Configuration Interface (CI)
SDK Configuration Interface (CI) is a VPN client which uses a VPN SDK shared library.
It supports static file configuration and dynamic configuration using REST API or Unix Domain Sockets.
Configuration
Major options of the configuration:
auth_method
char
Any supported OAuth provider (i.e. Firebase) or anonymous
auth_token
char
OAuth token (if a relevant OAuth provider is set for the auth method)
device_id
char
Desirable device identifier. The default value "default_device_id" will be used if this parameter is empty
device_type
char
Any value (i.e. Android / macOS / Windows / iOS). The default value "wrt" will be used if this parameter is empty
project_id
char
Public key of the project, which is sometimes referred to as project name or carrier ID. The default value "af_router_sdk_test" will be used if this parameter is empty
rcvbuf
int
Socket receive buffer limit specified in bytes (values below 1 will be ignored and no limit will be applied)
sndbuf
int
Socket send buffer limit specified in bytes (values below 1 will be ignored and no limit will be applied)
no_iptables
int
Routes internal configuration switcher. 1 (routes are configurated with internal SDK mechanism) and 0 (routes are configurated externally) are accetable values, with latter being default
no_socket_setup
int
Virtual interface configuration switcher. 1 (ignore tun_addr value) and 0 (use tun_addr value)are acceptable values, with latter being default
Running
"config_path" - path to static file configuration which format was described here. Can be empty.
Default: "/etc/afwrt/afwrt-ci.conf"
Requests
The request is a JSON string with the"request" field and request-specific fields. "request" is one of the following values.
Ping
Just check configuration interface is alive, don't change anything.
Value: "ping"
Params: None
Protect IP
Add route for the following IP.
Value: "protect_ip"
Params:
"ip_addr"- IP address to protect"vl"- desired VPN location traffic from"ip_addr"go to
Unprotect IP
Remove route for the following IP.
Value: "unprotect_ip"
Params:
"ip_addr"- IP address to unprotect
Protect MAC
Add route for the following MAC.
Value: "protect_mac"
Params:
"
mac_addr"- MAC address to protect"vl"- desired VPN country traffic from "mac_addr" go to
Unprotect MAC
Remove route for the following MAC.
Value: "unprotect_mac"
Params:
"mac_addr"- MAC address to unprotect
Protect interface
Add route for the following interface.
Value: "protect_iface"
Params:
"iface"- interface to protect"vl"- desired VPN country traffic from "iface" go to
Unprotect interface
Remove route for the following interface.
Value: "unprotect_iface"
Params:
"iface"- interface to unprotect
Dump config file
Dump config to the filesystem.
Value: "dump_config"
Params:
"config_path"- path to file where config should be dumped. If empty or not specified, dump to a file which used to run afwrt-ci.
Get available countries
Get the list of available VPN countries.
Value: "get_countries"
Params: None
Responses
The response is a JSON string with "status" field and set of optional fields, such as "message" and response-specific fields.
"status" is one of the following codes:
-1- internal error. Allocation errors, internal exceptions.0- success.1- configuration error. Error changing internal configuration structures.2- bad request. The request is not recognized.3- bad format. Required request parameters are missing.4- VPN error. Error sending a request to VPN core.
"message" filed contains specific information about errors if any.
Get available countries
Response fields:
"countries"- JSON array of country codes available.
Response example: { "status" : 0, "countries" : ["de","no","us"] }
Async events
If chosen dynamic interface supports sending of async events, you will get them as-is from the SDK library. All async events are listed here.
Dynamic interfaces configuration
Please, follow the configuration section of Unix Domain Sockets or REST API. Only one dynamic interface can run at one time or both can be disabled. Unix Domain Sockets interface has a higher priority.
Last updated