Configuration Interface (CI)

SDK Configuration Interface (CI) is a VPN client which uses a VPN SDK shared library.

It supports static file configuration and dynamic configuration using REST API or Unix Domain Sockets.

Configuration

Major options of the configuration:

Parameter	Data type	Description
auth_method	char	Any supported OAuth provider (i.e. Firebase) or anonymous
auth_token	char	OAuth token (if a relevant OAuth provider is set for the auth method)
device_id	char	Desirable device identifier. The default value "default_device_id" will be used if this parameter is empty
device_type	char	Any value (i.e. Android / macOS / Windows / iOS). The default value "wrt" will be used if this parameter is empty
project_id	char	Public key of the project, which is sometimes referred to as project name or carrier ID. The default value "af_router_sdk_test" will be used if this parameter is empty
rcvbuf	int	Socket receive buffer limit specified in bytes (values below 1 will be ignored and no limit will be applied)
sndbuf	int	Socket send buffer limit specified in bytes (values below 1 will be ignored and no limit will be applied)
no_iptables	int	Routes internal configuration switcher. 1 (routes are configurated with internal SDK mechanism) and 0 (routes are configurated externally) are accetable values, with latter being default
no_socket_setup	int	Virtual interface configuration switcher. 1 (ignore tun_addr value) and 0 (use tun_addr value)are acceptable values, with latter being default

Parameter

Data type

Description

auth_method

char

Any supported OAuth provider (i.e. Firebase) or anonymous

auth_token

char

OAuth token (if a relevant OAuth provider is set for the auth method)

device_id

char

Desirable device identifier. The default value "default_device_id" will be used if this parameter is empty

device_type

char

Any value (i.e. Android / macOS / Windows / iOS). The default value "wrt" will be used if this parameter is empty

project_id

char

Public key of the project, which is sometimes referred to as project name or carrier ID. The default value "af_router_sdk_test" will be used if this parameter is empty

rcvbuf

int

Socket receive buffer limit specified in bytes (values below 1 will be ignored and no limit will be applied)

sndbuf

int

Socket send buffer limit specified in bytes (values below 1 will be ignored and no limit will be applied)

no_iptables

int

Routes internal configuration switcher. 1 (routes are configurated with internal SDK mechanism) and 0 (routes are configurated externally) are accetable values, with latter being default

no_socket_setup

int

Virtual interface configuration switcher. 1 (ignore tun_addr value) and 0 (use tun_addr value)are acceptable values, with latter being default

Running

afwrt-ci <config_path>

"config_path" - path to static file configuration which format was described here. Can be empty.

Default: "/etc/afwrt/afwrt-ci.conf"

Requests

The request is a JSON string with the"request" field and request-specific fields. "request" is one of the following values.

Ping

Just check configuration interface is alive, don't change anything.

Value: "ping"

Params: None

Protect IP

Add route for the following IP.

Value: "protect_ip"

Params:

"ip_addr" - IP address to protect
"vl" - desired VPN location traffic from "ip_addr" go to

Unprotect IP

Remove route for the following IP.

Value: "unprotect_ip"

Params:

"ip_addr" - IP address to unprotect

Protect MAC

Add route for the following MAC.

Value: "protect_mac"

Params:

"mac_addr" - MAC address to protect
"vl" - desired VPN country traffic from "mac_addr" go to

Unprotect MAC

Remove route for the following MAC.

Value: "unprotect_mac"

Params:

"mac_addr" - MAC address to unprotect

Protect interface

Add route for the following interface.

Value: "protect_iface"

Params:

"iface" - interface to protect
"vl" - desired VPN country traffic from "iface" go to

Unprotect interface

Remove route for the following interface.

Value: "unprotect_iface"

Params:

"iface" - interface to unprotect

Dump config file

Dump config to the filesystem.

Value: "dump_config"

Params:

"config_path" - path to file where config should be dumped. If empty or not specified, dump to a file which used to run afwrt-ci.

Get available countries

Get the list of available VPN countries.

Value: "get_countries"

Params: None

Responses

The response is a JSON string with "status" field and set of optional fields, such as "message" and response-specific fields.

"status" is one of the following codes:

-1 - internal error. Allocation errors, internal exceptions.
0 - success.
1 - configuration error. Error changing internal configuration structures.
2 - bad request. The request is not recognized.
3 - bad format. Required request parameters are missing.
4 - VPN error. Error sending a request to VPN core.

"message" filed contains specific information about errors if any.

Get available countries

Response fields:

"countries" - JSON array of country codes available.

Response example: { "status" : 0, "countries" : ["de","no","us"] }

Async events

If chosen dynamic interface supports sending of async events, you will get them as-is from the SDK library. All async events are listed here.

Dynamic interfaces configuration

Please, follow the configuration section of Unix Domain Sockets or REST API. Only one dynamic interface can run at one time or both can be disabled. Unix Domain Sockets interface has a higher priority.

PreviousSDK. Shared library.NextUnix Domain Sockets CI

Last updated 2 years ago