Pango Platform
HomeConsole
  • What is Pango Developer Platform
  • Getting started
    • Sign up on the Management Console
    • Create a new project
    • Switch projects
    • Change console settings
    • Edit your profile
    • Try out the demo app
    • Keep exploring
    • Deprecation and Sunset
  • Console details
    • Dashboard
      • General
      • Location loading
    • Users
      • User page
    • Active sessions
    • Network
      • Countries
      • Locations
      • Pools
        • Optimal location
        • Location rules
    • Settings
      • General
        • Project config description (JSON format)
          • Server selector (JSON format)
          • Request selector (JSON format)
      • Authentication methods
        • Auth Plugin requirements
      • VPN
        • General
        • VPN Bypass list
        • Client Networks
      • Member
    • Export Data
    • Log
  • SDK
    • Unified VPN SDK for Android
      • Setup
        • Application Setup
        • Proguard Rules, Notification, and Analytics Configurations
        • Backend URL Configuration
      • Usage
        • Initialization
        • VPN Interface
        • Backend interface
      • Features
        • Hydra Protocol
          • Location profile (Hydra only)
        • Custom sdk dependencies
        • Deferred VPN Service Initialization
        • Authentication
        • Client Network List (CNL)
        • OpenVPN transport
        • Wireguard Transport
        • Reconnection strategy
        • Single Protocol SDK
        • Killswitch
        • Domain route via VPN
        • Process route via VPN
        • Process Bypass
        • Domain Bypass
        • Traffic rules
        • VPN Node DNS Configuration
        • Multihop
          • Optimal Location
      • Exceptions
      • Version migration
      • Changelog
    • Unified VPN SDK for Apple
      • Setup
        • Application Setup
        • Network Extension Setup
          • Network Extension Setup for tvOS
        • Backend URL Configuration
      • Usage
        • Single Protocol SDK
        • Unified SDK
        • Logging
        • Decoding Encoded VPN SDK Logs
      • Features
        • Deferred VPN Service Initialization
        • Authentication
        • Wireguard Transport
        • Reconnection strategy
        • Killswitch
        • Domain Bypass
        • Multihop
          • Optimal Location
        • Client Network List (CNL)
        • Domain route via VPN
      • Changelog
      • API Reference
    • IPSEC VPN SDK for Apple
    • Unified VPN SDK for Windows
      • Setup
        • Backend URL Configuration
        • Service command line arguments
        • ARM Platform Support
      • Usage
        • CoreAPI
        • Events
        • Generating a Unique Device Identifier
        • Error processing
        • Pipe Messaging
      • Features
        • Traffic protection
          • Killswitch
          • Prevent IP Leaks
          • Block Local Networks
        • Other
          • Firewall
            • DNS Monitor
            • Process Bypass
            • Domain Bypass
            • Process route via VPN
            • Domain route via VPN
          • Throttling
          • Optimal Location
          • Common issues
        • Hydra Protocol
          • CustomDNS, UserDNS, MultiHop, VpnProfiles
        • OpenVPN Protocol
        • Wireguard Protocol
        • IPSec Protocol
      • Collecting Debug Logs
      • Changelog
    • Unified VPN SDK for Routers
      • SDK. Shared library.
      • Configuration Interface (CI)
        • Unix Domain Sockets CI
        • REST API CI
    • Unified VPN SDK Feature Comparison By Platform
    • Unified VPN SDK
      • Features
        • Personal Bridge
    • Tunnel Vision and Tunnel Crack Prevention
  • REST API
    • Partner API
  • Sample applications
    • Unified VPN SDK demo for Windows
    • Hydra VPN SDK demo for iOS
    • IPSEC VPN SDK demo for iOS
    • Unified VPN SDK demo for Android
    • Hydra VPN SDK demo for OpenWRT
    • OpenVPN configuration file
  • Resources
    • Use cases
      • Public VPN
      • Business VPN
        • Creating a Business VPN Project
        • Wi-Fi Security for Business
      • Application anti-blocking
    • How-to
      • Create a Firebase project for User Authentication
      • AWS CloudFront Distribution of the Platform URL
      • How can I get Shared Secret key from iTunes Connect for In-App Purchase
  • FAQ
    • General
      • VPN Platform Flow
      • What data is collected by the Platform?
      • What analytic data is collected by your SDK?
      • How the Platform restricts access to our data?
      • Why DNS Leak tests often indicate positive result?
      • Do we need to perform endpoint health checks?
      • How is the VPN exit node found?
      • How are streams re-marked if VPN is enabled/disabled on an active flow?
      • Is there a maximum number of supported devices?
      • Are both IPv4 and IPv6 supported?
      • What is the MTU of the tunnel?
      • Are any redundancy measures in terms of reliability provided?
      • Is there any load balancing?
      • Do you block broadcast and multicast to/from the VPN?
    • List of Open Source libs
Powered by GitBook
On this page
  • Configuration
  • Running
  • Requests
  • Ping
  • Protect IP
  • Unprotect IP
  • Protect MAC
  • Unprotect MAC
  • Protect interface
  • Unprotect interface
  • Dump config file
  • Get available countries
  • Responses
  • Get available countries
  • Async events
  • Dynamic interfaces configuration

Was this helpful?

  1. SDK
  2. Unified VPN SDK for Routers

Configuration Interface (CI)

PreviousSDK. Shared library.NextUnix Domain Sockets CI

Last updated 1 year ago

Was this helpful?

SDK Configuration Interface (CI) is a VPN client which uses a VPN SDK shared library.

It supports static file configuration and dynamic configuration using or .

Configuration

Major options of the configuration:

Parameter
Data type
Description

auth_method

char

Any supported OAuth provider (i.e. Firebase) or anonymous

auth_token

char

OAuth token (if a relevant OAuth provider is set for the auth method)

device_id

char

Desirable device identifier. The default value "default_device_id" will be used if this parameter is empty

device_type

char

Any value (i.e. Android / macOS / Windows / iOS). The default value "wrt" will be used if this parameter is empty

project_id

char

Public key of the project, which is sometimes referred to as project name or carrier ID. The default value "af_router_sdk_test" will be used if this parameter is empty

rcvbuf

int

Socket receive buffer limit specified in bytes (values below 1 will be ignored and no limit will be applied)

sndbuf

int

Socket send buffer limit specified in bytes (values below 1 will be ignored and no limit will be applied)

no_iptables

int

Routes internal configuration switcher. 1 (routes are configurated with internal SDK mechanism) and 0 (routes are configurated externally) are accetable values, with latter being default

no_socket_setup

int

Virtual interface configuration switcher. 1 (ignore tun_addr value) and 0 (use tun_addr value)are acceptable values, with latter being default

Running

afwrt-ci <config_path>

"config_path" - path to static file configuration which format was described . Can be empty.

Default: "/etc/afwrt/afwrt-ci.conf"

Requests

The request is a JSON string with the"request" field and request-specific fields. "request" is one of the following values.

Ping

Just check configuration interface is alive, don't change anything.

Value: "ping"

Params: None

Protect IP

Add route for the following IP.

Value: "protect_ip"

Params:

  • "ip_addr" - IP address to protect

  • "vl" - desired VPN location traffic from "ip_addr" go to

Unprotect IP

Remove route for the following IP.

Value: "unprotect_ip"

Params:

  • "ip_addr" - IP address to unprotect

Protect MAC

Add route for the following MAC.

Value: "protect_mac"

Params:

  • "mac_addr" - MAC address to protect

  • "vl" - desired VPN country traffic from "mac_addr" go to

Unprotect MAC

Remove route for the following MAC.

Value: "unprotect_mac"

Params:

  • "mac_addr" - MAC address to unprotect

Protect interface

Add route for the following interface.

Value: "protect_iface"

Params:

  • "iface" - interface to protect

  • "vl" - desired VPN country traffic from "iface" go to

Unprotect interface

Remove route for the following interface.

Value: "unprotect_iface"

Params:

  • "iface" - interface to unprotect

Dump config file

Dump config to the filesystem.

Value: "dump_config"

Params:

  • "config_path" - path to file where config should be dumped. If empty or not specified, dump to a file which used to run afwrt-ci.

Get available countries

Get the list of available VPN countries.

Value: "get_countries"

Params: None

Responses

The response is a JSON string with "status" field and set of optional fields, such as "message" and response-specific fields.

"status" is one of the following codes:

  • -1 - internal error. Allocation errors, internal exceptions.

  • 0 - success.

  • 1 - configuration error. Error changing internal configuration structures.

  • 2 - bad request. The request is not recognized.

  • 3 - bad format. Required request parameters are missing.

  • 4 - VPN error. Error sending a request to VPN core.

"message" filed contains specific information about errors if any.

Get available countries

Response fields:

  • "countries" - JSON array of country codes available.

Response example: { "status" : 0, "countries" : ["de","no","us"] }

Async events

Dynamic interfaces configuration

If chosen dynamic interface supports sending of async events, you will get them as-is from the SDK library. All async events are listed .

Please, follow the configuration section of or . Only one dynamic interface can run at one time or both can be disabled. Unix Domain Sockets interface has a higher priority.

REST API
Unix Domain Sockets
here
here
Unix Domain Sockets
REST API