cloudflash-strongswan

cloudflash snort module implements snort configuration on unix systems

cloudflash-strongswan

List of strongswan APIs

VerbURIDescription
POST/strongswanCreate strongswan configuration
GET/strongswan/:idList summary of strongswan configuration by ID
GET/strongswanList summary of strongswan configuration
PUT/strongswan/:idModify strongswan configuration
DELETE/strongswan/:idDelete a strongswan configuration by ID
POST/strongswan/:id/secretsCreate strongswan secrets configuration
GET/strongswan/:id/secretsList summary of strongswan secrets configuration
PUT/strongswan/:id/secrets/:idModify strongswan secrets configuration
DELETE/strongswan/:id/secrets/:secretsidDelete a strongswan secrets configuration by ID
POST/strongswan/:sid/rulesCreate strongswan rules configuration
GET/strongswan/:sid/rulesList summary of strongswan rules configuration
GET/strongswan/:sid/rules/:idList summary of strongswan rules configuration by ID
PUT/strongswan/:sid/rules/:idModify strongswan rules configuration by ID
DELETE/strongswan/:sid/rules/:ruleDelete a strongswan rules configuration by ID
POST/strongswan/:id/ipsecCreate strongswan ipsec configuration. In ipsec request JSON provide "include" property value as created rules ID. EG: "conn-.conf"
GET/strongswan/:id/ipsecList summary of strongswan ipsec configuration
GET/strongswan/:id/ipsec/:ipsecidList summary of strongswan ipsec configuration by ID
PUT/strongswan/:id/ipsec/:ipsecidModify strongswan ipsec configuration by ID
DELETE/strongswan/:id/ipsec/:ipsecidDelete a strongswan configuration by ID
POST/strongswan/certsTo write ipsec certs.
Verb      URI                 Description
POST    /strongswan          Create strongswan configuration.

On success it returns JSON data with the UUID for the strongswan configuration.

Example Request and Response

{
"charon": {
    "threads": 16,
    "cisco_unity": "yes",
    "plugins": {
        "sql": {
            "loglevel": "-1"
        }
    }
},
"libstrongswan": {}
}
{
   "charon":
   {
       "threads": 16,
       "cisco_unity": "yes",
       "plugins":
       {
           "sql":
           {
               "loglevel": "-1"
           }
       }
   },
   "libstrongswan":
   {
   },
   "id": "1ac32e0e-c5b4-482f-b568-8da47d6d94ad"
}
Verb    URI              Description
GET        /strongswan/:id       List summary of strongswan configuration by ID.

Example Request and Response

Response

{
   "charon":
   {
       "threads": 16,
       "cisco_unity": "yes",
       "plugins":
       {
           "sql":
           {
               "loglevel": "-1"
           }
       }
   },
   "libstrongswan":
   {
   },
   "id": "1ac32e0e-c5b4-482f-b568-8da47d6d94ad"
}
Verb    URI              Description
GET        /strongswan       List summary of strongswan configuration.

Example Request and Response

Response

{
   "strongswan":
   [
       {
           "charon":
           {
               "threads": 16,
               "cisco_unity": "yes",
               "plugins":
               {
                   "sql":
                   {
                       "loglevel": "-1test"
                   }
               }
           },
           "libstrongswan":
           {
           },
           "id": "a7857e81-157e-47e7-a837-dbae9f3e6a10"
       }
   ],
   "ipsec":
   [
       {
           "version": "2.0",
           "config setup":
           {
               "uniqueids": "yes",
               "charondebug": "ike 2, knl 3, cfg 1, net 2, enc 2"
           },
           "include":
           [
               "/config/ipsec/fdadafef-5254-4f98-a036-946366595187.conf"
           ],
           "id": "bc6631fc-a59e-456f-aea1-941f05bf9892"
       }
   ],
   "secrets":
   [
       {
           "keypath": "RSA /etc/identity/snap.key",
           "clearpathnet": "XAUTH  \"password\"",
           "id": "23c8bed0-29c7-42a1-aa04-85115e8e7686"
       }
   ],
   "rules":
   [
   ]
}
Verb      URI                   Description
PUT  /strongswan/:id          Modify strongswan configuration.

On success it returns JSON data with the UUID for the strongswan configuration.

Example Request and Response

{
"charon": {
    "threads": 16,
    "cisco_unity": "yes",
    "plugins": {
        "sql": {
            "loglevel": "-1"
        }
    }
},
"libstrongswan": {}
}
{
   "charon":
   {
       "threads": 16,
       "cisco_unity": "yes",
       "plugins":
       {
           "sql":
           {
               "loglevel": "-1"
           }
       }
   },
   "libstrongswan":
   {
   },
   "id": "1ac32e0e-c5b4-482f-b568-8da47d6d94ad"
}
Verb    URI                            Description
DELETE   /strongswan/:id           Delete a strongswan configuration by ID.

Example Request and Response

DELETE /strongswan/67ec9204-23f7-4edd-bcd2-be8d497124f8

Status Code : 204

Verb        URI                         Description
POST    /strongswan/:id/secrets          Create strongswan secrets configuration.

On success it returns JSON data with the UUID for the strongswan secrets configuration.

Example Request and Response

{
   "keypath": "RSA /etc/identity/snap.key",
   "clearpathnet": "XAUTH \"password\""
}
{
   "keypath": "RSA /etc/identity/snap.key",
   "clearpathnet": "XAUTH \"password\"",
   "id": "23c8bed0-29c7-42a1-aa04-85115e8e7686"
}
Verb    URI                      Description
GET        /strongswan/:id/secrets       List summary of strongswan secrets configuration.

Example Request and Response

Response

[
   {
       "keypath": "RSA /etc/identity/snap.key",
       "clearpathnet": "XAUTH \"password\"",
       "id": "23c8bed0-29c7-42a1-aa04-85115e8e7686"
   }
]
Verb        URI                               Description
PUT /strongswan/:id/secrets/:id          Modify strongswan secrets configuration.

On success it returns JSON data with the UUID for the strongswan secrets configuration.

Example Request and Response

{
   "keypath": "RSA /etc/identity/snap.key",
   "clearpathnet": "XAUTH \"password\""
}
{
   "keypath": "RSA /etc/identity/snap.key",
   "clearpathnet": "XAUTH \"password\"",
   "id": "23c8bed0-29c7-42a1-aa04-85115e8e7686"
}
Verb    URI                                      Description
DELETE   /strongswan/:id/secrets/:secretsid      Delete a strongswan secrets configuration.

Example Request and Response

DELETE /strongswan/67ec9204-23f7-4edd-bcd2-be8d497124f8/secrets

Status Code : 204

Verb        URI                         Description
POST    /strongswan/:sid/rules          Create strongswan rules configuration.

On success it returns JSON data with the UUID for the strongswan rules configuration.

Example Request and Response

{
"left": "%defaultroute",
"leftsubnet": "0.0.0.0/0",
"leftfirewall": "yes",
"leftcert": "/etc/identity/snap.cert",
"right": "%any",
"rightsubnet": "169.254.253.0/24",
"rightsourceip": "169.254.253.2/24",
"auto": "add",
"xauth": "server",
"authby": "xauthrsasig",
"keyexchange": "ikev1",
"dpdaction": "clear",
"dpddelay": 30,
"dpdtimeout": 300,
"fragmentation": "yes",
"rightdns": [
    "8.8.8.8",
    "4.2.2.2"
]
}
{
   "left": "%defaultroute",
   "leftsubnet": "0.0.0.0/0",
   "leftfirewall": "yes",
   "leftcert": "/etc/identity/snap.cert",
   "right": "%any",
   "rightsubnet": "169.254.253.0/24",
   "rightsourceip": "169.254.253.2/24",
   "auto": "add",
   "xauth": "server",
   "authby": "xauthrsasig",
   "keyexchange": "ikev1",
   "dpdaction": "clear",
   "dpddelay": 30,
   "dpdtimeout": 300,
   "fragmentation": "yes",
   "rightdns":
   [
       "8.8.8.8",
       "4.2.2.2"
   ],
   "id": "fdadafef-5254-4f98-a036-946366595187"
}
Verb    URI                      Description
GET        /strongswan/:sid/rules        List summary of strongswan rules configuration.

Example Request and Response

Response

[
   {
       "left": "%defaultroute",
       "leftsubnet": "0.0.0.0/0",
       "leftfirewall": "yes",
       "leftcert": "/etc/identity/snap.cert",
       "right": "%any",
       "rightsubnet": "169.254.253.0/24",
       "rightsourceip": "169.254.253.2/24",
       "auto": "add",
       "xauth": "server",
       "authby": "xauthrsasig",
       "keyexchange": "ikev1",
       "dpdaction": "clear",
       "dpddelay": 30,
       "dpdtimeout": 300,
       "fragmentation": "yes",
       "rightdns":
       [
           "8.8.8.8",
           "4.2.2.2"
       ],
       "id": "fdadafef-5254-4f98-a036-946366595187"
   }
]
Verb    URI                              Description
GET        /strongswan/:sid/rules/:id        List summary of strongswan rules configuration by ID.

Example Request and Response

Response

{
   "left": "%defaultroute",
   "leftsubnet": "0.0.0.0/0",
   "leftfirewall": "yes",
   "leftcert": "/etc/identity/snap.cert",
   "right": "%any",
   "rightsubnet": "169.254.253.0/24",
   "rightsourceip": "169.254.253.2/24",
   "auto": "add",
   "xauth": "server",
   "authby": "xauthrsasig",
   "keyexchange": "ikev1",
   "dpdaction": "clear",
   "dpddelay": 30,
   "dpdtimeout": 300,
   "fragmentation": "yes",
   "rightdns":
   [
       "8.8.8.8",
       "4.2.2.2"
   ],
   "id": "fdadafef-5254-4f98-a036-946366595187"
}
Verb        URI                              Description
PUT    /strongswan/:sid/rules/:id          Modify strongswan rules configuration.

On success it returns JSON data with the UUID for the strongswan rules configuration.

Example Request and Response

{
"left": "%defaultroute",
"leftsubnet": "0.0.0.0/0",
"leftfirewall": "yes",
"leftcert": "/etc/identity/snap.cert",
"right": "%any",
"rightsubnet": "169.254.253.0/24",
"rightsourceip": "169.254.253.2/24",
"auto": "add",
"xauth": "server",
"authby": "xauthrsasig",
"keyexchange": "ikev1",
"dpdaction": "clear",
"dpddelay": 30,
"dpdtimeout": 300,
"fragmentation": "yes",
"rightdns": [
    "8.8.8.8",
    "4.2.2.2"
]
}
{
   "left": "%defaultroute",
   "leftsubnet": "0.0.0.0/0",
   "leftfirewall": "yes",
   "leftcert": "/etc/identity/snap.cert",
   "right": "%any",
   "rightsubnet": "169.254.253.0/24",
   "rightsourceip": "169.254.253.2/24",
   "auto": "add",
   "xauth": "server",
   "authby": "xauthrsasig",
   "keyexchange": "ikev1",
   "dpdaction": "clear",
   "dpddelay": 30,
   "dpdtimeout": 300,
   "fragmentation": "yes",
   "rightdns":
   [
       "8.8.8.8",
       "4.2.2.2"
   ],
   "id": "fdadafef-5254-4f98-a036-946366595187"
}
Verb     URI                                    Description
DELETE   /strongswan/:sid/rules/:rule            Delete a strongswan rules configuration.

Example Request and Response

DELETE /strongswan/67ec9204-23f7-4edd-bcd2-be8d497124f8/rules/28163f1e-00a6-44b0-9106-b48e5c94cd2e

Status Code : 204

Verb      URI                  Description
POST    /strongswan/:id/ipsec          Create strongswan ipsec configuration.

On success it returns JSON data with the UUID for the strongswan ipsec configuration.

In "include" value give the created rules configuration file name.

Example Request and Response

{
  "version" : "2.0",
  "config setup" : {

         "uniqueids": "yes",
         "charondebug": "ike 2, knl 3, cfg 1, net 2, enc 2"
         },

  "include": ["/config/ipsec/conn-<rules-file-name>.conf"] # like conn-UUID
}
{
   "version": "2.0",
   "config setup":
   {
       "uniqueids": "yes",
       "charondebug": "ike 2, knl 3, cfg 1, net 2, enc 2"
   },
   "include":
   [
       "/config/ipsec/fdadafef-5254-4f98-a036-946366595187.conf"
   ],
   "id": "bc6631fc-a59e-456f-aea1-941f05bf9892"
}
Verb    URI                              Description
GET        /strongswan/:id/ipsec/:ipsecid        List summary of strongswan ipsec configuration by ID.

Example Request and Response

Response

{
   "version": "2.0",
   "config setup":
   {
       "uniqueids": "yes",
       "charondebug": "ike 2, knl 3, cfg 1, net 2, enc 2"
   },
   "include":
   [
       "/config/ipsec/fdadafef-5254-4f98-a036-946366595187.conf"
   ],
   "id": "bc6631fc-a59e-456f-aea1-941f05bf9892"
}
Verb    URI                      Description
GET        /strongswan/:id/ipsec         List summary of strongswan ipsec configuration.

Example Request and Response

Response

[
   {
       "version": "2.0",
       "config setup":
       {
           "uniqueids": "yes",
           "charondebug": "ike 2, knl 3, cfg 1, net 2, enc 2"
       },
       "include":
       [
           "/config/ipsec/fdadafef-5254-4f98-a036-946366595187.conf"
       ],
       "id": "bc6631fc-a59e-456f-aea1-941f05bf9892"
   }
]
Verb        URI                                  Description
PUT    /strongswan/:id/ipsec/:ipsecid          Modify strongswan ipsec configuration.

On success it returns JSON data with the UUID for the strongswan ipsec configuration.

In "include" value give the created rules configuration file name.

Example Request and Response

{
  "version" : "2.0",
  "config setup" : {

         "uniqueids": "yes",
         "charondebug": "ike 2, knl 3, cfg 1, net 2, enc 2"
         },

  "include": ["/config/ipsec/conn-<rules-file-name>.conf"] # like conn-UUID
}
{
   "version": "2.0",
   "config setup":
   {
       "uniqueids": "yes",
       "charondebug": "ike 2, knl 3, cfg 1, net 2, enc 2"
   },
   "include":
   [
       "/config/ipsec/fdadafef-5254-4f98-a036-946366595187.conf"
   ],
   "id": "bc6631fc-a59e-456f-aea1-941f05bf9892"
}
Verb    URI                                      Description
DELETE   /strongswan/:id/ipsec/:ipsecid           Delete a strongswan ipsec configuration by ID.

Example Request and Response

DELETE /strongswan/67ec9204-23f7-4edd-bcd2-be8d497124f8/ipsec/2e92bf64-a17c-4f6a-9483-b52ec80a4533

Status Code : 204

Verb        URI                              Description
POST       /strongswan/certs                 To write ipsec certs.

On success it returns JSON data with the UUID for the strongswan rules configuration.

values to key privateKey, certificate, cacerts object should be base64 encoded value.

Example Request and Response

{
"privateKey": "c29tZSB0ZXN0IHRvIHdyaXRlIGludG8gZmlsZSBmb3IgdGVzdGluZw==",
"certificate": "c29tZSB0ZXN0IHRvIHdyaXRlIGludG8gZmlsZSBmb3IgdGVzdGluZw==",
"cacerts": [
    {
        "aa": "c29tZSB0ZXN0IHRvIHdyaXRlIGludG8gZmlsZSBmb3IgdGVzdGluZw=="
    },
    {
        "Telekom Root Signer": "c29tZSB0ZXN0IHRvIHdyaXRlIGludG8gZmlsZSBmb3IgdGVzdGluZw=="
    },
    {
        "Telekom Mobility Signer": "c29tZSB0ZXN0IHRvIHdyaXRlIGludG8gZmlsZSBmb3IgdGVzdGluZw=="
    },
    {
        "Telekom CA": "c29tZSB0ZXN0IHRvIHdyaXRlIGludG8gZmlsZSBmb3IgdGVzdGluZw=="
    }
]
}
{
   "result": true
}