v1/forwardings/{forwarding-name}Get a forwarding
Lists all defined forwardings
Request: N/A
Request Parameters
...
Response
...
Response
Normal response codes: 201
Error response codes: 400, 401
...
Normal response codes: 200Error response code: 404
Response Parameters
Name In Type Description
name
forwardings body
string(Required) forwarding namesrcbodystring(Required) traffic source zonedestbodystring(Required) traffic destination zonefamilybodystringProtocol family (`ipv4`, `ipv6` or `any`) to generate iptables rules for.
Response Example
{

array a list of defined forwardings

Response Example

{
"forwardings": [
        {
         "name":"lan_wan",

          "src":"lan"，
          "dest": "wan"
      }
POST /cgi-bin/luci/sdewan/firewall/v1/forwardings
create a new forwarding
Request:
...
Request Parameters: same with PUT's response request
    ]
}

GET /cgi-bin/luci/sdewan/firewall/v1/forwardings/{forwarding-name}
update Get a forwarding
Request: N/A
Request Parameters:
Name In Type Description
forwarding-name path string forwarding name

Response
Normal response codes: 200
Error response code: 404
Response Parameters
Name In Type Description
name body string
forwarding name{other params}bodysame with GET response
Request Example
PUT /cgi-bin/luci/sdewan/mwan3/v1/forwardings/lan_wan
{

(Required) forwarding name
src body string (Required) traffic source zone
dest body string (Required) traffic destination zone
family body string Protocol family (`ipv4`, `ipv6` or `any`) to generate iptables rules for.

Normal response codes: 204
Error response codes: 400, 401, 404
Response Example

{
      "name":"lan_wan",
      "src":"lan"，

      "dest": "wan"
}
Response

DELETE /cgi-bin/luci/sdewan/firewall/v1/forwardings/{forwarding-name}
...

Versions Compared

Old Version 32

New Version 33

Key

MWAN3 Policy

MWAN3 Rule

Zone

Redirect

Rule

Forwarding

string	forwarding name
{other params}	body		same with GET response