cloudflash-strongswan
List of strongswan APIs
| Verb | URI | Description |
|---|---|---|
| POST | /strongswan | Create strongswan configuration |
| GET | /strongswan/:id | List summary of strongswan configuration by ID |
| GET | /strongswan | List summary of strongswan configuration |
| PUT | /strongswan/:id | Modify strongswan configuration |
| DELETE | /strongswan/:id | Delete a strongswan configuration by ID |
| POST | /strongswan/:id/secrets | Create strongswan secrets configuration |
| GET | /strongswan/:id/secrets | List summary of strongswan secrets configuration |
| PUT | /strongswan/:id/secrets/:id | Modify strongswan secrets configuration |
| DELETE | /strongswan/:id/secrets/:secretsid | Delete a strongswan secrets configuration by ID |
| POST | /strongswan/:sid/rules | Create strongswan rules configuration |
| GET | /strongswan/:sid/rules | List summary of strongswan rules configuration |
| GET | /strongswan/:sid/rules/:id | List summary of strongswan rules configuration by ID |
| PUT | /strongswan/:sid/rules/:id | Modify strongswan rules configuration by ID |
| DELETE | /strongswan/:sid/rules/:rule | Delete a strongswan rules configuration by ID |
| POST | /strongswan/:id/ipsec | Create strongswan ipsec configuration. In ipsec request JSON provide "include" property value as created rules ID. EG: "conn-.conf" |
| GET | /strongswan/:id/ipsec | List summary of strongswan ipsec configuration |
| GET | /strongswan/:id/ipsec/:ipsecid | List summary of strongswan ipsec configuration by ID |
| PUT | /strongswan/:id/ipsec/:ipsecid | Modify strongswan ipsec configuration by ID |
| DELETE | /strongswan/:id/ipsec/:ipsecid | Delete a strongswan configuration by ID |
| POST | /strongswan/certs | To write ipsec certs. |
Create strongswan configuration
Verb URI Description
POST /strongswan Create strongswan configuration.
On success it returns JSON data with the UUID for the strongswan configuration.
Example Request and Response
Request JSON
{
"charon": {
"threads": 16,
"cisco_unity": "yes",
"plugins": {
"sql": {
"loglevel": "-1"
}
}
},
"libstrongswan": {}
}
Response JSON
{
"charon":
{
"threads": 16,
"cisco_unity": "yes",
"plugins":
{
"sql":
{
"loglevel": "-1"
}
}
},
"libstrongswan":
{
},
"id": "1ac32e0e-c5b4-482f-b568-8da47d6d94ad"
}
List strongswan configuration by ID
Verb URI Description
GET /strongswan/:id List summary of strongswan configuration by ID.
Example Request and Response
Response
{
"charon":
{
"threads": 16,
"cisco_unity": "yes",
"plugins":
{
"sql":
{
"loglevel": "-1"
}
}
},
"libstrongswan":
{
},
"id": "1ac32e0e-c5b4-482f-b568-8da47d6d94ad"
}
List strongswan configuration
Verb URI Description
GET /strongswan List summary of strongswan configuration.
Example Request and Response
Response
{
"strongswan":
[
{
"charon":
{
"threads": 16,
"cisco_unity": "yes",
"plugins":
{
"sql":
{
"loglevel": "-1test"
}
}
},
"libstrongswan":
{
},
"id": "a7857e81-157e-47e7-a837-dbae9f3e6a10"
}
],
"ipsec":
[
{
"version": "2.0",
"config setup":
{
"uniqueids": "yes",
"charondebug": "ike 2, knl 3, cfg 1, net 2, enc 2"
},
"include":
[
"/config/ipsec/fdadafef-5254-4f98-a036-946366595187.conf"
],
"id": "bc6631fc-a59e-456f-aea1-941f05bf9892"
}
],
"secrets":
[
{
"keypath": "RSA /etc/identity/snap.key",
"clearpathnet": "XAUTH \"password\"",
"id": "23c8bed0-29c7-42a1-aa04-85115e8e7686"
}
],
"rules":
[
]
}
Modify strongswan configuration
Verb URI Description
PUT /strongswan/:id Modify strongswan configuration.
On success it returns JSON data with the UUID for the strongswan configuration.
Example Request and Response
Request JSON
{
"charon": {
"threads": 16,
"cisco_unity": "yes",
"plugins": {
"sql": {
"loglevel": "-1"
}
}
},
"libstrongswan": {}
}
Response JSON
{
"charon":
{
"threads": 16,
"cisco_unity": "yes",
"plugins":
{
"sql":
{
"loglevel": "-1"
}
}
},
"libstrongswan":
{
},
"id": "1ac32e0e-c5b4-482f-b568-8da47d6d94ad"
}
Delete strongswan configuration
Verb URI Description
DELETE /strongswan/:id Delete a strongswan configuration by ID.
Example Request and Response
Request Headers
DELETE /strongswan/67ec9204-23f7-4edd-bcd2-be8d497124f8
Response Header
Status Code : 204
Create strongswan secrets configuration
Verb URI Description
POST /strongswan/:id/secrets Create strongswan secrets configuration.
On success it returns JSON data with the UUID for the strongswan secrets configuration.
Example Request and Response
Request JSON
{
"keypath": "RSA /etc/identity/snap.key",
"clearpathnet": "XAUTH \"password\""
}
Response JSON
{
"keypath": "RSA /etc/identity/snap.key",
"clearpathnet": "XAUTH \"password\"",
"id": "23c8bed0-29c7-42a1-aa04-85115e8e7686"
}
List strongswan secrets configuration
Verb URI Description
GET /strongswan/:id/secrets List summary of strongswan secrets configuration.
Example Request and Response
Response
[
{
"keypath": "RSA /etc/identity/snap.key",
"clearpathnet": "XAUTH \"password\"",
"id": "23c8bed0-29c7-42a1-aa04-85115e8e7686"
}
]
Modify strongswan secrets configuration
Verb URI Description
PUT /strongswan/:id/secrets/:id Modify strongswan secrets configuration.
On success it returns JSON data with the UUID for the strongswan secrets configuration.
Example Request and Response
Request JSON
{
"keypath": "RSA /etc/identity/snap.key",
"clearpathnet": "XAUTH \"password\""
}
Response JSON
{
"keypath": "RSA /etc/identity/snap.key",
"clearpathnet": "XAUTH \"password\"",
"id": "23c8bed0-29c7-42a1-aa04-85115e8e7686"
}
Delete strongswan secrets configuration
Verb URI Description
DELETE /strongswan/:id/secrets/:secretsid Delete a strongswan secrets configuration.
Example Request and Response
Request Headers
DELETE /strongswan/67ec9204-23f7-4edd-bcd2-be8d497124f8/secrets
Response Header
Status Code : 204
Create strongswan rules configuration
Verb URI Description
POST /strongswan/:sid/rules Create strongswan rules configuration.
On success it returns JSON data with the UUID for the strongswan rules configuration.
Example Request and Response
Request JSON
{
"left": "%defaultroute",
"leftsubnet": "0.0.0.0/0",
"leftfirewall": "yes",
"leftcert": "/etc/identity/snap.cert",
"right": "%any",
"rightsubnet": "169.254.253.0/24",
"rightsourceip": "169.254.253.2/24",
"auto": "add",
"xauth": "server",
"authby": "xauthrsasig",
"keyexchange": "ikev1",
"dpdaction": "clear",
"dpddelay": 30,
"dpdtimeout": 300,
"fragmentation": "yes",
"rightdns": [
"8.8.8.8",
"4.2.2.2"
]
}
Response JSON
{
"left": "%defaultroute",
"leftsubnet": "0.0.0.0/0",
"leftfirewall": "yes",
"leftcert": "/etc/identity/snap.cert",
"right": "%any",
"rightsubnet": "169.254.253.0/24",
"rightsourceip": "169.254.253.2/24",
"auto": "add",
"xauth": "server",
"authby": "xauthrsasig",
"keyexchange": "ikev1",
"dpdaction": "clear",
"dpddelay": 30,
"dpdtimeout": 300,
"fragmentation": "yes",
"rightdns":
[
"8.8.8.8",
"4.2.2.2"
],
"id": "fdadafef-5254-4f98-a036-946366595187"
}
List strongswan rules configuration
Verb URI Description
GET /strongswan/:sid/rules List summary of strongswan rules configuration.
Example Request and Response
Response
[
{
"left": "%defaultroute",
"leftsubnet": "0.0.0.0/0",
"leftfirewall": "yes",
"leftcert": "/etc/identity/snap.cert",
"right": "%any",
"rightsubnet": "169.254.253.0/24",
"rightsourceip": "169.254.253.2/24",
"auto": "add",
"xauth": "server",
"authby": "xauthrsasig",
"keyexchange": "ikev1",
"dpdaction": "clear",
"dpddelay": 30,
"dpdtimeout": 300,
"fragmentation": "yes",
"rightdns":
[
"8.8.8.8",
"4.2.2.2"
],
"id": "fdadafef-5254-4f98-a036-946366595187"
}
]
List strongswan rules configuratioin by ID
Verb URI Description
GET /strongswan/:sid/rules/:id List summary of strongswan rules configuration by ID.
Example Request and Response
Response
{
"left": "%defaultroute",
"leftsubnet": "0.0.0.0/0",
"leftfirewall": "yes",
"leftcert": "/etc/identity/snap.cert",
"right": "%any",
"rightsubnet": "169.254.253.0/24",
"rightsourceip": "169.254.253.2/24",
"auto": "add",
"xauth": "server",
"authby": "xauthrsasig",
"keyexchange": "ikev1",
"dpdaction": "clear",
"dpddelay": 30,
"dpdtimeout": 300,
"fragmentation": "yes",
"rightdns":
[
"8.8.8.8",
"4.2.2.2"
],
"id": "fdadafef-5254-4f98-a036-946366595187"
}
Modify strongswan rules configuration
Verb URI Description
PUT /strongswan/:sid/rules/:id Modify strongswan rules configuration.
On success it returns JSON data with the UUID for the strongswan rules configuration.
Example Request and Response
Request JSON
{
"left": "%defaultroute",
"leftsubnet": "0.0.0.0/0",
"leftfirewall": "yes",
"leftcert": "/etc/identity/snap.cert",
"right": "%any",
"rightsubnet": "169.254.253.0/24",
"rightsourceip": "169.254.253.2/24",
"auto": "add",
"xauth": "server",
"authby": "xauthrsasig",
"keyexchange": "ikev1",
"dpdaction": "clear",
"dpddelay": 30,
"dpdtimeout": 300,
"fragmentation": "yes",
"rightdns": [
"8.8.8.8",
"4.2.2.2"
]
}
Response JSON
{
"left": "%defaultroute",
"leftsubnet": "0.0.0.0/0",
"leftfirewall": "yes",
"leftcert": "/etc/identity/snap.cert",
"right": "%any",
"rightsubnet": "169.254.253.0/24",
"rightsourceip": "169.254.253.2/24",
"auto": "add",
"xauth": "server",
"authby": "xauthrsasig",
"keyexchange": "ikev1",
"dpdaction": "clear",
"dpddelay": 30,
"dpdtimeout": 300,
"fragmentation": "yes",
"rightdns":
[
"8.8.8.8",
"4.2.2.2"
],
"id": "fdadafef-5254-4f98-a036-946366595187"
}
Delete strongswan rules configuration
Verb URI Description
DELETE /strongswan/:sid/rules/:rule Delete a strongswan rules configuration.
Example Request and Response
Request Headers
DELETE /strongswan/67ec9204-23f7-4edd-bcd2-be8d497124f8/rules/28163f1e-00a6-44b0-9106-b48e5c94cd2e
Response Header
Status Code : 204
Create strongswan ipsec configuration
Verb URI Description
POST /strongswan/:id/ipsec Create strongswan ipsec configuration.
On success it returns JSON data with the UUID for the strongswan ipsec configuration.
In "include" value give the created rules configuration file name.
Example Request and Response
Request JSON
{
"version" : "2.0",
"config setup" : {
"uniqueids": "yes",
"charondebug": "ike 2, knl 3, cfg 1, net 2, enc 2"
},
"include": ["/config/ipsec/conn-<rules-file-name>.conf"] # like conn-UUID
}
Response JSON
{
"version": "2.0",
"config setup":
{
"uniqueids": "yes",
"charondebug": "ike 2, knl 3, cfg 1, net 2, enc 2"
},
"include":
[
"/config/ipsec/fdadafef-5254-4f98-a036-946366595187.conf"
],
"id": "bc6631fc-a59e-456f-aea1-941f05bf9892"
}
List strongswan ipsec configuration by ID
Verb URI Description
GET /strongswan/:id/ipsec/:ipsecid List summary of strongswan ipsec configuration by ID.
Example Request and Response
Response
{
"version": "2.0",
"config setup":
{
"uniqueids": "yes",
"charondebug": "ike 2, knl 3, cfg 1, net 2, enc 2"
},
"include":
[
"/config/ipsec/fdadafef-5254-4f98-a036-946366595187.conf"
],
"id": "bc6631fc-a59e-456f-aea1-941f05bf9892"
}
List strongswan ipsec configuration
Verb URI Description
GET /strongswan/:id/ipsec List summary of strongswan ipsec configuration.
Example Request and Response
Response
[
{
"version": "2.0",
"config setup":
{
"uniqueids": "yes",
"charondebug": "ike 2, knl 3, cfg 1, net 2, enc 2"
},
"include":
[
"/config/ipsec/fdadafef-5254-4f98-a036-946366595187.conf"
],
"id": "bc6631fc-a59e-456f-aea1-941f05bf9892"
}
]
Modify strongswan ipsec configuration
Verb URI Description
PUT /strongswan/:id/ipsec/:ipsecid Modify strongswan ipsec configuration.
On success it returns JSON data with the UUID for the strongswan ipsec configuration.
In "include" value give the created rules configuration file name.
Example Request and Response
Request JSON
{
"version" : "2.0",
"config setup" : {
"uniqueids": "yes",
"charondebug": "ike 2, knl 3, cfg 1, net 2, enc 2"
},
"include": ["/config/ipsec/conn-<rules-file-name>.conf"] # like conn-UUID
}
Response JSON
{
"version": "2.0",
"config setup":
{
"uniqueids": "yes",
"charondebug": "ike 2, knl 3, cfg 1, net 2, enc 2"
},
"include":
[
"/config/ipsec/fdadafef-5254-4f98-a036-946366595187.conf"
],
"id": "bc6631fc-a59e-456f-aea1-941f05bf9892"
}
Delete strongswan ipsec configuration
Verb URI Description
DELETE /strongswan/:id/ipsec/:ipsecid Delete a strongswan ipsec configuration by ID.
Example Request and Response
Request Headers
DELETE /strongswan/67ec9204-23f7-4edd-bcd2-be8d497124f8/ipsec/2e92bf64-a17c-4f6a-9483-b52ec80a4533
Response Header
Status Code : 204
Modify strongswan rules configuration
Verb URI Description
POST /strongswan/certs To write ipsec certs.
On success it returns JSON data with the UUID for the strongswan rules configuration.
values to key privateKey, certificate, cacerts object should be base64 encoded value.
Example Request and Response
Request JSON
{
"privateKey": "c29tZSB0ZXN0IHRvIHdyaXRlIGludG8gZmlsZSBmb3IgdGVzdGluZw==",
"certificate": "c29tZSB0ZXN0IHRvIHdyaXRlIGludG8gZmlsZSBmb3IgdGVzdGluZw==",
"cacerts": [
{
"aa": "c29tZSB0ZXN0IHRvIHdyaXRlIGludG8gZmlsZSBmb3IgdGVzdGluZw=="
},
{
"Telekom Root Signer": "c29tZSB0ZXN0IHRvIHdyaXRlIGludG8gZmlsZSBmb3IgdGVzdGluZw=="
},
{
"Telekom Mobility Signer": "c29tZSB0ZXN0IHRvIHdyaXRlIGludG8gZmlsZSBmb3IgdGVzdGluZw=="
},
{
"Telekom CA": "c29tZSB0ZXN0IHRvIHdyaXRlIGludG8gZmlsZSBmb3IgdGVzdGluZw=="
}
]
}
Response JSON
{
"result": true
}