Download OpenAPI specification:
来源于 ikuai-doc/openapi_specs/vpn/。
为避免 Redoc 单页一次性加载全部 API 导致浏览器 heap 过高,部署版按分类拆分。
获取当前IKEv2/IPSec服务器的配置信息。 包括服务状态、认证方式、网络配置、证书等。
{- "message": "Success",
- "results": {
- "data": [
- {
- "id": 1,
- "enabled": "no",
- "name": "",
- "authby": "mschapv2",
- "addrpool": "10.6.1.0/24",
- "keyexchange": "ikev2",
- "aggressive": "yes",
- "secret": "verystrong",
- "leftid": "",
- "rightid": "",
- "dns1": "114.114.114.114",
- "dns2": "119.29.29.29",
- "share_deny": 0,
- "mtu": 1400,
- "privatekey": "-----BEGIN#RSA#PRIVATE#KEY-----@MIIEowIBAAKCAQEAsikev2PrivateKeyDemoData11111111111111111111111111@2222222222222222222222222222222222222222222222222222222222222222@3333333333333333333333333333333333333333333333333333333333333333@AoIBAFikev2PrivateKeyDemoPayload4444444444444444444444444444444444@5555555555555555555555555555555555555555555555555555555555555555@6666666666666666666666666666666666666666666666666666666666666666@-----END#RSA#PRIVATE#KEY-----@",
- "leftcert": "-----BEGIN#CERTIFICATE-----@MIIDWjCCAkKgAwIBAgIJAOikev2LeftCertDemoMA0GCSqGSIb3DQEBCwUAMDcxCzAJ@BgNVBAYTAkNOMQ4wDAYDVQQKDAVpS3VhaTEYMBYGA1UEAwwPaUt1YWkgSUtFdjIg@Q0EwHhcNMjYwMjA2MTAzMTEwWhcNMzYwMjA0MTAzMTEwWjA4MQswCQYDVQQGEwJD@TjEOMAwGA1UECgwFaUt1YWkxGTAXBgNVBAMMEHZwbi5leGFtcGxlLmNvbTCCASIw@DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKikev2LeftCertDemoData11111@2222222222222222222222222222222222222222222222222222222222222222@3333333333333333333333333333333333333333333333333333333333333333@AgMBAAGjUDBOMB0GA1UdDgQWBBRikev2LeftCertDemo111111111111111111111@MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAAaaaabbbbccccdddd@1111111111111111111111111111111111111111111111111111111111111111@2222222222222222222222222222222222222222222222222222222222222222@-----END#CERTIFICATE-----@"
}
]
}
}更新IKEv2/IPSec服务器的配置信息。 支持更新认证方式、网络配置、证书、安全设置等。
注意: 本接口为全量修改,请求时需传入所有字段。无需修改的字段请保持原值或传空值,未传入的字段可能被重置。
IKEv2/IPSec服务器配置数据
| id required | integer <int64> >= 1 配置ID,必须传入 |
| enabled required | string Enum: "yes" "no" 服务开启状态 |
| authby required | string Default: "mschapv2" Enum: "secret" "mschapv2" 认证方式:secret-预共享密钥,mschapv2-EAP-MSCHAPv2 |
| addrpool required | string Default: "10.6.1.0/24" 客户端地址池,CIDR网络地址格式(如 10.6.1.0/24),必须为网络地址而非主机地址 |
| secret required | string <= 64 characters 预共享密钥(authby=secret时必填,1-64个字符,) |
| leftid required | string [ 1 .. 64 ] characters 本地标识,authby=mschapv2 时必填,长度为 1-64 个字符。 对于非 iKuai 路由客户端对接场景,必须使用以域名签发的服务器证书,并将本地标识配置为与该证书主题名称(CN)或主体备用名称(SAN)一致的完整域名(FQDN)。 若本地标识与证书对应域名不一致,可能导致客户端身份校验失败或连接建立失败。 |
| rightid required | string <= 100 characters 对端标识(1-100个字符,) |
| dns1 required | string Default: "114.114.114.114" DNS服务器1,必须为合法IP |
| dns2 required | string Default: "119.29.29.29" DNS服务器2,必须为合法IP |
| share_deny required | integer Default: 0 Enum: 0 1 共享数超出处理动作 |
| mtu required | integer [ 1000 .. 1492 ] Default: 1400 MTU值 |
| privatekey required | string 私钥,authby=mschapv2 时必填,使用转义后的单行 PEM 字符串传递:
|
| leftcert required | string 本地证书,authby=mschapv2 时必填,使用转义后的单行 PEM 字符串传递:
|
{- "enabled": "yes",
- "authby": "mschapv2",
- "addrpool": "10.6.1.0/24",
- "secret": "verystrong",
- "leftid": "vpn.example.com",
- "rightid": "",
- "dns1": "114.114.114.114",
- "dns2": "119.29.29.29",
- "share_deny": 0,
- "mtu": 1400,
- "privatekey": "-----BEGIN#RSA#PRIVATE#KEY-----@MIIEowIBAAKCAQEAsikev2PrivateKeyDemoData11111111111111111111111111@2222222222222222222222222222222222222222222222222222222222222222@3333333333333333333333333333333333333333333333333333333333333333@AoIBAFikev2PrivateKeyDemoPayload4444444444444444444444444444444444@5555555555555555555555555555555555555555555555555555555555555555@6666666666666666666666666666666666666666666666666666666666666666@-----END#RSA#PRIVATE#KEY-----@",
- "leftcert": "-----BEGIN#CERTIFICATE-----@MIIDWjCCAkKgAwIBAgIJAOikev2LeftCertDemoMA0GCSqGSIb3DQEBCwUAMDcxCzAJ@BgNVBAYTAkNOMQ4wDAYDVQQKDAVpS3VhaTEYMBYGA1UEAwwPaUt1YWkgSUtFdjIg@Q0EwHhcNMjYwMjA2MTAzMTEwWhcNMzYwMjA0MTAzMTEwWjA4MQswCQYDVQQGEwJD@TjEOMAwGA1UECgwFaUt1YWkxGTAXBgNVBAMMEHZwbi5leGFtcGxlLmNvbTCCASIw@DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKikev2LeftCertDemoData11111@2222222222222222222222222222222222222222222222222222222222222222@3333333333333333333333333333333333333333333333333333333333333333@AgMBAAGjUDBOMB0GA1UdDgQWBBRikev2LeftCertDemo111111111111111111111@MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAAaaaabbbbccccdddd@1111111111111111111111111111111111111111111111111111111111111111@2222222222222222222222222222222222222222222222222222222222222222@-----END#CERTIFICATE-----@"
}{- "code": 0,
- "message": "Success"
}{- "message": "Success",
- "results": {
- "data": [
- {
- "enabled": "no",
- "server_ip": "10.1.0.1",
- "server_port": 1701,
- "addr_pool": "10.1.0.2-10.1.0.254",
- "dns1": "114.114.114.114",
- "force_ipsec": 0,
- "dns2": "119.29.29.29",
- "rightid": "",
- "mtu": 1400,
- "mru": 1400,
- "ipsec_secret": "",
- "leftid": "",
- "id": 1
}
]
}
}更新L2TP服务器的配置信息。 支持更新网络配置、IPSec设置、安全参数等。
注意: 本接口为全量修改,请求时需传入所有字段。无需修改的字段请保持原值或传空值,未传入的字段可能被重置。
L2TP服务器配置数据
| enabled required | string Enum: "yes" "no" 服务开启状态 |
| server_ip required | string Default: "10.1.0.1" 服务器地址,必须为合法IP |
| server_port required | integer [ 1 .. 65535 ] Default: 1701 服务器端口,不传时默认1701 |
| addr_pool required | string Default: "10.1.0.2-10.1.0.254" 客户端地址池 |
| dns1 required | string Default: "114.114.114.114" DNS服务器1,必须为合法IP |
| dns2 required | string Default: "119.29.29.29" DNS服务器2,必须为合法IP |
| mtu required | integer [ 1000 .. 1492 ] Default: 1400 MTU值 |
| mru required | integer [ 1000 .. 1492 ] Default: 1400 MRU值 |
| ipsec_secret | string <= 64 characters IPSec预共享密钥 |
| leftid | string <= 100 characters IPSec本地标识(允许为空,最多100个字符) |
| rightid | string <= 100 characters IPSec对端标识(允许为空,最多100个字符) |
| force_ipsec required | integer Default: 0 Enum: 0 1 禁止非加密的连接,0为允许,1为禁止 |
{- "enabled": "yes",
- "server_ip": "10.1.0.1",
- "server_port": 1701,
- "addr_pool": "10.1.0.2-10.1.0.254",
- "dns1": "114.114.114.114",
- "dns2": "119.29.29.29",
- "mtu": 1400,
- "mru": 1400,
- "ipsec_secret": "mysecret",
- "leftid": "vpn.example.com",
- "rightid": "",
- "force_ipsec": 1
}{- "code": 0,
- "message": "Success"
}{- "message": "Success",
- "results": {
- "total": 1,
- "data": [
- {
- "enabled": "no",
- "proto": "udp",
- "port": "1194",
- "subnet": "10.7.7.0",
- "mask": "255.255.255.0",
- "tun_mtu": "1400",
- "cipher": "BF-CBC",
- "auth": "",
- "comp_lzo": "1",
- "dev_type": "tun",
- "topology": "subnet",
- "method": 0,
- "tls_auth": "-----BEGIN#OpenVPN#Static#key#V1-----@2048#bit#OpenVPN#static#key@11111111111111111111111111111111@11111111111111111111111111111111@11111111111111111111111111111111@11111111111111111111111111111111@11111111111111111111111111111111@11111111111111111111111111111111@11111111111111111111111111111111@11111111111111111111111111111111@-----END#OpenVPN#Static#key#V1-----@",
- "ca": "-----BEGIN#CERTIFICATE-----@MIIDQTCCAimgAwIBAgIJAMqVcmi6/37xMA0GCSqGSIb3DQEBCwUAMDcxCzAJBgNV@BAYTAkNOMQ4wDAYDVQQKDAVpS3VhaTEYMBYGA1UEAwwPaUt1YWkgRGV2aWNlIENB@MB4XDTI2MDIwNjEwMzExMFoXDTM2MDIwNDEwMzExMFowNzELMAkGA1UEBhMCQ04x@DjAMBgNVBAoMBWlLdWFpMRgwFgYDVQQDDA9pS3VhaSBEZXZpY2UgQ0EwggEiMA0G@CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeCJGD4jX3PY5IdOYRv0gxfYPYikOc@hQkF5XAWQZgFxnuelDEkzl7RCOFVqsnwY/npOzI7VSsyLACPNkOdvyEvO+QGfRli@3zx0EfwRHGhLQbt/TDT0D9IZCab2oswdYjORtXcIe5dT3j2i8M2vv6wnJ7ip8GKu@ahfgJzakBZIRcQyEopTCmNbC5VAdCb/gQ0ezPnogPG6pbxxgE8OJIGH0+IgMFFTv@0wKVOCyHJgZNAZNnzP3yi5SCJvBnfU4wadXDAztGtq5El5l2lBP7s3KH65u0M/46@wo5NHyxZhn+M8S86EE4RkAeHI+1FqJASjW9ivNTRphFZMyW/Q4qbdEtrAgMBAAGj@UDBOMB0GA1UdDgQWBBRYp/q+2podeA2lc3khLBN+RGf+5TAfBgNVHSMEGDAWgBRY@p/q+2podeA2lc3khLBN+RGf+5TAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUA@A4IBAQCHj5mxVYnaQcvMpjpWdXBS6XVpdiRpuqzRoqOYEnhzXOwwqnJ/EkJwa0RH@wFZUZrQC9bbxnIz+9kmlQKoTwtzzd9GVZeb3JeU9fcd/1BJdRLRiqqXw1EW0+QOV@7NCP1NqVMUsornypW1Y0JPcNfcvx/+oQXIIsS3EjOn+ye3ZASSRNi6+4zXNX2l53@8revjpAVnww0FS/zDeFGD9c9n6aYxvLxqXaBgNO3eOb2EAQAuNwncOvXZ9hBY8rz@A9jTuDVM1inhzROPguwt+j2moZedLm8DRgQxHjIkVvIOsq/50ApOVlGBCHjGJsay@tj3+p42yHrbmuCKvE6cCc0m2fhpw@-----END#CERTIFICATE-----@",
- "cert": "-----BEGIN#CERTIFICATE-----@MIIDWjCCAkKgAwIBAgIJAOserverCertDemoMA0GCSqGSIb3DQEBCwUAMDcxCzAJ@BgNVBAYTAkNOMQ4wDAYDVQQKDAVpS3VhaTEYMBYGA1UEAwwPaUt1YWkgU2VydmVy@Q0EwHhcNMjYwMjA2MTAzMTEwWhcNMzYwMjA0MTAzMTEwWjA6MQswCQYDVQQGEwJD@TjEOMAwGA1UECgwFaUt1YWkxGzAZBgNVBAMMEm9wZW52cG4tc2VydmVyLWNlcnQw@ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCserverCertDemoData@1111111111111111111111111111111111111111111111111111111111111111@2222222222222222222222222222222222222222222222222222222222222222@AgMBAAGjUDBOMB0GA1UdDgQWBBSserverCertDemo1111111111111111111111@MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAAaabbbbccccdddd@1111111111111111111111111111111111111111111111111111111111111111@2222222222222222222222222222222222222222222222222222222222222222@-----END#CERTIFICATE-----@",
- "key": "-----BEGIN#RSA#PRIVATE#KEY-----@MIIEowIBAAKCAQEAsserverPrivateKeyDemoData1111111111111111111111111@2222222222222222222222222222222222222222222222222222222222222222@3333333333333333333333333333333333333333333333333333333333333333@AoIBAFserverPrivateKeyDemoPayload444444444444444444444444444444444@5555555555555555555555555555555555555555555555555555555555555555@6666666666666666666666666666666666666666666666666666666666666666@-----END#RSA#PRIVATE#KEY-----@",
- "push_gateway": "0",
- "push_route": "10.7.0.0/16",
- "push_route_comment": "",
- "push_dns": "",
- "extra_config": "",
- "status": 0
}
]
}
}更新OpenVPN服务器的配置信息。
支持更新协议设置、加密配置、证书、网络配置等。
tls_auth 仅 method=1 或 2 时必填;auth、push_gateway、push_dns 若 GET 回显存在则原样透传,否则可不传。
OpenVPN服务器配置数据
| enabled required | string Enum: "yes" "no" 服务开启状态 |
| proto required | string Enum: "udp" "tcp" 协议类型 |
| port required | string Default: "1194" 服务端口,1-65535 |
| subnet required | string VPN网段,必须为合法IP |
| mask required | string 网段掩码,必须为合法IP |
| tun_mtu required | string Default: "1400" 隧道MTU,576-1500 |
| cipher required | string <= 64 characters Default: "BF-CBC" 加密算法(最多64个字符) |
| comp_lzo required | string Default: "1" Enum: "0" "1" LZO压缩 |
| dev_type required | string Default: "tun" Enum: "tun" "tap" 设备类型 |
| topology required | string Default: "subnet" Enum: "net30" "subnet" 网络拓扑 |
| method required | integer Default: 0 Enum: 0 1 2 认证方法:0-账号认证,1-tls-auth,2-tls-crypt |
| tls_auth | string TLS 认证密钥,method=1 或 method=2 时必填,使用转义后的单行 OpenVPN Static key 字符串传递:
|
| ca required | string CA证书,使用转义后的单行 PEM 字符串传递:
|
| cert required | string 服务器证书,使用转义后的单行 PEM 字符串传递:
|
| key required | string 服务器私钥,使用转义后的单行 PEM 字符串传递:
|
| push_gateway | string Default: "0" 推送网关 |
| push_route | string 推送路由 |
| push_route_comment | string <= 64 characters 路由备注(最多64个字符) |
| push_dns | string 推送DNS |
| extra_config | string 额外配置 |
{- "enabled": "yes",
- "proto": "udp",
- "port": "1194",
- "subnet": "10.7.7.0",
- "mask": "255.255.255.0",
- "tun_mtu": "1400",
- "cipher": "BF-CBC",
- "comp_lzo": "1",
- "dev_type": "tun",
- "topology": "subnet",
- "method": 0,
- "tls_auth": "-----BEGIN#OpenVPN#Static#key#V1-----@2048#bit#OpenVPN#static#key@11111111111111111111111111111111@11111111111111111111111111111111@11111111111111111111111111111111@11111111111111111111111111111111@11111111111111111111111111111111@11111111111111111111111111111111@11111111111111111111111111111111@11111111111111111111111111111111@-----END#OpenVPN#Static#key#V1-----@",
- "ca": "-----BEGIN#CERTIFICATE-----@MIIDQTCCAimgAwIBAgIJAMqVcmi6/37xMA0GCSqGSIb3DQEBCwUAMDcxCzAJBgNV@BAYTAkNOMQ4wDAYDVQQKDAVpS3VhaTEYMBYGA1UEAwwPaUt1YWkgRGV2aWNlIENB@MB4XDTI2MDIwNjEwMzExMFoXDTM2MDIwNDEwMzExMFowNzELMAkGA1UEBhMCQ04x@DjAMBgNVBAoMBWlLdWFpMRgwFgYDVQQDDA9pS3VhaSBEZXZpY2UgQ0EwggEiMA0G@CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeCJGD4jX3PY5IdOYRv0gxfYPYikOc@hQkF5XAWQZgFxnuelDEkzl7RCOFVqsnwY/npOzI7VSsyLACPNkOdvyEvO+QGfRli@3zx0EfwRHGhLQbt/TDT0D9IZCab2oswdYjORtXcIe5dT3j2i8M2vv6wnJ7ip8GKu@ahfgJzakBZIRcQyEopTCmNbC5VAdCb/gQ0ezPnogPG6pbxxgE8OJIGH0+IgMFFTv@0wKVOCyHJgZNAZNnzP3yi5SCJvBnfU4wadXDAztGtq5El5l2lBP7s3KH65u0M/46@wo5NHyxZhn+M8S86EE4RkAeHI+1FqJASjW9ivNTRphFZMyW/Q4qbdEtrAgMBAAGj@UDBOMB0GA1UdDgQWBBRYp/q+2podeA2lc3khLBN+RGf+5TAfBgNVHSMEGDAWgBRY@p/q+2podeA2lc3khLBN+RGf+5TAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUA@A4IBAQCHj5mxVYnaQcvMpjpWdXBS6XVpdiRpuqzRoqOYEnhzXOwwqnJ/EkJwa0RH@wFZUZrQC9bbxnIz+9kmlQKoTwtzzd9GVZeb3JeU9fcd/1BJdRLRiqqXw1EW0+QOV@7NCP1NqVMUsornypW1Y0JPcNfcvx/+oQXIIsS3EjOn+ye3ZASSRNi6+4zXNX2l53@8revjpAVnww0FS/zDeFGD9c9n6aYxvLxqXaBgNO3eOb2EAQAuNwncOvXZ9hBY8rz@A9jTuDVM1inhzROPguwt+j2moZedLm8DRgQxHjIkVvIOsq/50ApOVlGBCHjGJsay@tj3+p42yHrbmuCKvE6cCc0m2fhpw@-----END#CERTIFICATE-----@",
- "cert": "-----BEGIN#CERTIFICATE-----@MIIDWjCCAkKgAwIBAgIJAOserverCertDemoMA0GCSqGSIb3DQEBCwUAMDcxCzAJ@BgNVBAYTAkNOMQ4wDAYDVQQKDAVpS3VhaTEYMBYGA1UEAwwPaUt1YWkgU2VydmVy@Q0EwHhcNMjYwMjA2MTAzMTEwWhcNMzYwMjA0MTAzMTEwWjA6MQswCQYDVQQGEwJD@TjEOMAwGA1UECgwFaUt1YWkxGzAZBgNVBAMMEm9wZW52cG4tc2VydmVyLWNlcnQw@ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCserverCertDemoData@1111111111111111111111111111111111111111111111111111111111111111@2222222222222222222222222222222222222222222222222222222222222222@AgMBAAGjUDBOMB0GA1UdDgQWBBSserverCertDemo1111111111111111111111@MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAAaabbbbccccdddd@1111111111111111111111111111111111111111111111111111111111111111@2222222222222222222222222222222222222222222222222222222222222222@-----END#CERTIFICATE-----@",
- "key": "-----BEGIN#RSA#PRIVATE#KEY-----@MIIEowIBAAKCAQEAsserverPrivateKeyDemoData1111111111111111111111111@2222222222222222222222222222222222222222222222222222222222222222@3333333333333333333333333333333333333333333333333333333333333333@AoIBAFserverPrivateKeyDemoPayload444444444444444444444444444444444@5555555555555555555555555555555555555555555555555555555555555555@6666666666666666666666666666666666666666666666666666666666666666@-----END#RSA#PRIVATE#KEY-----@",
- "push_gateway": "0",
- "push_route": "10.7.0.0/16",
- "push_dns": "8.8.8.8",
- "extra_config": ""
}{- "code": 0,
- "message": "Success"
}{- "message": "Success",
- "results": {
- "data": [
- {
- "id": 1,
- "enabled": "no",
- "dns1": "114.114.114.114",
- "dns2": "119.29.29.29",
- "addr_pool": "10.0.0.2-10.0.0.254",
- "open_mppe": 2,
- "server_ip": "10.0.0.1",
- "server_port": 1723,
- "mtu": 1400,
- "mru": 1400
}
]
}
}更新PPTP服务器的配置信息。 支持更新网络配置、DNS设置、加密协议、传输参数等。
注意: 本接口为全量修改,请求时需传入所有字段。无需修改的字段请保持原值或传空值,未传入的字段可能被重置。
PPTP服务器配置数据
| enabled required | string Enum: "yes" "no" 服务开启状态 |
| dns1 required | string Default: "114.114.114.114" DNS服务器1,必须为合法IP |
| dns2 required | string Default: "119.29.29.29" DNS服务器2,必须为合法IP |
| addr_pool required | string Default: "10.0.0.2-10.0.0.254" 客户端地址池 |
| open_mppe required | integer Default: 2 Enum: 0 1 2 MPPE加密协议,0-关闭,1-强制开启,2-自动协商 |
| server_ip required | string Default: "10.0.0.1" 服务器地址,必须为合法IP |
| server_port required | integer [ 1 .. 65535 ] Default: 1723 服务器端口,不传时默认1723 |
| mtu required | integer [ 1000 .. 1492 ] Default: 1400 MTU值 |
| mru required | integer [ 1000 .. 1492 ] Default: 1400 MRU值 |
{- "enabled": "yes",
- "dns1": "114.114.114.114",
- "dns2": "119.29.29.29",
- "addr_pool": "10.0.0.2-10.0.0.254",
- "open_mppe": 2,
- "server_ip": "10.0.0.1",
- "server_port": 1723,
- "mtu": 1400,
- "mru": 1400
}{- "code": 0,
- "message": "Success"
}获取所有IKEv2客户端配置列表。 支持分页、排序、模糊匹配和过滤功能。
| page | integer >= 1 Default: 1 Example: page=1 页码(从1开始) |
| limit | integer >= 1 Default: 20 Example: limit=20 每页记录数 |
| order | string Default: "asc" Enum: "asc" "desc" Example: order=asc 排序方向,asc为升序(默认),desc为降序 |
| order_by | string Default: "id" Example: order_by=id 排序字段,支持id、name、remote_addr、interface等字段 |
| key | string Enum: "name" "comment" "remote_addr" "interface" "leftid" "rightid" "username" Example: key=name 模糊匹配字段名称,支持name、comment、remote_addr、interface等字段 |
| pattern | string Example: pattern=test 模糊匹配内容 |
| filter | string Example: filter=enabled==yes 过滤条件,支持精确匹配和多条件组合。 支持的操作符:==、!=、>、>=、<、<= 多条件连接语法:
使用示例:
|
{- "message": "Success",
- "results": {
- "total": 25,
- "data": [
- {
- "id": 1,
- "enabled": "yes",
- "name": "ikev2_client",
- "comment": "主办公室VPN连接",
- "remote_addr": "vpn.example.com",
- "interface": "wan1",
- "mtu": 1400,
- "authby": "mschapv2",
- "aggressive": "yes",
- "secret": "verystrongkey",
- "leftid": "localikev2",
- "rightid": "remoteikev2",
- "username": "vpnuser",
- "passwd": "vpnpassword",
- "check_link_mode": 2,
- "check_link_host": "www.baidu.com",
- "ip_addr": ""
}
]
}
}添加新的IKEv2 VPN客户端配置。 支持MSCHAPv2和Secret认证方式。
IKEv2客户端配置数据
| enabled required | string Enum: "yes" "no" 客户端启用状态,yes为启用,no为停用 |
| name required | string [ 1 .. 15 ] characters ^[a-zA-Z0-9_-]+$ 客户端名称 |
| comment | string [ 0 .. 64 ] characters ^[\u4e00-\u9fa5a-zA-Z0-9][\u4e00-\u9fa5a-zA-Z... 备注信息,最多64个字符,不支持特殊字符 |
| remote_addr required | string <hostname> 远端服务器地址 |
| interface required | string [ 1 .. 20 ] characters ^[a-zA-Z0-9_-]+$ 绑定的网络接口 |
| mtu | integer [ 576 .. 1500 ] Default: 1400 MTU值 |
| authby required | string Default: "mschapv2" Enum: "secret" "mschapv2" 认证方式 |
| secret | string [ 1 .. 64 ] characters 预共享密钥(authby=secret 时必填) |
| leftid required | string [ 1 .. 100 ] characters ^[a-zA-Z0-9@.-]+$ 本地标识符 |
| rightid | string <= 100 characters ^[a-zA-Z0-9@.-]+$ 远端标识符 |
| username | string [ 1 .. 64 ] characters ^[a-zA-Z0-9_-]+$ 用户名(authby=mschapv2 时必填,1-64字符) |
| passwd | string [ 1 .. 64 ] characters 密码(authby=mschapv2 时必填,1-64字符) |
| check_link_mode required | integer [ 1 .. 6 ] Default: 2 Enum: 1 2 3 4 5 6 线路检测模式 |
| check_link_host required | string <hostname> Default: "www.baidu.com" 线路检测地址 |
{- "enabled": "yes",
- "name": "ikev2_client_001",
- "comment": "主办公室VPN连接",
- "remote_addr": "vpn.example.com",
- "interface": "wan1",
- "authby": "mschapv2",
- "secret": "verystrongkey",
- "leftid": "localikev2",
- "rightid": "remoteikev2",
- "username": "vpnuser",
- "passwd": "vpnpassword",
- "check_link_mode": 2,
- "check_link_host": "www.baidu.com"
}{- "code": 0,
- "message": "Success"
}根据ID获取单个IKEv2客户端的详细配置信息。 需要提供有效的客户端ID。
| id required | integer <int64> >= 1 Example: 1 IKEv2客户端ID |
{- "message": "Success",
- "results": {
- "total": 1,
- "data": [
- {
- "id": 1,
- "enabled": "yes",
- "name": "ikev2_client",
- "comment": "主办公室VPN连接",
- "remote_addr": "vpn.example.com",
- "interface": "wan1",
- "mtu": 1400,
- "authby": "mschapv2",
- "aggressive": "yes",
- "secret": "verystrongkey",
- "leftid": "localikev2",
- "rightid": "remoteikev2",
- "username": "vpnuser",
- "passwd": "vpnpassword",
- "check_link_mode": 2,
- "check_link_host": "www.baidu.com",
- "ip_addr": ""
}
]
}
}完全更新现有的IKEv2客户端配置。
注意: 本接口为全量修改,请求时需传入所有字段。无需修改的字段请保持原值或传空值,未传入的字段可能被重置。
| id required | integer <int64> >= 1 Example: 1 IKEv2客户端ID |
完整的IKEv2客户端配置数据
| id required | integer <int64> >= 1 客户端ID |
| enabled required | string Enum: "yes" "no" 客户端启用状态,yes为启用,no为停用 |
| name required | string [ 5 .. 15 ] characters ^iked[a-zA-Z0-9_]*$ 客户端名称,必须以iked开头,仅支持英文、数字、下划线,总长度5-15字符,不可重复 |
| comment | string [ 0 .. 64 ] characters 备注信息,最多64个字符,不支持特殊字符 |
| remote_addr required | string <hostname> 远端服务器地址 |
| interface required | string [ 1 .. 20 ] characters ^[a-zA-Z0-9_-]+$ 绑定的网络接口 |
| authby required | string Default: "mschapv2" Enum: "secret" "mschapv2" 认证方式 |
| secret | string [ 1 .. 64 ] characters 预共享密钥(authby=secret 时必填) |
| leftid required | string [ 1 .. 100 ] characters 本地标识符 |
| rightid | string <= 100 characters 远端标识符 |
| username | string [ 1 .. 64 ] characters 用户名(authby=mschapv2 时必填,1-64字符) |
| passwd | string [ 1 .. 64 ] characters 密码(authby=mschapv2 时必填,1-64字符) |
| check_link_mode required | integer [ 1 .. 6 ] Default: 1 Enum: 1 2 3 4 5 6 线路检测模式 |
| check_link_host required | string <hostname> Default: "www.baidu.com" 线路检测地址 |
{- "id": 1,
- "enabled": "yes",
- "name": "ikedclient",
- "comment": "主办公室VPN连接",
- "remote_addr": "vpn.example.com",
- "interface": "wan1",
- "authby": "mschapv2",
- "secret": "verystrongkey",
- "leftid": "localikev2",
- "rightid": "remoteikev2",
- "username": "vpnuser",
- "passwd": "vpnpassword",
- "check_link_mode": 1,
- "check_link_host": "www.baidu.com"
}{- "code": 0,
- "message": "Success"
}部分更新现有的IKEv2客户端配置。 主要用于启用/停用客户端状态。
| id required | integer <int64> >= 1 Example: 1 IKEv2客户端ID |
部分更新数据(如启用状态)
| enabled required | string Enum: "yes" "no" 客户端启用状态 |
{- "enabled": "yes"
}{- "code": 0,
- "message": "Success"
}获取所有IPSEC客户端配置列表。 支持分页、排序、模糊匹配和过滤功能。
| page | integer >= 1 Default: 1 Example: page=1 页码(从1开始) |
| limit | integer >= 1 Default: 20 Example: limit=20 每页记录数 |
| order | string Default: "asc" Enum: "asc" "desc" Example: order=asc 排序方向,asc为升序(默认),desc为降序 |
| order_by | string Default: "id" Example: order_by=id 排序字段,支持id、name、remote_addr、interface等字段 |
| key | string Enum: "name" "comment" "remote_addr" "interface" "authby" "leftsubnet" "rightsubnet" "leftid" "rightid" Example: key=name 模糊匹配字段名称,与 pattern 参数联合使用 |
| pattern | string Example: pattern=test 模糊匹配内容,与 key 参数联合使用 |
| filter | string Example: filter=enabled==yes 过滤条件,支持精确匹配和多条件组合。 支持的操作符:==、!=、>、>=、<、<= 多条件连接语法:
使用示例:
|
{- "message": "Success",
- "results": {
- "total": 25,
- "data": [
- {
- "id": 1,
- "name": "ipsecoffice",
- "comment": "主办公室IPSec_VPN连接",
- "remote_addr": "vpn.ikuai.cn",
- "authby": "secret",
- "leftsubnet": "192.168.1.0/24",
- "rightsubnet": "192.168.99.0/24",
- "interface": "wan1",
- "enabled": "yes",
- "keyexchange": "ikev2",
- "aggressive": "0",
- "keyingtries": 3,
- "ikelifetime": 3,
- "ike_enc": "aes256",
- "ike_auth": "sha256",
- "ike_dh": "modp2048",
- "secret": "sharedsecret123",
- "leftid": "localgateway",
- "rightid": "remotegateway",
- "privatekey": "",
- "leftcert": "",
- "rightcert": "",
- "lifetime": 1,
- "esp_enc": "aes256",
- "esp_auth": "sha256",
- "dpdaction": "none",
- "dpddelay": 30,
- "dpdtimeout": 150,
- "compress": "0",
- "status": 1
}
]
}
}添加新的IPSEC VPN客户端配置。
条件必填字段:
aggressive:当 keyexchange=ikev1 时必填,枚举值 0|1secret:当 authby=secret 时必填leftid、rightid、privatekey、leftcert、rightcert:当 authby=pubkey 时必填dpddelay、dpdtimeout:当 dpdaction 不为 none 时必填remote_addr:当 leftid 和 rightid 不同时存在时必填IPSEC客户端配置数据
| name required | string [ 6 .. 16 ] characters ^ipsec[a-zA-Z0-9_]*$ 客户端名称,必须以ipsec开头,仅支持英文、数字、下划线,总长度6-16字符,不可重复 |
| comment | string <= 64 characters 备注信息,最多64个字符,不支持特殊字符 |
| remote_addr | string 远端服务器地址,支持IPv4/IPv6/域名 |
| authby required | string Enum: "secret" "pubkey" 认证方式,secret为预共享密钥,pubkey为证书认证 |
| leftsubnet required | string 本地子网,格式为IP/掩码 |
| rightsubnet required | string 远端子网,支持多个IP/掩码,逗号分隔,不可重复;IKEv1模式下不支持多子网 |
| interface required | string 绑定的网络接口,auto表示自动选择,或指定WAN接口名称 |
| enabled required | string Enum: "yes" "no" 客户端启用状态,yes为启用,no为停用 |
| keyexchange required | string Enum: "ikev1" "ikev2" 密钥交换协议版本 |
| aggressive | string Enum: "0" "1" 激进模式,0为关闭,1为开启;当 keyexchange=ikev1 时必填 |
| ikelifetime required | integer [ 1 .. 72 ] IKE密钥生命周期(小时) |
| ike_enc | string Enum: "" "aes128" "aes192" "aes256" "3des" "des" IKE加密算法,留空表示使用默认算法组合 |
| ike_auth | string Enum: "" "md5" "sha1" "sha256" "sha512" IKE认证算法,留空表示使用默认算法组合 |
| ike_dh | string Enum: "" "modp768" "modp1024" "modp1536" "modp2048" "modp3072" "modp4096" IKE DH组,留空表示使用默认DH组 |
| secret | string <= 64 characters 预共享密钥,authby=secret时必填,最大64字符 |
| leftid | string <= 100 characters 本地标识符,authby=pubkey时必填,最大100字符 |
| rightid | string <= 100 characters 对方标识符,authby=pubkey时必填,最大100字符 |
| privatekey | string 私钥内容,authby=pubkey时必填 |
| leftcert | string 本地证书内容,authby=pubkey时必填 |
| rightcert | string 远端证书内容,authby=pubkey时必填 |
| lifetime required | integer [ 1 .. 72 ] IPSec SA生命周期(小时) |
| esp_enc | string Enum: "" "aes128" "aes192" "aes256" "3des" "des" ESP加密算法,留空表示使用默认算法组合 |
| esp_auth | string Enum: "" "md5" "sha1" "sha256" "sha512" ESP认证算法,留空表示使用默认算法组合 |
| dpdaction required | string Enum: "none" "clear" "hold" "restart" DPD操作,none表示不启用DPD |
| dpddelay | integer [ 5 .. 300 ] DPD检测间隔(秒),dpdaction不为none时必填,范围5-300 |
| dpdtimeout | integer [ 60 .. 600 ] DPD超时时间(秒),dpdaction不为none时必填 |
| compress required | string Enum: "0" "1" 数据压缩,0为关闭,1为开启 |
{- "name": "ipsecoffice",
- "comment": "主办公室IPSec_VPN连接",
- "remote_addr": "vpn.ikuai.cn",
- "authby": "secret",
- "leftsubnet": "192.168.1.0/24",
- "rightsubnet": "192.168.99.0/24",
- "interface": "wan1",
- "enabled": "yes",
- "keyexchange": "ikev2",
- "aggressive": "0",
- "ikelifetime": 3,
- "ike_enc": "aes256",
- "ike_auth": "sha256",
- "ike_dh": "modp2048",
- "secret": "sharedsecret123",
- "lifetime": 1,
- "esp_enc": "aes256",
- "esp_auth": "sha256",
- "dpdaction": "none",
- "compress": "0"
}{- "message": "Success"
}根据ID获取单个IPSEC客户端的详细配置信息。
| id required | integer <int64> >= 1 Example: 1 IPSEC客户端ID |
{- "message": "Success",
- "results": {
- "total": 1,
- "data": [
- {
- "id": 1,
- "name": "ipsecoffice",
- "comment": "主办公室IPSec_VPN连接",
- "remote_addr": "vpn.ikuai.cn",
- "authby": "secret",
- "leftsubnet": "192.168.1.0/24",
- "rightsubnet": "192.168.99.0/24",
- "interface": "wan1",
- "enabled": "yes",
- "keyexchange": "ikev2",
- "aggressive": "0",
- "keyingtries": 3,
- "ikelifetime": 3,
- "ike_enc": "aes256",
- "ike_auth": "sha256",
- "ike_dh": "modp2048",
- "secret": "sharedsecret123",
- "leftid": "localgateway",
- "rightid": "remotegateway",
- "privatekey": "",
- "leftcert": "",
- "rightcert": "",
- "lifetime": 1,
- "esp_enc": "aes256",
- "esp_auth": "sha256",
- "dpdaction": "none",
- "dpddelay": 30,
- "dpdtimeout": 150,
- "compress": "0",
- "status": 1
}
]
}
}完全更新现有的IPSEC客户端配置。
注意: 本接口为全量修改,请求时需传入所有字段。无需修改的字段请保持原值或传空值,未传入的字段可能被重置。
| id required | integer <int64> >= 1 Example: 1 IPSEC客户端ID |
完整的IPSEC客户端配置数据
| id required | integer <int64> >= 1 客户端ID |
| name required | string [ 6 .. 16 ] characters ^ipsec[a-zA-Z0-9_]*$ 客户端名称,必须以ipsec开头,仅支持英文、数字、下划线,总长度6-16字符,不可重复 |
| comment required | string <= 64 characters 备注信息,最多64个字符,不支持特殊字符 |
| remote_addr required | string 远端服务器地址,支持IPv4/IPv6/域名 |
| authby required | string Enum: "secret" "pubkey" 认证方式,secret为预共享密钥,pubkey为证书认证 |
| leftsubnet required | string 本地子网,格式为IPv4/掩码 |
| rightsubnet required | string 远端子网,支持多个IPv4/掩码,逗号分隔,不可重复;IKEv1模式下不支持多子网 |
| interface required | string 绑定的网络接口,auto表示自动选择,或指定WAN接口名称 |
| enabled required | string Enum: "yes" "no" 客户端启用状态,yes为启用,no为停用 |
| keyexchange required | string Enum: "ikev1" "ikev2" 密钥交换协议版本 |
| aggressive required | string Enum: "0" "1" 激进模式,0为关闭,1为开启;keyexchange=ikev1 时生效 |
| ikelifetime required | integer [ 1 .. 72 ] IKE密钥生命周期(小时) |
| ike_enc required | string Enum: "" "aes128" "aes192" "aes256" "3des" "des" IKE加密算法,留空表示使用默认算法组合 |
| ike_auth required | string Enum: "" "md5" "sha1" "sha256" "sha512" IKE认证算法,留空表示使用默认算法组合 |
| ike_dh required | string Enum: "" "modp768" "modp1024" "modp1536" "modp2048" "modp3072" "modp4096" IKE DH组,留空表示使用默认DH组 |
| secret required | string <= 64 characters 预共享密钥,authby=secret时必填,最大64字符;authby=pubkey时传空值 |
| leftid required | string <= 100 characters 本地标识符,authby=pubkey时必填,最大100字符;authby=secret时传空值 |
| rightid required | string <= 100 characters 对方标识符,authby=pubkey时必填,最大100字符;authby=secret时传空值 |
| privatekey required | string 私钥内容,authby=pubkey时必填;authby=secret时传空值 |
| leftcert required | string 本地证书内容,authby=pubkey时必填;authby=secret时传空值 |
| rightcert required | string 远端证书内容,authby=pubkey时必填;authby=secret时传空值 |
| lifetime required | integer [ 1 .. 72 ] IPSec SA生命周期(小时) |
| esp_enc required | string Enum: "" "aes128" "aes192" "aes256" "3des" "des" ESP加密算法,留空表示使用默认算法组合 |
| esp_auth required | string Enum: "" "md5" "sha1" "sha256" "sha512" ESP认证算法,留空表示使用默认算法组合 |
| dpdaction required | string Enum: "none" "clear" "hold" "restart" DPD操作,none表示不启用DPD |
| dpddelay required | integer [ 5 .. 300 ] DPD检测间隔(秒),dpdaction不为none时生效,范围5-300;dpdaction=none时传0 |
| dpdtimeout required | integer [ 60 .. 600 ] DPD超时时间(秒),dpdaction不为none时生效,范围60-600;dpdaction=none时传0 |
| compress required | string Enum: "0" "1" 数据压缩,0为关闭,1为开启 |
{- "id": 1,
- "name": "ipsecoffice",
- "comment": "主办公室IPSec_VPN连接",
- "remote_addr": "vpn.ikuai.cn",
- "authby": "secret",
- "leftsubnet": "192.168.1.0/24",
- "rightsubnet": "192.168.99.0/24",
- "interface": "wan1",
- "enabled": "yes",
- "keyexchange": "ikev2",
- "aggressive": "0",
- "ikelifetime": 3,
- "ike_enc": "aes256",
- "ike_auth": "sha256",
- "ike_dh": "modp2048",
- "secret": "sharedsecret123",
- "leftid": "localgateway",
- "rightid": "remotegateway",
- "privatekey": "",
- "leftcert": "",
- "rightcert": "",
- "lifetime": 1,
- "esp_enc": "aes256",
- "esp_auth": "sha256",
- "dpdaction": "none",
- "dpddelay": 30,
- "dpdtimeout": 150,
- "compress": "0"
}{- "code": 0,
- "message": "success"
}部分更新现有的IPSEC客户端配置。 主要用于启用/停用客户端状态。
| id required | integer <int64> >= 1 Example: 1 IPSEC客户端ID |
部分更新数据(如启用状态)
| enabled required | string Enum: "yes" "no" 客户端启用状态 |
{- "enabled": "yes"
}{- "code": 0,
- "message": "success"
}获取所有L2TP客户端配置列表。 支持分页、排序、模糊匹配和过滤功能。
| page | integer >= 1 Default: 1 Example: page=1 页码(从1开始) |
| limit | integer >= 1 Default: 20 Example: limit=20 每页记录数 |
| order | string Default: "asc" Enum: "asc" "desc" Example: order=asc 排序方向,asc为升序(默认),desc为降序 |
| order_by | string Default: "id" Example: order_by=id 排序字段,支持id、name、server、interface等字段 |
| key | string Enum: "name" "comment" "server" "interface" "username" "ipsec_secret" "leftid" "rightid" Example: key=name 模糊匹配字段名称,支持name、comment、server、interface、username等字段 |
| pattern | string Example: pattern=test 模糊匹配内容 |
| filter | string Example: filter=enabled==yes 过滤条件,支持精确匹配和多条件组合。 支持的操作符:==、!=、>、>=、<、<= 多条件连接语法:
使用示例:
|
{- "message": "Success",
- "results": {
- "total": 25,
- "data": [
- {
- "id": 1,
- "enabled": "yes",
- "name": "l2tp1",
- "comment": "主办公室L2TPVPN连接",
- "server": "vpn.example.com",
- "server_port": 1701,
- "username": "vpnuser",
- "passwd": "vpnpassword123",
- "ipsec_secret": "ipseckey123",
- "interface": "wan1",
- "leftid": "locall2tp",
- "rightid": "remotel2tp",
- "mtu": 1400,
- "mru": 1400,
- "check_link_mode": 2,
- "check_link_host": "www.baidu.com",
- "timing_rst_switch": 0,
- "timing_rst_week": "1234567",
- "timing_rst_time": "12:00",
- "cycle_rst_time": 0,
- "upload": 0,
- "download": 0,
- "updatetime": "",
- "dns1": "",
- "dns2": "",
- "mppe": "",
- "gateway": "",
- "ip_addr": ""
}
]
}
}添加新的L2TP VPN客户端配置。 支持IPSec加密和带宽控制功能。
L2TP客户端配置数据
| enabled required | string Enum: "yes" "no" 客户端启用状态,yes为启用,no为停用 |
| name required | string [ 4 .. 15 ] characters ^l2tp[a-zA-Z0-9_-]*$ 客户端名称(必须以l2tp开头) |
| comment | string [ 0 .. 64 ] characters 备注信息,最多64个字符,不支持特殊字符 |
| server required | string [ 1 .. 128 ] characters L2TP服务器地址 |
| server_port required | integer [ 1 .. 65535 ] Default: 1701 L2TP服务器端口 |
| username required | string [ 1 .. 100 ] characters 用户名 |
| passwd required | string [ 1 .. 64 ] characters 密码 |
| ipsec_secret | string [ 1 .. 64 ] characters IPSec预共享密钥 |
| interface required | string [ 1 .. 20 ] characters ^[a-zA-Z0-9_-]+$ 绑定的网络接口 |
| leftid | string <= 100 characters IPSec本地标识符(可选为空) |
| rightid | string <= 100 characters IPSec对端标识符(可选为空) |
| mtu required | integer [ 1000 .. 1492 ] Default: 1400 MTU值 |
| mru required | integer [ 1000 .. 1492 ] Default: 1400 MRU值 |
| check_link_mode required | integer [ 0 .. 6 ] Default: 2 Enum: 0 1 2 3 4 5 6 线路检测模式 |
| check_link_host required | string Default: "www.baidu.com" 线路检测地址 |
| timing_rst_switch | integer Default: 0 Enum: 0 1 定时重拨开关,0为关闭,1为开启(可选) |
| timing_rst_week | string^[1-7]+$ Default: "1234567" 定时重拨星期设置(1-7代表周一到周日,timing_rst_switch=1时必填) |
| timing_rst_time | string^([0-1]?[0-9]|2[0-3]):[0-5][0-9]$ Default: "12:00" 定时重拨时间(HH:MM格式,timing_rst_switch=1时必填) |
| cycle_rst_time required | integer [ 0 .. 500000 ] Default: 0 周期重连时间(分钟),0表示无限(可选) |
{- "enabled": "yes",
- "name": "l2tp_main_office",
- "comment": "主办公室L2TPVPN连接",
- "server": "vpn.example.com",
- "server_port": 1701,
- "username": "vpnuser",
- "passwd": "vpnpassword123",
- "ipsec_secret": "ipseckey123",
- "interface": "wan1",
- "leftid": "locall2tp",
- "rightid": "remotel2tp",
- "upload": 10000,
- "download": 50000,
- "mtu": 1400,
- "mru": 1400,
- "check_link_mode": 2,
- "check_link_host": "www.baidu.com",
- "timing_rst_switch": 0,
- "timing_rst_week": "1234567",
- "timing_rst_time": "12:00",
- "cycle_rst_time": 0
}{- "code": 0,
- "message": "Success",
- "rowid": 1
}根据ID获取单个L2TP客户端的详细配置信息。 需要提供有效的客户端ID。
| id required | integer <int64> >= 1 Example: 1 L2TP客户端ID |
{- "message": "Success",
- "results": {
- "total": 1,
- "data": [
- {
- "id": 1,
- "enabled": "yes",
- "name": "l2tp1",
- "comment": "主办公室L2TPVPN连接",
- "server": "vpn.example.com",
- "server_port": 1701,
- "username": "vpnuser",
- "passwd": "vpnpassword123",
- "ipsec_secret": "ipseckey123",
- "interface": "wan1",
- "leftid": "locall2tp",
- "rightid": "remotel2tp",
- "mtu": 1400,
- "mru": 1400,
- "check_link_mode": 2,
- "check_link_host": "www.baidu.com",
- "timing_rst_switch": 0,
- "timing_rst_week": "1234567",
- "timing_rst_time": "12:00",
- "cycle_rst_time": 0,
- "upload": 0,
- "download": 0,
- "updatetime": "",
- "dns1": "",
- "dns2": "",
- "mppe": "",
- "gateway": "",
- "ip_addr": ""
}
]
}
}完全更新现有的L2TP客户端配置。
注意: 本接口为全量修改,请求时需传入所有字段。无需修改的字段请保持原值或传空值,未传入的字段可能被重置。
| id required | integer <int64> >= 1 Example: 1 L2TP客户端ID |
完整的L2TP客户端配置数据
| id required | integer <int64> >= 1 客户端ID |
| enabled required | string Enum: "yes" "no" 客户端启用状态,yes为启用,no为停用 |
| name required | string [ 4 .. 15 ] characters ^l2tp[a-zA-Z0-9_-]*$ 客户端名称(必须以l2tp开头) |
| comment required | string [ 0 .. 64 ] characters 备注信息,最多64个字符,不支持特殊字符 |
| server required | string [ 1 .. 128 ] characters L2TP服务器地址 |
| server_port required | integer [ 1 .. 65535 ] Default: 1701 L2TP服务器端口 |
| username required | string [ 1 .. 100 ] characters 用户名 |
| passwd required | string [ 1 .. 64 ] characters 密码 |
| ipsec_secret required | string <= 64 characters IPSec预共享密钥(可选为空) |
| interface required | string [ 1 .. 20 ] characters ^[a-zA-Z0-9_-]+$ 绑定的网络接口 |
| leftid required | string <= 100 characters IPSec本地标识符(可选为空) |
| rightid required | string <= 100 characters IPSec对端标识符(可选为空) |
| mtu required | integer [ 1000 .. 1492 ] Default: 1400 MTU值 |
| mru required | integer [ 1000 .. 1492 ] Default: 1400 MRU值 |
| check_link_mode required | integer [ 1 .. 6 ] Default: 1 Enum: 1 2 3 4 5 6 线路检测模式 |
| check_link_host required | string Default: "www.baidu.com" 线路检测地址 |
| timing_rst_switch required | integer Default: 0 Enum: 0 1 定时重拨开关,0为关闭,1为开启 |
| timing_rst_week required | string^[1-7]+$ Default: "1234567" 定时重拨星期设置(1-7代表周一到周日,timing_rst_switch=1时必填) |
| timing_rst_time required | string^([0-1]?[0-9]|2[0-3]):[0-5][0-9]$ Default: "12:00" 定时重拨时间(HH:MM格式,timing_rst_switch=1时必填) |
| cycle_rst_time required | integer [ 0 .. 500000 ] Default: 0 周期重连时间(分钟),0表示无限 |
{- "id": 1,
- "enabled": "yes",
- "name": "l2tp1",
- "comment": "主办公室L2TP_VPN连接",
- "server": "vpn.example.com",
- "server_port": 1701,
- "username": "vpnuser",
- "passwd": "vpnpassword123",
- "ipsec_secret": "ipseckey123",
- "interface": "wan1",
- "leftid": "locall2tp",
- "rightid": "remotel2tp",
- "mtu": 1400,
- "mru": 1400,
- "check_link_mode": 1,
- "check_link_host": "www.baidu.com",
- "timing_rst_switch": 0,
- "timing_rst_week": "1234567",
- "timing_rst_time": "12:00",
- "cycle_rst_time": 0
}{- "code": 0,
- "message": "Success"
}部分更新现有的L2TP客户端配置。 主要用于启用/停用客户端状态。
| id required | integer <int64> >= 1 Example: 1 L2TP客户端ID |
部分更新数据(如启用状态)
| enabled required | string Enum: "yes" "no" 客户端启用状态 |
{- "enabled": "yes"
}{- "code": 0,
- "message": "Success"
}获取所有OpenVPN客户端配置列表。 支持分页、排序、模糊匹配和过滤功能。
| page | integer >= 1 Default: 1 Example: page=1 页码(从1开始) |
| limit | integer >= 1 Default: 20 Example: limit=20 每页记录数 |
| order | string Default: "asc" Enum: "asc" "desc" Example: order=asc 排序方向,asc为升序(默认),desc为降序 |
| order_by | string Default: "id" Example: order_by=id 排序字段,支持id、name、remote_addr、interface等字段 |
| key | string Enum: "name" "comment" "remote_addr" "interface" "username" "proto" "dev_type" "cipher" Example: key=name 模糊匹配字段名称,与 pattern 参数联合使用 |
| pattern | string Example: pattern=test 模糊匹配内容,与 key 参数联合使用 |
| filter | string Example: filter=enabled==yes 过滤条件,支持精确匹配和多条件组合。 支持的操作符:==、!=、>、>=、<、<= 多条件连接语法:
使用示例:
|
{- "message": "Success",
- "results": {
- "total": 25,
- "data": [
- {
- "id": 1,
- "name": "ovpn_office",
- "comment": "主办公室OpenVPN连接",
- "remote_addr": "vpn.ikuai.cn",
- "remote_port": 1194,
- "username": "vpnuser",
- "password": "vpnpassword",
- "interface": "wan1",
- "enabled": "yes",
- "proto": "udp",
- "dev_type": "tun",
- "cipher": "AES-256-CBC",
- "method": 0,
- "tls_auth": "",
- "ca": "-----BEGIN#CERTIFICATE-----@MIIDQTCCAimgAwIBAgIJAMqVcmi6/37xMA0GCSqGSIb3DQEBCwUAMDcxCzAJBgNV@BAYTAkNOMQ4wDAYDVQQKDAVpS3VhaTEYMBYGA1UEAwwPaUt1YWkgRGV2aWNlIENB@MB4XDTI2MDIwNjEwMzExMFoXDTM2MDIwNDEwMzExMFowNzELMAkGA1UEBhMCQ04x@DjAMBgNVBAoMBWlLdWFpMRgwFgYDVQQDDA9pS3VhaSBEZXZpY2UgQ0EwggEiMA0G@CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeCJGD4jX3PY5IdOYRv0gxfYPYikOc@hQkF5XAWQZgFxnuelDEkzl7RCOFVqsnwY/npOzI7VSsyLACPNkOdvyEvO+QGfRli@3zx0EfwRHGhLQbt/TDT0D9IZCab2oswdYjORtXcIe5dT3j2i8M2vv6wnJ7ip8GKu@ahfgJzakBZIRcQyEopTCmNbC5VAdCb/gQ0ezPnogPG6pbxxgE8OJIGH0+IgMFFTv@0wKVOCyHJgZNAZNnzP3yi5SCJvBnfU4wadXDAztGtq5El5l2lBP7s3KH65u0M/46@wo5NHyxZhn+M8S86EE4RkAeHI+1FqJASjW9ivNTRphFZMyW/Q4qbdEtrAgMBAAGj@UDBOMB0GA1UdDgQWBBRYp/q+2podeA2lc3khLBN+RGf+5TAfBgNVHSMEGDAWgBRY@p/q+2podeA2lc3khLBN+RGf+5TAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUA@A4IBAQCHj5mxVYnaQcvMpjpWdXBS6XVpdiRpuqzRoqOYEnhzXOwwqnJ/EkJwa0RH@wFZUZrQC9bbxnIz+9kmlQKoTwtzzd9GVZeb3JeU9fcd/1BJdRLRiqqXw1EW0+QOV@7NCP1NqVMUsornypW1Y0JPcNfcvx/+oQXIIsS3EjOn+ye3ZASSRNi6+4zXNX2l53@8revjpAVnww0FS/zDeFGD9c9n6aYxvLxqXaBgNO3eOb2EAQAuNwncOvXZ9hBY8rz@A9jTuDVM1inhzROPguwt+j2moZedLm8DRgQxHjIkVvIOsq/50ApOVlGBCHjGJsay@tj3+p42yHrbmuCKvE6cCc0m2fhpw@-----END#CERTIFICATE-----@",
- "cert": "-----BEGIN#CERTIFICATE-----@MIIDWjCCAkKgAwIBAgIJAOclientCertDemoMA0GCSqGSIb3DQEBCwUAMDcxCzAJ@BgNVBAYTAkNOMQ4wDAYDVQQKDAVpS3VhaTEYMBYGA1UEAwwPaUt1YWkgQ2xpZW50@Q0EwHhcNMjYwMjA2MTAzMTEwWhcNMzYwMjA0MTAzMTEwWjA6MQswCQYDVQQGEwJD@TjEOMAwGA1UECgwFaUt1YWkxGzAZBgNVBAMMEm9wZW52cG4tY2xpZW50LWNlcnQw@ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCclientCertDemoData@1111111111111111111111111111111111111111111111111111111111111111@2222222222222222222222222222222222222222222222222222222222222222@AgMBAAGjUDBOMB0GA1UdDgQWBBRclientCertDemo1111111111111111111111@MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAAzzzzyyyyxxxxwwww@1111111111111111111111111111111111111111111111111111111111111111@2222222222222222222222222222222222222222222222222222222222222222@-----END#CERTIFICATE-----@",
- "key": "-----BEGIN#RSA#PRIVATE#KEY-----@MIIEowIBAAKCAQEAsclientPrivateKeyDemoData1111111111111111111111111@2222222222222222222222222222222222222222222222222222222222222222@3333333333333333333333333333333333333333333333333333333333333333@AoIBAFclientPrivateKeyDemoPayload444444444444444444444444444444444@5555555555555555555555555555555555555555555555555555555555555555@6666666666666666666666666666666666666666666666666666666666666666@-----END#RSA#PRIVATE#KEY-----@",
- "redirect_gateway": "",
- "accept_push_route": "0",
- "route": "192.168.1.0/24",
- "comp_lzo": "1",
- "tun_mtu": 1400,
- "tunnel_ip": "10.8.0.2",
- "check_link_mode": 1,
- "check_link_host": "www.baidu.com",
- "timing_rst_switch": "0",
- "timing_rst_week": "",
- "timing_rst_time": "",
- "extra_config": ""
}
]
}
}添加新的OpenVPN客户端配置。
条件必填字段:
username、password:当 method=0(账号认证)时必填tls_auth、cert、key:当 method=1(tls-auth)或 method=2(tls-crypt)时必填timing_rst_week、timing_rst_time:当 timing_rst_switch=1 时必填ca:使用转义后的单行 PEM 字符串,原始换行替换为 @,原始空格替换为 #OpenVPN客户端配置数据
| enabled required | string Enum: "yes" "no" 客户端启用状态,yes为启用,no为停用 |
| name required | string [ 5 .. 15 ] characters ^ovpn[0-9A-Za-z_]{1,11}$ 客户端连接名称,必须以ovpn开头,仅支持英文、数字、下划线,5-15字符,不可重复 |
| comment | string <= 64 characters 备注信息,最多64个字符 |
| remote_addr required | string OpenVPN服务器地址,支持IPv4、IPv6或域名 |
| remote_port required | integer [ 1 .. 65535 ] OpenVPN服务器端口 |
| method required | integer Enum: 0 1 2 认证方式,0=账号认证,1=tls-auth,2=tls-crypt |
| username | string <= 60 characters 用户名,method=0时必填 |
| password | string <= 64 characters 密码,method=0时必填 |
| interface required | string 绑定的网络接口,auto表示自动选择,或指定WAN接口名称 |
| proto required | string Enum: "udp" "tcp" 传输协议 |
| dev_type required | string Enum: "tun" "tap" 设备类型 |
| cipher required | string Enum: "BF-CBC" "BF-CFB" "BF-OFB" "DES-CFB" "DES-CBC" "RC2-CBC" "RC2-CFB" "RC2-OFB" "DES-EDE-CBC" "DES-EDE3-CBC" "DES-OFB" "DES-EDE-CFB" "DES-EDE3-CFB" "DES-EDE-OFB" "DES-EDE3-OFB" "DESX-CBC" "RC2-40-CBC" "CAST5-CBC" "CAST5-CFB" "CAST5-OFB" "RC2-64-CBC" "AES-128-CBC" "AES-128-OFB" "AES-128-CFB" "AES-192-CBC" "AES-192-OFB" "AES-192-CFB" "AES-256-CBC" "AES-256-OFB" "AES-256-CFB" "AES-128-CFB1" "AES-192-CFB1" "AES-256-CFB1" "AES-128-CFB8" "AES-192-CFB8" "AES-256-CFB8" "AES-256-GCM" "DES-CFB1" "DES-CFB8" "DES-EDE3-CFB1" "DES-EDE3-CFB8" "SEED-CBC" "SEED-OFB" "SEED-CFB" "none" 加密算法 |
| tls_auth | string 静态密钥,method=1或method=2时必填 |
| ca required | string CA证书,使用转义后的单行 PEM 字符串传递:
|
| cert | string 客户端证书,method=1 或 method=2 时必填,使用转义后的单行 PEM 字符串传递:
|
| key | string 客户端私钥,method=1 或 method=2 时必填,使用转义后的单行 PEM 字符串传递:
|
| redirect_gateway | string 重定向网关,1为开启 |
| accept_push_route required | string Enum: "0" "1" 是否接受路由推送,0为拒绝,1为接受 |
| route | string 自定义路由,多条逗号分隔,格式为IP/掩码 |
| comp_lzo required | string Enum: "0" "1" LZO压缩,0为关闭,1为开启 |
| tun_mtu required | integer [ 1000 .. 1500 ] 隧道MTU |
| check_link_mode required | integer Enum: 1 2 3 4 5 6 线路检测模式 |
| check_link_host required | string 线路检测地址,支持IPv4或域名 |
| timing_rst_switch required | string Enum: "" "0" "1" 定时重拨开关,空或0为关闭,1为开启 |
| timing_rst_week | string 定时重拨星期,timing_rst_switch=1时必填,1-7代表周一到周日 |
| timing_rst_time | string 定时重拨时间,timing_rst_switch=1时必填,HH:MM格式 |
| extra_config | string 附加配置参数 |
{- "enabled": "yes",
- "name": "ovpn_office",
- "comment": "主办公室OpenVPN连接",
- "remote_addr": "vpn.ikuai.cn",
- "remote_port": 1194,
- "method": 0,
- "username": "vpnuser",
- "password": "vpnpassword",
- "interface": "wan1",
- "proto": "udp",
- "dev_type": "tun",
- "cipher": "AES-256-CBC",
- "comp_lzo": "1",
- "tun_mtu": 1400,
- "ca": "-----BEGIN#CERTIFICATE-----@MIIDQTCCAimgAwIBAgIJAMqVcmi6/37xMA0GCSqGSIb3DQEBCwUAMDcxCzAJBgNV@BAYTAkNOMQ4wDAYDVQQKDAVpS3VhaTEYMBYGA1UEAwwPaUt1YWkgRGV2aWNlIENB@MB4XDTI2MDIwNjEwMzExMFoXDTM2MDIwNDEwMzExMFowNzELMAkGA1UEBhMCQ04x@DjAMBgNVBAoMBWlLdWFpMRgwFgYDVQQDDA9pS3VhaSBEZXZpY2UgQ0EwggEiMA0G@CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeCJGD4jX3PY5IdOYRv0gxfYPYikOc@hQkF5XAWQZgFxnuelDEkzl7RCOFVqsnwY/npOzI7VSsyLACPNkOdvyEvO+QGfRli@3zx0EfwRHGhLQbt/TDT0D9IZCab2oswdYjORtXcIe5dT3j2i8M2vv6wnJ7ip8GKu@ahfgJzakBZIRcQyEopTCmNbC5VAdCb/gQ0ezPnogPG6pbxxgE8OJIGH0+IgMFFTv@0wKVOCyHJgZNAZNnzP3yi5SCJvBnfU4wadXDAztGtq5El5l2lBP7s3KH65u0M/46@wo5NHyxZhn+M8S86EE4RkAeHI+1FqJASjW9ivNTRphFZMyW/Q4qbdEtrAgMBAAGj@UDBOMB0GA1UdDgQWBBRYp/q+2podeA2lc3khLBN+RGf+5TAfBgNVHSMEGDAWgBRY@p/q+2podeA2lc3khLBN+RGf+5TAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUA@A4IBAQCHj5mxVYnaQcvMpjpWdXBS6XVpdiRpuqzRoqOYEnhzXOwwqnJ/EkJwa0RH@wFZUZrQC9bbxnIz+9kmlQKoTwtzzd9GVZeb3JeU9fcd/1BJdRLRiqqXw1EW0+QOV@7NCP1NqVMUsornypW1Y0JPcNfcvx/+oQXIIsS3EjOn+ye3ZASSRNi6+4zXNX2l53@8revjpAVnww0FS/zDeFGD9c9n6aYxvLxqXaBgNO3eOb2EAQAuNwncOvXZ9hBY8rz@A9jTuDVM1inhzROPguwt+j2moZedLm8DRgQxHjIkVvIOsq/50ApOVlGBCHjGJsay@tj3+p42yHrbmuCKvE6cCc0m2fhpw@-----END#CERTIFICATE-----@",
- "accept_push_route": "0",
- "route": "",
- "timing_rst_switch": "0",
- "check_link_mode": 1,
- "check_link_host": "www.baidu.com",
- "extra_config": ""
}{- "message": "Success"
}根据ID获取单个OpenVPN客户端的详细配置信息。
| id required | integer <int64> >= 1 Example: 1 OpenVPN客户端ID |
{- "message": "Success",
- "results": {
- "total": 1,
- "data": [
- {
- "id": 1,
- "name": "ovpn_office",
- "comment": "主办公室OpenVPN连接",
- "remote_addr": "vpn.ikuai.cn",
- "remote_port": 1194,
- "username": "vpnuser",
- "password": "vpnpassword",
- "interface": "wan1",
- "enabled": "yes",
- "proto": "udp",
- "dev_type": "tun",
- "cipher": "AES-256-CBC",
- "method": 0,
- "tls_auth": "",
- "ca": "-----BEGIN#CERTIFICATE-----@MIIDQTCCAimgAwIBAgIJAMqVcmi6/37xMA0GCSqGSIb3DQEBCwUAMDcxCzAJBgNV@BAYTAkNOMQ4wDAYDVQQKDAVpS3VhaTEYMBYGA1UEAwwPaUt1YWkgRGV2aWNlIENB@MB4XDTI2MDIwNjEwMzExMFoXDTM2MDIwNDEwMzExMFowNzELMAkGA1UEBhMCQ04x@DjAMBgNVBAoMBWlLdWFpMRgwFgYDVQQDDA9pS3VhaSBEZXZpY2UgQ0EwggEiMA0G@CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeCJGD4jX3PY5IdOYRv0gxfYPYikOc@hQkF5XAWQZgFxnuelDEkzl7RCOFVqsnwY/npOzI7VSsyLACPNkOdvyEvO+QGfRli@3zx0EfwRHGhLQbt/TDT0D9IZCab2oswdYjORtXcIe5dT3j2i8M2vv6wnJ7ip8GKu@ahfgJzakBZIRcQyEopTCmNbC5VAdCb/gQ0ezPnogPG6pbxxgE8OJIGH0+IgMFFTv@0wKVOCyHJgZNAZNnzP3yi5SCJvBnfU4wadXDAztGtq5El5l2lBP7s3KH65u0M/46@wo5NHyxZhn+M8S86EE4RkAeHI+1FqJASjW9ivNTRphFZMyW/Q4qbdEtrAgMBAAGj@UDBOMB0GA1UdDgQWBBRYp/q+2podeA2lc3khLBN+RGf+5TAfBgNVHSMEGDAWgBRY@p/q+2podeA2lc3khLBN+RGf+5TAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUA@A4IBAQCHj5mxVYnaQcvMpjpWdXBS6XVpdiRpuqzRoqOYEnhzXOwwqnJ/EkJwa0RH@wFZUZrQC9bbxnIz+9kmlQKoTwtzzd9GVZeb3JeU9fcd/1BJdRLRiqqXw1EW0+QOV@7NCP1NqVMUsornypW1Y0JPcNfcvx/+oQXIIsS3EjOn+ye3ZASSRNi6+4zXNX2l53@8revjpAVnww0FS/zDeFGD9c9n6aYxvLxqXaBgNO3eOb2EAQAuNwncOvXZ9hBY8rz@A9jTuDVM1inhzROPguwt+j2moZedLm8DRgQxHjIkVvIOsq/50ApOVlGBCHjGJsay@tj3+p42yHrbmuCKvE6cCc0m2fhpw@-----END#CERTIFICATE-----@",
- "cert": "-----BEGIN#CERTIFICATE-----@MIIDWjCCAkKgAwIBAgIJAOclientCertDemoMA0GCSqGSIb3DQEBCwUAMDcxCzAJ@BgNVBAYTAkNOMQ4wDAYDVQQKDAVpS3VhaTEYMBYGA1UEAwwPaUt1YWkgQ2xpZW50@Q0EwHhcNMjYwMjA2MTAzMTEwWhcNMzYwMjA0MTAzMTEwWjA6MQswCQYDVQQGEwJD@TjEOMAwGA1UECgwFaUt1YWkxGzAZBgNVBAMMEm9wZW52cG4tY2xpZW50LWNlcnQw@ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCclientCertDemoData@1111111111111111111111111111111111111111111111111111111111111111@2222222222222222222222222222222222222222222222222222222222222222@AgMBAAGjUDBOMB0GA1UdDgQWBBRclientCertDemo1111111111111111111111@MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAAzzzzyyyyxxxxwwww@1111111111111111111111111111111111111111111111111111111111111111@2222222222222222222222222222222222222222222222222222222222222222@-----END#CERTIFICATE-----@",
- "key": "-----BEGIN#RSA#PRIVATE#KEY-----@MIIEowIBAAKCAQEAsclientPrivateKeyDemoData1111111111111111111111111@2222222222222222222222222222222222222222222222222222222222222222@3333333333333333333333333333333333333333333333333333333333333333@AoIBAFclientPrivateKeyDemoPayload444444444444444444444444444444444@5555555555555555555555555555555555555555555555555555555555555555@6666666666666666666666666666666666666666666666666666666666666666@-----END#RSA#PRIVATE#KEY-----@",
- "redirect_gateway": "",
- "accept_push_route": "0",
- "route": "192.168.1.0/24",
- "comp_lzo": "1",
- "tun_mtu": 1400,
- "tunnel_ip": "10.8.0.2",
- "check_link_mode": 1,
- "check_link_host": "www.baidu.com",
- "timing_rst_switch": "0",
- "timing_rst_week": "",
- "timing_rst_time": "",
- "extra_config": ""
}
]
}
}完全更新现有的OpenVPN客户端配置。
注意: 本接口为全量修改,请求时需传入所有字段。无需修改的字段请保持原值或传空值,未传入的字段可能被重置。
| id required | integer <int64> >= 1 Example: 1 OpenVPN客户端ID |
完整的OpenVPN客户端配置数据
| id required | integer <int64> >= 1 客户端ID |
| enabled required | string Enum: "yes" "no" 客户端启用状态,yes为启用,no为停用 |
| name required | string [ 5 .. 15 ] characters ^ovpn[0-9A-Za-z_]{1,11}$ 客户端连接名称,必须以ovpn开头,仅支持英文、数字、下划线,5-15字符,不可重复 |
| comment required | string <= 64 characters 备注信息,最多64个字符 |
| remote_addr required | string OpenVPN服务器地址,支持IPv4、IPv6或域名 |
| remote_port required | integer [ 1 .. 65535 ] OpenVPN服务器端口 |
| method required | integer Enum: 0 1 2 认证方式,0=账号认证,1=tls-auth,2=tls-crypt |
| username required | string <= 60 characters 用户名,method=0时必填 |
| password required | string <= 64 characters 密码,method=0时必填 |
| interface required | string 绑定的网络接口,auto表示自动选择,或指定WAN接口名称 |
| proto required | string Enum: "udp" "tcp" 传输协议 |
| dev_type required | string Enum: "tun" "tap" 设备类型 |
| cipher required | string Enum: "BF-CBC" "BF-CFB" "BF-OFB" "DES-CFB" "DES-CBC" "RC2-CBC" "RC2-CFB" "RC2-OFB" "DES-EDE-CBC" "DES-EDE3-CBC" "DES-OFB" "DES-EDE-CFB" "DES-EDE3-CFB" "DES-EDE-OFB" "DES-EDE3-OFB" "DESX-CBC" "RC2-40-CBC" "CAST5-CBC" "CAST5-CFB" "CAST5-OFB" "RC2-64-CBC" "AES-128-CBC" "AES-128-OFB" "AES-128-CFB" "AES-192-CBC" "AES-192-OFB" "AES-192-CFB" "AES-256-CBC" "AES-256-OFB" "AES-256-CFB" "AES-128-CFB1" "AES-192-CFB1" "AES-256-CFB1" "AES-128-CFB8" "AES-192-CFB8" "AES-256-CFB8" "AES-256-GCM" "DES-CFB1" "DES-CFB8" "DES-EDE3-CFB1" "DES-EDE3-CFB8" "SEED-CBC" "SEED-OFB" "SEED-CFB" "none" 加密算法 |
| tls_auth required | string 静态密钥,method=1或method=2时必填 |
| ca required | string CA证书,使用转义后的单行 PEM 字符串传递:
|
| cert required | string 客户端证书,method=1 或 method=2 时必填,使用转义后的单行 PEM 字符串传递:
|
| key required | string 客户端私钥,method=1 或 method=2 时必填,使用转义后的单行 PEM 字符串传递:
|
| accept_push_route required | string Enum: "0" "1" 是否接受路由推送,0为拒绝,1为接受 |
| route required | string 自定义路由,多条逗号分隔,格式为IP/掩码 |
| comp_lzo required | string Enum: "0" "1" LZO压缩,0为关闭,1为开启 |
| tun_mtu required | integer [ 1000 .. 1500 ] 隧道MTU |
| check_link_mode required | integer Enum: 1 2 3 4 5 6 线路检测模式 |
| check_link_host required | string 线路检测地址,支持IPv4或域名 |
| timing_rst_switch required | string Enum: "" "0" "1" 定时重拨开关,空或0为关闭,1为开启 |
| timing_rst_week required | string 定时重拨星期,timing_rst_switch=1时必填,1-7代表周一到周日 |
| timing_rst_time required | string 定时重拨时间,timing_rst_switch=1时必填,HH:MM格式 |
| extra_config required | string 附加配置参数 |
{- "id": 1,
- "enabled": "yes",
- "name": "ovpn_office",
- "comment": "主办公室OpenVPN连接",
- "remote_addr": "vpn.ikuai.cn",
- "remote_port": 1194,
- "method": 0,
- "username": "vpnuser",
- "password": "vpnpassword",
- "interface": "wan1",
- "proto": "udp",
- "dev_type": "tun",
- "cipher": "AES-256-CBC",
- "tls_auth": "",
- "ca": "-----BEGIN#CERTIFICATE-----@MIIDQTCCAimgAwIBAgIJAMqVcmi6/37xMA0GCSqGSIb3DQEBCwUAMDcxCzAJBgNV@BAYTAkNOMQ4wDAYDVQQKDAVpS3VhaTEYMBYGA1UEAwwPaUt1YWkgRGV2aWNlIENB@MB4XDTI2MDIwNjEwMzExMFoXDTM2MDIwNDEwMzExMFowNzELMAkGA1UEBhMCQ04x@DjAMBgNVBAoMBWlLdWFpMRgwFgYDVQQDDA9pS3VhaSBEZXZpY2UgQ0EwggEiMA0G@CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeCJGD4jX3PY5IdOYRv0gxfYPYikOc@hQkF5XAWQZgFxnuelDEkzl7RCOFVqsnwY/npOzI7VSsyLACPNkOdvyEvO+QGfRli@3zx0EfwRHGhLQbt/TDT0D9IZCab2oswdYjORtXcIe5dT3j2i8M2vv6wnJ7ip8GKu@ahfgJzakBZIRcQyEopTCmNbC5VAdCb/gQ0ezPnogPG6pbxxgE8OJIGH0+IgMFFTv@0wKVOCyHJgZNAZNnzP3yi5SCJvBnfU4wadXDAztGtq5El5l2lBP7s3KH65u0M/46@wo5NHyxZhn+M8S86EE4RkAeHI+1FqJASjW9ivNTRphFZMyW/Q4qbdEtrAgMBAAGj@UDBOMB0GA1UdDgQWBBRYp/q+2podeA2lc3khLBN+RGf+5TAfBgNVHSMEGDAWgBRY@p/q+2podeA2lc3khLBN+RGf+5TAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUA@A4IBAQCHj5mxVYnaQcvMpjpWdXBS6XVpdiRpuqzRoqOYEnhzXOwwqnJ/EkJwa0RH@wFZUZrQC9bbxnIz+9kmlQKoTwtzzd9GVZeb3JeU9fcd/1BJdRLRiqqXw1EW0+QOV@7NCP1NqVMUsornypW1Y0JPcNfcvx/+oQXIIsS3EjOn+ye3ZASSRNi6+4zXNX2l53@8revjpAVnww0FS/zDeFGD9c9n6aYxvLxqXaBgNO3eOb2EAQAuNwncOvXZ9hBY8rz@A9jTuDVM1inhzROPguwt+j2moZedLm8DRgQxHjIkVvIOsq/50ApOVlGBCHjGJsay@tj3+p42yHrbmuCKvE6cCc0m2fhpw@-----END#CERTIFICATE-----@",
- "cert": "-----BEGIN#CERTIFICATE-----@MIIDWjCCAkKgAwIBAgIJAOclientCertDemoMA0GCSqGSIb3DQEBCwUAMDcxCzAJ@BgNVBAYTAkNOMQ4wDAYDVQQKDAVpS3VhaTEYMBYGA1UEAwwPaUt1YWkgQ2xpZW50@Q0EwHhcNMjYwMjA2MTAzMTEwWhcNMzYwMjA0MTAzMTEwWjA6MQswCQYDVQQGEwJD@TjEOMAwGA1UECgwFaUt1YWkxGzAZBgNVBAMMEm9wZW52cG4tY2xpZW50LWNlcnQw@ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCclientCertDemoData@1111111111111111111111111111111111111111111111111111111111111111@2222222222222222222222222222222222222222222222222222222222222222@AgMBAAGjUDBOMB0GA1UdDgQWBBRclientCertDemo1111111111111111111111@MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAAzzzzyyyyxxxxwwww@1111111111111111111111111111111111111111111111111111111111111111@2222222222222222222222222222222222222222222222222222222222222222@-----END#CERTIFICATE-----@",
- "key": "-----BEGIN#RSA#PRIVATE#KEY-----@MIIEowIBAAKCAQEAsclientPrivateKeyDemoData1111111111111111111111111@2222222222222222222222222222222222222222222222222222222222222222@3333333333333333333333333333333333333333333333333333333333333333@AoIBAFclientPrivateKeyDemoPayload444444444444444444444444444444444@5555555555555555555555555555555555555555555555555555555555555555@6666666666666666666666666666666666666666666666666666666666666666@-----END#RSA#PRIVATE#KEY-----@",
- "accept_push_route": "0",
- "route": "",
- "comp_lzo": "1",
- "tun_mtu": 1400,
- "check_link_mode": 1,
- "check_link_host": "www.baidu.com",
- "timing_rst_switch": "0",
- "timing_rst_week": "",
- "timing_rst_time": "",
- "extra_config": ""
}{- "code": 0,
- "message": "success"
}部分更新现有的OpenVPN客户端配置。 主要用于启用/停用客户端状态。
| id required | integer <int64> >= 1 Example: 1 OpenVPN客户端ID |
部分更新数据(如启用状态)
| enabled required | string Enum: "yes" "no" 客户端启用状态 |
{- "enabled": "yes"
}{- "code": 0,
- "message": "success"
}获取所有PPTP客户端配置列表。 支持分页、排序、模糊匹配和过滤功能。
| page | integer >= 1 Default: 1 Example: page=1 页码(从1开始) |
| limit | integer >= 1 Default: 20 Example: limit=20 每页记录数 |
| order | string Default: "asc" Enum: "asc" "desc" Example: order=asc 排序方向,asc为升序(默认),desc为降序 |
| order_by | string Default: "id" Example: order_by=id 排序字段,支持id、name、server、interface等字段 |
| key | string Enum: "name" "comment" "server" "interface" "username" Example: key=name 模糊匹配字段名称,与 pattern 参数联合使用 |
| pattern | string Example: pattern=test 模糊匹配内容,与 key 参数联合使用 |
| filter | string Example: filter=enabled==yes 过滤条件,支持精确匹配和多条件组合。 支持的操作符:==、!=、>、>=、<、<= 多条件连接语法:
使用示例:
|
{- "message": "Success",
- "results": {
- "total": 25,
- "data": [
- {
- "id": 1,
- "enabled": "yes",
- "name": "pptp_office",
- "comment": "主办公室PPTP连接",
- "server": "vpn.ikuai.cn",
- "server_port": 1723,
- "username": "vpnuser",
- "passwd": "vpnpassword123",
- "interface": "wan1",
- "download": 0,
- "mtu": 1400,
- "mru": 1400,
- "check_link_mode": 2,
- "check_link_host": "www.baidu.com",
- "timing_rst_switch": 0,
- "timing_rst_week": "1234567",
- "timing_rst_time": "12:00",
- "cycle_rst_time": 0,
- "mppe": "",
- "updatetime": "",
- "dns1": "",
- "dns2": "",
- "ip_addr": "",
- "gateway": ""
}
]
}
}添加新的PPTP VPN客户端配置。 支持定时重拨功能。
PPTP客户端配置数据
| enabled required | string Enum: "yes" "no" 客户端启用状态,yes为启用,no为停用 |
| name required | string <= 64 characters ^pptp 拨号名称,必须以pptp开头,唯一 |
| comment | string 备注信息,最多64个字符,不支持特殊字符 |
| server required | string [ 1 .. 128 ] characters PPTP服务器地址 |
| server_port required | integer [ 1 .. 65535 ] Default: 1723 PPTP服务器端口,不传则默认1723 |
| username required | string [ 1 .. 128 ] characters 用户名 |
| passwd required | string [ 1 .. 64 ] characters 密码 |
| interface required | string 绑定的网络接口,auto为自动选择,或指定WAN接口名 |
| mtu required | integer [ 1000 .. 1492 ] MTU值 |
| mru required | integer [ 1000 .. 1492 ] MRU值 |
| check_link_mode required | integer Default: 2 Enum: 0 1 2 3 4 5 6 线路检测模式:0关闭,1 HTTP+网关,2 PING+网关,3 HTTP+PING+网关,4 HTTP,5 PING,6 HTTP+PING |
| check_link_host required | string Default: "www.baidu.com" 线路检测地址 |
| timing_rst_switch required | integer Default: 0 Enum: 0 1 定时重拨开关,0为关闭,1为开启 |
| timing_rst_week required | string^[1-7]+$ Default: "1234567" 定时重拨星期设置(1-7代表周一到周日),timing_rst_switch=1时必填 |
| timing_rst_time required | string^([0-1]?[0-9]|2[0-3]):[0-5][0-9]$ Default: "12:00" 定时重拨时间(HH:MM格式),timing_rst_switch=1时必填 |
| cycle_rst_time required | integer [ 0 .. 500000 ] Default: 0 周期重连时间(分钟),0表示无限 |
{- "enabled": "yes",
- "name": "pptp_office",
- "comment": "主办公室PPTP连接",
- "server": "vpn.ikuai.cn",
- "server_port": 1723,
- "username": "vpnuser",
- "passwd": "vpnpassword123",
- "interface": "wan1",
- "mtu": 1400,
- "mru": 1400,
- "check_link_mode": 2,
- "check_link_host": "www.baidu.com",
- "timing_rst_switch": 0,
- "timing_rst_week": "1234567",
- "timing_rst_time": "12:00",
- "cycle_rst_time": 0
}{- "code": 0,
- "message": "Success"
}根据ID获取单个PPTP客户端的详细配置信息。 需要提供有效的客户端ID。
| id required | integer <int64> >= 1 Example: 1 PPTP客户端ID |
{- "message": "Success",
- "results": {
- "total": 1,
- "data": [
- {
- "id": 1,
- "enabled": "yes",
- "name": "pptp_office",
- "comment": "主办公室PPTP连接",
- "server": "vpn.ikuai.cn",
- "server_port": 1723,
- "username": "vpnuser",
- "passwd": "vpnpassword123",
- "interface": "wan1",
- "download": 0,
- "mtu": 1400,
- "mru": 1400,
- "check_link_mode": 2,
- "check_link_host": "www.baidu.com",
- "timing_rst_switch": 0,
- "timing_rst_week": "1234567",
- "timing_rst_time": "12:00",
- "cycle_rst_time": 0,
- "mppe": "",
- "updatetime": "",
- "dns1": "",
- "dns2": "",
- "ip_addr": "",
- "gateway": ""
}
]
}
}完全更新现有的PPTP客户端配置。
注意: 本接口为全量修改,请求时需传入所有字段。无需修改的字段请保持原值或传空值,未传入的字段可能被重置。
| id required | integer <int64> >= 1 Example: 1 PPTP客户端ID |
完整的PPTP客户端配置数据
| id required | integer <int64> >= 1 客户端ID |
| enabled required | string Enum: "yes" "no" 客户端启用状态,yes为启用,no为停用 |
| name required | string [ 5 .. 15 ] characters ^pptp[0-9A-Za-z_]{1,11}$ 拨号名称,必须以pptp开头,唯一 |
| comment required | string 备注信息,最多64个字符,不支持特殊字符 |
| server required | string [ 1 .. 128 ] characters PPTP服务器地址 |
| server_port required | integer [ 1 .. 65535 ] Default: 1723 PPTP服务器端口 |
| username required | string [ 1 .. 128 ] characters 用户名 |
| passwd required | string [ 1 .. 64 ] characters 密码 |
| interface required | string 绑定的网络接口,auto为自动选择,或指定WAN接口名 |
| mtu required | integer [ 1000 .. 1492 ] MTU值 |
| mru required | integer [ 1000 .. 1492 ] MRU值 |
| check_link_mode required | integer Default: 1 Enum: 1 2 3 4 5 6 线路检测模式:1 HTTP+网关,2 PING+网关,3 HTTP+PING+网关,4 HTTP,5 PING,6 HTTP+PING |
| check_link_host required | string Default: "www.baidu.com" 线路检测地址 |
| timing_rst_switch required | integer Default: 0 Enum: 0 1 定时重拨开关,0为关闭,1为开启 |
| timing_rst_week required | string^[1-7]+$ Default: "1234567" 定时重拨星期设置(1-7代表周一到周日),timing_rst_switch=1时必填 |
| timing_rst_time required | string^([0-1]?[0-9]|2[0-3]):[0-5][0-9]$ Default: "12:00" 定时重拨时间(HH:MM格式),timing_rst_switch=1时必填 |
| cycle_rst_time required | integer [ 0 .. 500000 ] Default: 0 周期重连时间(分钟),0表示无限 |
{- "id": 1,
- "enabled": "yes",
- "name": "pptp_office",
- "comment": "主办公室PPTP连接",
- "server": "vpn.ikuai.cn",
- "server_port": 1723,
- "username": "vpnuser",
- "passwd": "vpnpassword123",
- "interface": "wan1",
- "mtu": 1400,
- "mru": 1400,
- "check_link_mode": 1,
- "check_link_host": "www.baidu.com",
- "timing_rst_switch": 0,
- "timing_rst_week": "1234567",
- "timing_rst_time": "12:00",
- "cycle_rst_time": 0
}{- "code": 0,
- "message": "Success"
}部分更新现有的PPTP客户端配置。 主要用于启用/停用客户端状态。
| id required | integer <int64> >= 1 Example: 1 PPTP客户端ID |
部分更新数据(如启用状态)
| enabled required | string Enum: "yes" "no" 客户端启用状态 |
{- "enabled": "yes"
}{- "code": 0,
- "message": "Success"
}获取所有WireGuard接口配置列表。 支持分页、排序、模糊匹配和过滤功能。
| page | integer >= 1 Default: 1 Example: page=1 页码(从1开始) |
| limit | integer >= 1 Default: 20 Example: limit=20 每页记录数 |
| order | string Default: "asc" Enum: "asc" "desc" Example: order=asc 排序方向,asc为升序(默认),desc为降序 |
| order_by | string Default: "id" Example: order_by=id 排序字段,支持id、name、interface、local_address等字段 |
| key | string Enum: "name" "interface" "local_address" "local_publickey" "local_listenport" Example: key=name 模糊匹配字段名称,支持name、interface、local_address等字段 |
| pattern | string Example: pattern=test 模糊匹配内容 |
| filter | string Example: filter=enabled==yes 过滤条件,支持精确匹配和多条件组合。 支持的操作符:==、!=、>、>=、<、<= 多条件连接语法:
使用示例:
|
{- "message": "Success",
- "results": {
- "iface_total": 3,
- "iface_data": [
- {
- "id": 1,
- "enabled": "yes",
- "name": "wg0",
- "interface": "wan1",
- "local_privatekey": "yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=",
- "local_publickey": "HIgo9xNzJMWLKASShiTqIybxZ0U3wGLiUeJ1PKf8ykw=",
- "local_address": "10.0.0.1/24",
- "local_listenport": 5000,
- "mtu": 1420
}
]
}
}添加新的WireGuard接口配置。 设置本地私钥、地址和监听端口等参数。
WireGuard接口配置数据
| enabled required | string Enum: "yes" "no" 接口启用状态,yes为启用,no为停用 |
| name required | string [ 2 .. 15 ] characters ^wg WG接口名 |
| interface required | string Default: "auto" Enum: "auto" "wan1" "wan2" "lan1" "lan2" 绑定的网络接口 |
| local_privatekey required | string = 44 characters ^[A-Za-z0-9+/]+={0,2}$ 本地私钥(Base64编码,44字符) |
| local_publickey required | string = 44 characters ^[A-Za-z0-9+/]+={0,2}$ 本地公钥(Base64编码,44字符) |
| local_address required | string^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3... 本地地址 |
| local_listenport required | integer [ 1 .. 65535 ] Default: 5000 本地监听端口 |
| mtu required | integer [ 1000 .. 1500 ] Default: 1420 MTU值 |
{- "enabled": "yes",
- "name": "wg0",
- "interface": "auto",
- "local_privatekey": "privatekey123",
- "local_publickey": "publickey123",
- "local_address": "10.0.0.1/24",
- "local_listenport": 5000,
- "mtu": 1420
}{- "code": 0,
- "message": "Success"
}根据ID获取单个WireGuard接口的详细配置信息。 需要提供有效的接口ID。
| wg_id required | integer <int64> >= 1 Example: 1 WireGuard接口ID |
{- "message": "Success",
- "results": {
- "total": 1,
- "data": [
- {
- "id": 1,
- "enabled": "yes",
- "comment": "分支机构隧道连接",
- "interface": "wan1",
- "peer_publickey": "HIgo9xNzJMWLKASShiTqIybxZ0U3wGLiUeJ1PKf8ykw=",
- "presharedkey": "",
- "allowips": "192.168.2.0/24",
- "endpoint": "remote.example.com",
- "endpoint_port": 5001,
- "keepalive": 10,
- "upload": "1024000",
- "download": "2048000"
}
], - "iface_total": 1,
- "iface_data": [
- {
- "id": 1,
- "enabled": "yes",
- "name": "wg0",
- "interface": "wan1",
- "local_privatekey": "yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=",
- "local_publickey": "HIgo9xNzJMWLKASShiTqIybxZ0U3wGLiUeJ1PKf8ykw=",
- "local_address": "10.0.0.1/24",
- "local_listenport": 5000,
- "mtu": 1420
}
], - "interface": [
- { }
], - "wg_iface": [
- "string"
]
}
}完全更新现有的WireGuard接口配置。
注意: 本接口为全量修改,请求时需传入所有字段。无需修改的字段请保持原值或传空值,未传入的字段可能被重置。
| wg_id required | integer <int64> >= 1 Example: 1 WireGuard接口ID |
完整的WireGuard接口配置数据
| enabled required | string Enum: "yes" "no" 接口启用状态,yes为启用,no为停用 |
| name required | string [ 2 .. 15 ] characters ^wg WG接口名 |
| interface required | string Default: "auto" Enum: "auto" "wan1" "wan2" "lan1" "lan2" 绑定的网络接口 |
| local_privatekey required | string = 44 characters ^[A-Za-z0-9+/]+={0,2}$ 本地私钥(Base64编码,44字符) |
| local_publickey required | string = 44 characters ^[A-Za-z0-9+/]+={0,2}$ 本地公钥(Base64编码,44字符) |
| local_address required | string^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3... 本地地址 |
| local_listenport required | integer [ 1 .. 65535 ] Default: 5000 本地监听端口 |
| mtu required | integer [ 1000 .. 1500 ] Default: 1420 MTU值 |
{- "enabled": "yes",
- "name": "wg0",
- "interface": "wan1",
- "local_privatekey": "yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=",
- "local_publickey": "HIgo9xNzJMWLKASShiTqIybxZ0U3wGLiUeJ1PKf8ykw=",
- "local_address": "10.0.0.1/24",
- "local_listenport": 5000,
- "mtu": 1420
}{- "code": 0,
- "message": "Success"
}部分更新现有的WireGuard接口配置。 主要用于启用/停用接口状态。
| wg_id required | integer <int64> >= 1 Example: 1 WireGuard接口ID |
部分更新数据(如启用状态)
| enabled required | string Enum: "yes" "no" 接口启用状态 |
{- "enabled": "yes"
}{- "code": 0,
- "message": "Success"
}获取所有WireGuard隧道配置列表。 支持分页、排序、模糊匹配和过滤功能。
| wg_id required | integer <int64> >= 1 Example: 1 WireGuard接口ID |
| page | integer >= 1 Default: 1 Example: page=1 页码(从1开始) |
| limit | integer >= 1 Default: 20 Example: limit=20 每页记录数 |
| order | string Default: "asc" Enum: "asc" "desc" Example: order=asc 排序方向,asc为升序(默认),desc为降序 |
| order_by | string Default: "id" Example: order_by=id 排序字段,支持id、name、interface、local_address等字段 |
| key | string Enum: "comment" "interface" "peer_publickey" "allowips" "endpoint" Example: key=comment 模糊匹配字段名称,支持comment、interface、peer_publickey等字段 |
| pattern | string Example: pattern=test 模糊匹配内容 |
| filter | string Example: filter=enabled==yes 过滤条件,支持精确匹配和多条件组合。 支持的操作符:==、!=、>、>=、<、<= 多条件连接语法:
使用示例:
|
{- "message": "Success",
- "results": {
- "total": 25,
- "data": [
- {
- "id": 1,
- "enabled": "yes",
- "comment": "分支机构隧道连接",
- "interface": "wan1",
- "peer_publickey": "HIgo9xNzJMWLKASShiTqIybxZ0U3wGLiUeJ1PKf8ykw=",
- "presharedkey": "",
- "allowips": "192.168.2.0/24",
- "endpoint": "remote.example.com",
- "endpoint_port": 5001,
- "keepalive": 10,
- "upload": "1024000",
- "download": "2048000"
}
]
}
}添加新的WireGuard隧道配置。 设置对端公钥、允许访问IP和端点等参数。
| wg_id required | integer <int64> >= 1 Example: 1 WireGuard接口ID |
WireGuard隧道配置数据
| enabled required | string Enum: "yes" "no" 隧道启用状态,yes为启用,no为停用 |
| comment required | string <= 64 characters 备注信息,最多64个字符,不支持特殊字符 |
| interface required | string [ 1 .. 20 ] characters ^[a-zA-Z0-9_-]+$ 绑定的网络接口 |
| peer_publickey required | string = 44 characters ^[A-Za-z0-9+/]+={0,2}$ 对端公钥(Base64编码,44字符) |
| presharedkey | string <= 44 characters 预共享密钥(Base64编码,44字符,可选为空) |
| allowips required | string^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3... 允许访问的IP地址范围 |
| endpoint | string <hostname> 对端节点IP地址 |
| endpoint_port | integer [ 1 .. 65535 ] 对端端口(可选,为空或合法端口号) |
| keepalive required | integer [ 0 .. 500 ] 保活间隔(秒),范围 0-500,0 表示禁用 |
{- "enabled": "yes",
- "comment": "分支机构隧道连接",
- "interface": "wan1",
- "peer_publickey": "peerpublickey123",
- "presharedkey": "sharedsecret123",
- "allowips": "192.168.2.0/24",
- "endpoint": "remote.example.com",
- "endpoint_port": 5001,
- "keepalive": 10
}{- "code": 0,
- "message": "Success"
}根据ID获取单个WireGuard隧道的详细配置信息。 需要提供有效的隧道ID。
| wg_id required | integer <int64> >= 1 Example: 1 WireGuard接口ID |
| peer_id required | integer <int64> >= 1 Example: 1 WireGuard隧道ID |
{- "message": "Success",
- "results": {
- "total": 1,
- "data": [
- {
- "id": 1,
- "enabled": "yes",
- "comment": "分支机构隧道连接",
- "interface": "wan1",
- "peer_publickey": "HIgo9xNzJMWLKASShiTqIybxZ0U3wGLiUeJ1PKf8ykw=",
- "presharedkey": "",
- "allowips": "192.168.2.0/24",
- "endpoint": "remote.example.com",
- "endpoint_port": 5001,
- "keepalive": 10,
- "upload": "1024000",
- "download": "2048000"
}
]
}
}完全更新现有的WireGuard隧道配置。
注意: 本接口为全量修改,请求时需传入所有字段。无需修改的字段请保持原值或传空值,未传入的字段可能被重置。
| wg_id required | integer <int64> >= 1 Example: 1 WireGuard接口ID |
| peer_id required | integer <int64> >= 1 Example: 1 WireGuard隧道ID |
完整的WireGuard隧道配置数据
| enabled required | string Enum: "yes" "no" 隧道启用状态,yes为启用,no为停用 |
| comment required | string <= 64 characters 备注信息,最多64个字符,不支持特殊字符 |
| interface required | string [ 1 .. 20 ] characters ^[a-zA-Z0-9_-]+$ 绑定的网络接口 |
| peer_publickey required | string = 44 characters ^[A-Za-z0-9+/]+={0,2}$ 对端公钥(Base64编码,44字符) |
| presharedkey | string <= 44 characters 预共享密钥(Base64编码,44字符,可选为空) |
| allowips required | string^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3... 允许访问的IP地址范围 |
| endpoint | string <hostname> 对端节点IP地址 |
| endpoint_port | integer [ 1 .. 65535 ] 对端端口(可选,为空或合法端口号) |
| keepalive required | integer [ 0 .. 500 ] 保活间隔(秒),范围 0-500,0 表示禁用 |
{- "enabled": "yes",
- "comment": "分支机构隧道连接",
- "interface": "wan1",
- "peer_publickey": "HIgo9xNzJMWLKASShiTqIybxZ0U3wGLiUeJ1PKf8ykw=",
- "presharedkey": "",
- "allowips": "192.168.2.0/24",
- "endpoint": "remote.example.com",
- "endpoint_port": 5001,
- "keepalive": 10
}{- "code": 0,
- "message": "Success"
}部分更新现有的WireGuard隧道配置。 主要用于启用/停用隧道状态。
| wg_id required | integer <int64> >= 1 Example: 1 WireGuard接口ID |
| peer_id required | integer <int64> >= 1 Example: 1 WireGuard隧道ID |
部分更新数据(如启用状态)
| enabled required | string Enum: "yes" "no" 隧道启用状态 |
{- "enabled": "yes"
}{- "code": 0,
- "message": "Success"
}删除指定的WireGuard隧道配置。 删除后无法恢复,请谨慎操作。
| wg_id required | integer <int64> >= 1 Example: 1 WireGuard接口ID |
| peer_id required | integer <int64> >= 1 Example: 1 WireGuard隧道ID |
{- "code": 0,
- "message": "Success"
}