# # Config Descriptions # =================== # # This file provides a list of all possible configuration parameters for software release 4.1.0. # An entity index is denoted as 'x', a subindex as 'y'. # # (C) 2017 NetModule AG, Switzerland # # config parameter type notation/unit/values comment #Version/Product Info config.version string . set by configd, used for config conversion config.product string NB set by configd, specifies product config.info string config description, used to identify config #System system.time date-time --
volatile parameter to set system time system.login_show_msgs_infos integer 0 = disabled, 1 = enabled shows error massages on the login screen system.prompt # networking network.hostname hostname hostname of the system network.timezone string timezone (e.g. UTC+1 or GMT+1, see /usr/share/zoneinfo/) network.tcp.timestamps integer 0 = disabled, 1 = enabled enable/disable TCP timestamps network.icmp.forward integer 0 = disable, 1 = enable network.mss.status integer 0 = disabled, 1 = enabled enable/disable MSS adjustment network.mss.adjustment integer 100..1500 bytes maximum segment size # certificates cert.deployment string default : local default deployment type cert.settings.organization string a-z,A-Z,0-9,-,_,. certificate organization (0) cert.settings.department string a-z,A-Z,0-9,-,_,. certificate department (OU) cert.settings.location string a-z,A-Z,0-9,-,_,. certificate location (L) cert.settings.state string certificate state (ST) cert.settings.country string a-z,A-Z,0-9,-,_,. certificate country (C) cert.settings.common string checkPasswd certificate common name (CN) cert.settings.email email checkEmail certificate e-mail cert.settings.expiry integer 30..10950 days certificate expiry period cert.settings.phrase password passwd certificate passphrase cert.settings.keysize integer bit certificate key size cert.settings.dhsize integer bit certificate DH primes cert.settings.sigalg enum md5,sha1,sha256,sha512 certificate signature algorithm cert.settings.cipher enum aes256,aes192,aes128,des,des3,seed certificate cipher algorithm cert.scep.status integer 0 = disabled, 1 = enabled enables/disables SCEP cert.scep.url url http:/// SCEP CA URL cert.scep.fingerprint string SCEP CA fingerprint cert.scep.fpalg enum md5,sha1,sha256 SCEP fingerprint algorithm cert.scep.caident string SCEP CA identifier cert.scep.timeout integer 30..3600 seconds SCEP request timeout cert.scep.interval integer 10..120 seconds SCEP poll interval cert.scep.idtype enum IP,DNS,EMAIL SCEP identifier type cert.scep.phrase password SCEP password cert.ignore integer 0 = disabled, 1 = enabled #ACME acme.0.status integer 0 = disable, 1 = enable acme.0.domain acme.0.testmode integer 0 = disabled, 1 = enabled # modems modem.x.status integer 0 = disabled, 1 = enabled modem administrative status modem.x.trace.status integer 0 = disabled, 1 = enabled modem.x.trace.adress address modem.x.trace.targed address modem.x.trace.netmask netmask modem.x.trace.filesize modem.x.trace.nr_files modem.x.config.antennas modem.x.config.idle_lte_attach integer modem.x.config.silent_reset integer modem.x.trace.urc.status integer modem.x.query_interval.signal modem.x.query_interval.operator modem.x.config.silent_reset integer 0 = disabled, 1 = enabled send AT+CFUN=15 or not. (CME ERROR) # SIM cards sim.x.pincode integer 1..16 digits SIM PIN code sim.x.pukcode integer 1..32 digits SIM PUK code sim.x.lai integer 5..7 digits SIM LAI to specify carrier sim.x.bands string comma-separated list of bands SIM bands to specify bands (e.g. gsm-b8, lte-b1) sim.x.card integer x SIM default modem index sim.x.pref enum automatic,2G-only,2G-first,2G3G-only, SIM preferred service 3G-only,3G-first,4G-only,4G-first, 3G/4G(UMTS/LTE) only sim.x.regmode integer 0 = circuit-switched, SIM registration mode 1 = packet-switched, 2 = all networks # Soft SIMs ssim.x.id numeric string 15 digits Soft-SIM identifier ssim.x.key hex regex A-F,a-f,0-9 Soft-SIM key ssim.x.op hex regex A-F,a-f,0-9 Soft-SIM op # WWAN Interfaces wwan.x.status integer 0 = disabled, 1 = enabled WWAN interface administrative status wwan.x.card integer WWAN interface modem index wwan.x.sim integer WWAN interface SIM index wwan.x.pdp integer 0 < pdp < maxpdp WWAN interface PDP index (maxpdp -> /tmp/status/wwanmd/cardx) wwan.x.pref enum automatic, WWAN interface preferred service 2G-only, 2G-first, 2G3G-only, 3G-only, 3G-first, 4G-only, 4G-first wwan.x.autoconn integer (0 = disabled, 1 = enabled) wwan.x.number phone-number allowed : 0-9,+,#,* WWAN interface phone number (e.g. *99***1#) wwan.x.username string ApnUsername WWAN interface apnusername wwan.x.password password ApnPassword WWAN interface apnpassword wwan.x.apn string allowed a-z,A-Z,0-9,-,_ WWAN interface APN wwan.x.auth integer 0 = none, 1 = PAP, WWAN interface authentication 2 = CHAP, 3 = PAP+CHAP wwan.x.hdrcomp integer 0 = disabled, 1 = enabled WWAN interface header compression wwan.x.softcomp integer 0 = disabled, 1 = enabled WWAN interface data compression wwan.x.address address standard Ip WWAN interface client address wwan.x.isdn integer 0 = disabled, 1 = enabled WWAN interface ISDN call wwan.x.negdns integer 0 = disabled, 1 = enabled WWAN interface negotiate DNS wwan.x.minrssi integer -120..-50 dBm WWAN interface min. required RSSI value wwan.x.minqual integer 0..100 percent WWAN interface min. required quality level wwan.x.maxfail integer WWAN interface max. PPP connection attempts wwan.x.homeonly integer 0 = roaming, 1 = home network only WWAN interface roaming wwan.x.maxattempts wwan.x.mtu integer WWAN interface max. transmission unit wwan.x.protocoll_mode adresstype ipv4,ipv6,dual # USB usb.status integer 0 = disabled, 1 = enabled USB administrative status usb.hotplug integer 0 = disabled, 1 = enabled USB hotplug administrative status usb.x.enabled integer 0 = disabled, 1 = enabled USB port administrative status autorun.status integer 0 = disabled, 1 = enabled USB Autorun administrative status autorun.authdev integer 0 = disabled, 1 = enabled USB Autorun allow only enabled devices autorun.password password usb.devices.x.dev string : USB device identification usb.devices.x.module enum usb-storage,pl2303,ch341,ftdi, USB device driver module pegasus,asix,rndis,ax88179_178a,r8152 usb.devices.x.busid string USB bus identifier (e.g. 1-1.2) # Bridges network.br.x.mode integer 0 = disabled, 1 = enabled, Bridge administrative status 2 = enabled with local Interface network.br.x.mtu integer Bridge max. transmission unit network.br.x.address address Bridge network address network.br.x.netmask address Bridge network netmask network.br.x.gateway address Bridge network gateway network.br.x.proxyarp integer 0 = disabled, 1 = enabled Bridge Proxy-ARP status network.br.x.mac network.br.x.stp network.br.x.rstp # Ethernet network.link.x.mode integer 0 = auto-negotiated, Ethernet link mode 1 = 10baseT/Half, 2 = 10baseT/Full, 3 = 100baseT/Half, 4 = 100baseT/Full, 5 = 1000baseT/Half, 6 = 1000baseT/Full # Ethernet Switch Ports switch.port.x.status integer 0 = disabled, 1 = enabled Ethernet switch port administrative status switch.port.x.interface integer Ethernet switch port LAN interface index # Ethernet Ports ethernet.port.x.status integer 0 = disabled, 1 = enabled Ethernet port administrative status ethernet.port.x.interface integer Ethernet port LAN interface index # Ethernet Briding ethernet.bridge.firewall integer 0 = disabled, 1 = enabled Ethernet bridge firewall administrative status ethernet.bridge.stp integer 0 = disabled, 1 = enabled Ethernet bridge STP ethernet.bridge.rstp integer 0 = disabled, 1 = enabled Ethernet bride RSTP administrative status #Serdes Configuration ethernet.serdes integer # WLAN wlan.x.status integer 0 = disabled, 1 = enabled WLAN administrative status wlan.x.mode enum client,access-point,dualmode,managed WLAN operational mode wlan.x.diversity integer 0 = disabled, 1 = enabled WLAN antenna diversity wlan.x.regdom string WLAN regulatory domain (e.g. DE, see /etc/tld) wlan.x.antgain integer 0..10 dB WLAN antenna gain wlan.x.txpower integer 20 dBm (max. EIRP) WLAN EIRP wlan.x.settings.hwmode enum a,b,g,n,c WLAN operation type wlan.x.settings.band enum 2.4,5 WLAN band wlan.x.settings.channel integer WLAN channel (0 = auto) wlan.x.settings.scanchannels wlan.x.settings.bandwidth enum 20,40,80 WLAN bandwidth wlan.x.settings.sgi wlan.x.settings.outdoor wlan.x.settings.sticky wlan.x.settings.newbssidcalc wlan.x.settings.tracking.status wlan.x.settings.tracking.count wlan.x.ac.0.host host WLAN primary access controller wlan.x.ac.1.host host WLAN secondary access controller wlan.o.swencrypt integer # WLAN Clients wlan.x.client.y.ssid string WLAN client SSID wlan.x.client.y.secmode enum off,none,wep,wpa-psk, WLAN client security wpa-radius,wpa-eap-tls mode wpa-radius,wpa-eap-tls wlan.x.client.y.secproto enum wpa1,wpa2,wpa(1and2),wpa3,wpa(2and3) WLAN client WPA/WPA2 mixed mode/WPA3/WPA3 mixed mode wlan.x.client.y.cipher enum tkip,ccmp,all WLAN client WPA cipher wlan.x.client.y.sslciphers wlan.x.client.y.psk password WLAN client passphrase wlan.x.client.y.minrssi integer -100..-10 dBm WLAN client min. required RSSI value wlan.x.client.y.minqual integer 0..100 percent WLAN client min. required quality level wlan.x.client.y.id string WLAN client identity for EAP wlan.x.client.y.prio integer 0..10 WLAN client priority wlan.x.client.y.pmf integer 0 = disabled, 1 = enabled WLAN client PMF administrative status wlan.x.client.y.tlsv wlan.x.client.y.ft wlan.x.client.y.scan.bg.threshold wlan.x.client.y.scan.bg.longinterval wlan.x.client.y.scan.bg.shortinterval # WLAN Access Points wlan.x.vss.y.status integer 0 = disabled, 1 = enabled WLAN VSS administrative status wlan.x.vss.y.ssid string WLAN VSS SSID wlan.x.vss.y.hidden integer 0 = disabled, 1 = enabled WLAN VSS hide SSID wlan.x.vss.y.isolate integer 0 = disabled, 1 = enabled WLAN VSS isolate clients wlan.x.vss.y.advertise integer 0 = disabled, 1 = enabled WLAN VSS advertise country code 802.1d wlan.x.vss.y.inactivity integer 0..600 WLAN VSS max. station inactivity wlan.x.vss.y.secmode enum off,none,wpa-psk,wpa-radius WLAN VSS security mode wlan.x.vss.y.secproto enum wpa1,wpa2,wpa1andwpa2 WLAN VSS WPA/WPA2 mixed mode wlan.x.vss.y.cipher enum tkip,ccmp,both WLAN VSS WPA cipher wlan.x.vss.y.psk password WLAN VSS passphrase wlan.x.vss.y.acct integer 0 = none, 1 = default, 2 = cisco WLAN VSS accounting wlan.x.vss.y.pmf integer 0 = disabled, 1 = enabled WLAN VSS PMF administrative status wlan.x.vss.y.addr4 integer 0 = disabled, 1 = enabled WLAN VSS 4addr frame administrative status wlan.x.vss.y.iapp wlan.x.vss.y.preauth wlan.x.vss.y.fast.status wlan.x.vss.y.fast.mobility wlan.x.vss.y.fast.only wlan.x.vss.y.fast.key wlan.x.vss.y.bandsteering wlan.x.vss.y.owe.transition #Mesh wlan.x.mesh.y.status integer wlan.x.mesh.y.meshid wlan.x.mesh.y.secmode wlan.x.mesh.y.psk wlan.x.mesh.y.pmf integer wlan.x.mesh.y.gate integer # Bluetooth bluez.x.status integer 0 = disabled, 1 = enabled Bluetooth device administrative status # CAN can.x.status integer 0 = disabled, 1 = enabled CAN device administrative status can.x.bitrate integer 10000..1000000 CAN device bitrate can.x.termination integer #CLI-PHP cliphp.status integer # VLAN network.vlan.x.interface interface VLAN network interface (e.g. lan0) network.vlan.x.mode enum routed,bridged VLAN network mode network.vlan.x.index integer VLAN interface index network.vlan.x.id integer 0..4094 VLAN ID network.vlan.x.prio integer -1 = default, VLAN QoS priority 0 = background, 1 = best-effort, 2 = excellent-effort, 3 = critical-applications, 4 = video, 5 = voice, 6 = internetwork-control, 7 = network-control network.vlan.x.brdev interface VLAN bridge interface (e.g. lan1) # LAN Interfaces (IP) network.lan.x.mode enum lan,wan LAN interface operational mode network.lan.x.address address LAN interface address network.lan.x.netmask address LAN interface netmask network.lan.x.mtu integer LAN interface max. transmission unit network.lan.x.alias.y.address address LAN interface alias address network.lan.x.alias.y.netmask address LAN interface alias netmask network.lan.x.proxyarp integer 0 = disabled, 1 = enabled LAN interface Proxy-ARP status network.lan.mac network.lan.stp # WLAN Interfaces (IP) network.wlan.x.mode enum routed,bridged WLAN interface network mode network.wlan.x.mtu integer WLAN interface max. transmission unit network.wlan.x.address address WLAN interface address network.wlan.x.netmask address WLAN interface netmask network.wlan.x.gateway address WLAN interface gateway network.wlan.x.brdev interface WLAN interface bridge interface network.wlan.x.proxyarp integer 0 = disabled, 1 = enabled WLAN interface Proxy-ARP status # WAN Interfaces (IP) network.wan.x.interface interface WAN interface network.wan.x.mode enum dhcp,static,pppoe WAN interface operational mode network.wan.x.address address WAN interface address (static) network.wan.x.netmask address WAN interface netmask (static) network.wan.x.gateway address WAN interface gateway (static) network.wan.x.dns0 address WAN interface primary DNS server (static) network.wan.x.dns1 address WAN interface secondary DNS server (static) network.wan.x.mac adress network.wan.x.username string WAN interface username (pppoe) network.wan.x.password password WAN interface passworrd (pppoe) network.wan.x.service string WAN interface service name (pppoe) network.wan.x.ac string WAN interface access concentrator name (pppoe) network.wan.x.ipv6.mode network.wan.x.ipv6.adress network.wan.x.ipv6.prefix_length network.wan.x.mtu integer WAN interface max. transmission unit # DNS network.dns.status integer 0 = disabled, 1 = enabled DNS administrative status network.dns.domain hostname DNS domain name network.dns.server0 address DNS primary name server network.dns.server1 address DNS secondary name server # DNS Static Hosts network.dns.hosts.0.name hostname DNS static host hostname network.dns.hosts.0.address address DNS static host address # DHCP network.dhcp.x.mode integer 0 = disabled, 1 = server, 2 = relay DHCP operational mode network.dhcp.x.start address DHCP first lease address network.dhcp.x.end address DHCP last lease address network.dhcp.x.ttl integer DHCP lease duration network.dhcp.x.relay address DHCP primary relay address (relay) network.dhcp.x.relay2 address DHCP secondary relay address (relay) network.dhcp.x.perst integer 0 = disabled, 1 = enabled DHCP persistent leases network.dhcp.x.ignore integer 0 = disabled, 1 = enabled DHCP only allow static hosts network.dhcp.x.gateway address DHCP option gateway network.dhcp.x.agent string DHCP option agent identifier network.dhcp.x.dns0 address DHCP option primary DNS network.dhcp.x.dns1 address DHCP option secondary DNS network.dhcp.x.wins0 address DHCP option primary WINS network.dhcp.x.wins1 address DHCP option secondary WINS # DHCP Static Hosts network.dhcp.hosts.x.interface interface DHCP static host interface (e.g. lan0) network.dhcp.hosts.x.address address DHCP static host address network.dhcp.hosts.x.mac mac DHCP static host MAC address network.dhcp.hosts.x.port integer DHCP static host Ethernet port network.dhcp.hosts.x.name hostname DHCP static host name network.dhcp.x.options.y.key network.dhcp.x.options.y.value # NTP network.ntp.status integer 0 = disabled, 1 = enabled NTP administrative status network.ntp.server0 hostname NTP primary server network.ntp.server1 hostname NTP secondary server network.ntp.preferred integer network.ntp.ping integer 0 = disabled, 1 = enabled NTP ping check network.ntp.interval integer 64..4096 seconds NTP poll interval network.ntp.gpstime integer 0 = disabled, 1 = enabled NTP GNSS time sync network.ntp.stratum integer network.ntp.maxdistance network.ntp.access.x.address address NTP allowed hosts network network.ntp.access.x.netmask address NTP allowed hosts netmask # WAN links wanlink.0.mode integer 0 = disabled, 1 = permanent, WAN link operational mode 2 = on switchover, 3 = distributed wanlink.0.multipath integer 0 = disabled, 1 = enabled, 2 = backup WAN link Multipath-TCP mode wanlink.0.name string WAN link interface name wanlink.0.prio integer WAN link priority wanlink.0.weight integer 1..10 WAN link weight (distributed mode) wanlink.0.switchback integer 60..3600 seconds WAN link switchback interval (on switchover mode) wanlink.0.suspend integer 10..60 seconds WAN link suspend threshold wanlink.0.options enum random-address WAN link use random MAC for DHCP request wanlink.0.brdev interface WAN link bridge interface (e.g. lan0) wanlink.x.threshold.dial wanlink.0.passthru.interface interface WAN link IP-passthrough interface wanlink.0.passthru.network address WAN link IP-passthrough network wanlink.0.passthru.netmask address WAN link IP-passthrough netmask # QoS qos.status integer 0 = disabled, 1 = enabled QoS administrative status qos.interface.x.name string lan(a),wwan(b) QoS interface name qos.interface.x.cong enum fixed,auto QoS interface bandwith congestion mode qos.interface.x.type integer 0 = WAN, 1 = LAN QoS interface type qos.interface.x.uprate double 0 < upload < ... QoS interface upstream bandwidth qos.interface.x.downrate double 0 < downrate < ... QoS interface downstream bandwidth qos.interface.x.pingip.primary address standardIPv4 QoS interface primary ping address qos.interface.x.pingip.secondary address standardIPv4 QoS interface secondary ping address qos.queue.0.desc string default,high,low, nicht 0, QoS queue description regex: 0-9,A-Z,a-z,_,-,+,whitespace qos.queue.0.direction enum inbound,outbound QoS queue direction qos.queue.0.limit double at least 1/40 of BW in Mbit/s QoS queue bandwidth limit qos.queue.0.interface integer QoS queue interface index qos.queue.0.prio integer 1..10 QoS queue priority qos.queue.0.tos integer -1 = don not set, QoS queue TOS value 0 = normal-service, 2 = minimize-cost, 4 = maximize-reliability, 8 = maximize-throughput, 16 = minimize-delay qos.service.0.queue integer QoS service queue index qos.service.0.saddress address QoS service source address qos.service.0.snetmask address QoS service source netmask qos.service.0.sport port QoS service source port qos.service.0.daddress address QoS service destination address qos.service.0.dnetmask address QoS service destination netmask qos.service.0.dport port QoS service destination port qos.service.0.proto enum ANY,UDP,TCP QoS service protocol qos.service.0.tos integer -1 = unspecified, QoS service type of service 0 = normal-service, 2 = minimize-cost 4 = maximize-reliability, 8 = maximize-throughput, 16 = minimize-delay # Mobile IP mobileip.x.status integer 0 = disabled, 1 = enabled MIP administrative status mobileip.x.mode integer 0 = disabled, MIP operational mode 1 = mobile-node, 2 = home-agent # Mobile IP (mobile-node) mobileip.x.homeAgentAddress0 address MIP primary home agent address mobileip.x.homeAgentAddress1 address MIP secondary home agent network mobileip.x.homeAddress address MIP home address mobileip.x.spi string 8-digit hex string MIP SPI mobileip.x.sharedSecret password hex or ascii string MIP shared secret mobileip.x.sharedSecretEncoding enum hex,ascii MIP shared secret encoding mobileip.x.authenticationType enum prefix-suffix-md5,hmac-md5 MIP authentication type mobileip.x.lifeTime integer 30..6535 seconds MIP life time mobileip.x.mtu integer MIP interface max. transmission unit mobileip.x.udpEncapsulation integer 0 = disabled, 1 = enabled MIP UDP encapsulation mobileip.x.mobileNetworkAddress address MIP mobile network address mobileip.x.mobileNetworkMask address MIP mobile network netmask mobileip.registrationBaseTimeout integer MIP registration base timeout mobileip.registrationRetriesPerHomeAgent integer MIP registration retries per agent mobileip.connectivityLossRetryTimeout integer MIP connectivity loss retry timeout mobileip.maxTimestampDelta integer MIP max. timestamp delta mobileip.maxConsecutiveKeepaliveFailures integer MIP max. keepalive failures mobileip.minimalisticKeepalive integer MIP minimalistic keepalive # Mobile IP (home-agent) mobileip.x.homeNetworkAddress address MIP home network address mobileip.x.homeNetworkMask address MIP home network mask mobileip.x.node.y.spi integer 8-digit hex string MIP node SPI mobileip.x.node.y.sharedSecret password hex or ascii string MIP node shared secret mobileip.x.node.y.sharedSecretEncoding enum hex,ascii MIP node shared secret encoding mobileip.x.node.y.authenticationType enum prefix-suffix-md5,hmac-md5 MIP node authentication type # OpenVPN openvpn.status integer 0 = disabled, 1 = enabled OpenVPN administrative status openvpn.restartonlinkchange integer 0 = disabled, 1 = enabled OpenVPN restart on link change openvpn.mptcp.status integer 0 = disabled, 1 = enabled OpenVPN Multipath-TCP support openvpn.tunnel.x.mode integer 0 = disabled, OpenVPN tunnel operational mode 1 = client (standard), 2 = server (standard), 3 = client (expert), 4 = server (expert) openvpn.tunnel.x.peermode enum single,failover,random OpenVPN tunnel peer selection mode openvpn.tunnel.x.server host OpenVPN tunnel primary server openvpn.tunnel.x.port port OpenVPN tunnel primary server port openvpn.tunnel.x.server2 host OpenVPN tunnel secondary server openvpn.tunnel.x.port2 port OpenVPN tunnel secondary server port openvpn.tunnel.x.auth integer 0 = certificate-based, OpenVPN tunnel authentication 1 = credential-based, 2 = none, 3 = both openvpn.tunnel.x.type enum tun,tap OpenVPN tunnel interface type openvpn.tunnel.x.proto enum udp,tcp OpenVPN tunnel protocol openvpn.tunnel.x.comp integer 0 = disabled, 1 = enabled OpenVPN tunnel compression openvpn.tunnel.x.username string OpenVPN tunnel username openvpn.tunnel.x.password password OpenVPN tunnel password openvpn.tunnel.x.brdev interface OpenVPN tunnel bridge interface (e.g. lan0) openvpn.tunnel.x.cipher string = automatic, OpenVPN tunnel cipher algorithm none = none, AES-128-CBC, AES-128-CFB, AES-128-CFB1, AES-128-CFB8, AES-128-GCM, AES-128-OFB, AES-192-CBC, AES-192-CFB, AES-192-CFB1, AES-192-CFB8, AES-192-GCM, AES-192-OFB, AES-256-CBC, AES-256-CFB, AES-256-CFB1, AES-256-CFB8, AES-256-GCM, AES-256-OFB, ARIA-128-CBC, ARIA-128-CFB, ARIA-128-CFB1, ARIA-128-CFB8, ARIA-128-GCM, ARIA-128-OFB, ARIA-192-CBC, ARIA-192-CFB, ARIA-192-CFB1, ARIA-192-CFB8, ARIA-192-GCM, ARIA-192-OFB, ARIA-256-CBC, ARIA-256-CFB, ARIA-256-CFB1, ARIA-256-CFB8, ARIA-256-GCM, ARIA-256-OFB, CAMELLIA-128-CBC, CAMELLIA-128-CFB, CAMELLIA-128-CFB1, CAMELLIA-128-CFB8, CAMELLIA-128-OFB, CAMELLIA-192-CBC, CAMELLIA-192-CFB, CAMELLIA-192-CFB1, CAMELLIA-192-CFB8, CAMELLIA-192-OFB, CAMELLIA-256-CBC, CAMELLIA-256-CFB, CAMELLIA-256-CFB1, CAMELLIA-256-CFB8, CAMELLIA-256-OFB, SEED-CBC, SEED-CFB, SEED-OFB, SM4-CBC, SM4-CFB, SM4-OFB, BF-CBC, BF-CFB, BF-OFB, CAST5-CBC, CAST5-CFB, CAST5-OFB, DES-CBC, DES-CFB, DES-CFB1, DES-CFB8, DES-EDE-CBC, DES-EDE-CFB, DES-EDE-OFB, DES-EDE3-CBC, DES-EDE3-CFB, DES-EDE3-CFB1, DES-EDE3-CFB8, DES-EDE3-OFB, DES-OFB, DESX-CBC, IDEA-CBC, IDEA-CFB, IDEA-OFB, RC2-40-CBC, RC2-64-CBC, RC2-CBC, RC2-CFB, RC2-OFB openvpn.tunnel.x.digest string none, OpenVPN tunnel HMAC digest MD5, RSA-MD5, SHA1, RSA-SHA1, MDC2, RSA-MDC2, MD5-Sha1, RSA-SHA1-2, RIPEMD160, RSA-RIPEMD160, MD4, RSA-MD4, ecdsa-with-SHA1, RSA-SHA256, RSA-SHA384, RSA-SHA512, RSA-SHA224, SHA256, SHA384, SHA512, SHA224, whirlpool, BLAKE2B512, BLAKE2S256, SHA512-224, SHA512-256, SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHAKE128, SHAKE256, ID-RSASSA-PKCS1-V1_5-WITH-SHA3-244, ID-RSASSA-PKCS1-V1_5-WITH-SHA3-256, ID-RSASSA-PKCS1-V1_5-WITH-SHA3-384, ID-RSASSA-PKCS1-V1_5-WITH-SHA3-512, SM3, RSA-SM3, RSA-SHA512/224, RSA-SHA512/256 openvpn.tunnel.x.keepalive integer 0 = disabled, 1 = enabled OpenVPN tunnel keepalive status openvpn.tunnel.x.redirgw integer 0 = disabled, 1 = enabled OpenVPN tunnel redirect gateway status openvpn.tunnel.x.negdns integer 0 = disabled, 1 = enabled OpenVPN tunnel negotiate DNS status openvpn.tunnel.x.usecrl integer 0 = disabled, 1 = enabled OpenVPN tunnel use CRL to verify certificates openvpn.tunnel.x.fragment integer OpenVPN tunnel max. fragment size for UDP datagrams openvpn.tunnel.x.mtu integer OpenVPN tunnel max. transmission unit openvpn.tunnel.x.duplicates enum allow,disconnect OpenVPN tunnel duplicates handling openvpn.tunnel.x.serverpushed integer #OpenVPN routes openvpn.server.network.address address OpenVPN server transport network openvpn.server.network.netmask address OpenVPN server transport netmask openvpn.server.route.allclients integer 0 = disabled, 1 = enabled OpenVPN server routing between clients openvpn.server.route.x.network address OpenVPN server network address openvpn.server.route.x.netmask address OpenVPN server network netmask openvpn.server.client.x.status integer 0 = disabled, 1 = enabled OpenVPN client administrative status openvpn.server.client.x.desc string OpenVPN client description openvpn.server.client.x.address address OpenVPN client address openvpn.server.client.network.x.client integer OpenVPN client network client index openvpn.server.client.network.x.network address OpenVPN client network address openvpn.server.client.network.x.netmask address OpenVPN client network netmask # IPsec ipsec.status integer 0 = disabled, 1 = enabled IPsec administrative status ipsec.ike.nattraversal integer 0 = disabled, 1 = enabled IPsec propose NAT traversal ipsec.makebeforebreak integer 0 = disable, 1 = enable IPsec Reauthentication method ipsec.restartonlinkchange integer 0 = disabled, 1 = enabled IPsec restart on link change ipsec.0.status integer 0 = disabled, 1 = enabled ipsec.0.crlfetcher.enable integer 0 = disable, 1 = enable IPsec config mode ipsec.0.local.ip address IPsec tunnel local ipsec.x.remote.serverIp host IPsec tunnel remote peer address ipsec.x.mode enum tunnel,transport IPsec tunnel encapsulation mode ipsec.x.ike.auth enum psk = pre-shared key, IPsec tunnel authentication type pki = public key infrastructure, xauth = extended authentication ipsec.x.ike.psk password IPsec tunnel pre-shared key ipsec.x.ike.keyexchange enum ikev1,ikev2 IPsec tunnel key exchange ipsec.x.ike.username string regex: a-z, A-Z, 0-9, -,_,+ IPsec tunnel user name ipsec.x.ike.userpass password Passwd IPsec tunnel user password ipsec.x.ike.groupname string regex: a-z, A-Z, 0-9, -,_,+ IPsec tunnel group name ipsec.x.ike.grouppass password Passwd IPsec tunnel group password ipsec.x.ike.mode enum aggressive,identity-protection IPsec tunnel IKE negotiation mode ipsec.x.ike.encryption enum 3des, IPsec tunnel IKE encryption algorithm aes128, aes192, selected>aes256, blowfish128, blowfish192, blowfish256, aescmac, aes128ctr, aes192ctr, aes256ctr, aes128gcm12, aes192gcm12, aes256gcm12, aes128gcm16, aes192gcm16, aes256gcm16, aes128gcm64, aes192gcm64, aes256gcm64, aes128gcm96, aes192gcm96, aes256gcm96, aes128gcm128, aes192gcm128, aes256gcm128, ipsec.x.ike.hash enum md5,sha1,sha256,sha384,sha512,aesxcbc IPsec tunnel IKE authentication algorithm ipsec.x.ike.dh enum modp1024, IPsec tunnel IKE Diffie-Hellman group modp1536, modp2048, modp3072, modp4096, modp6144, modp8192, ecp256, ecp384, ecp521, modp2048s256, ecp256bp, ecp384bp, ecp512bp, ipsec.x.ike.localId string localIPtype=IP: IP format IPsec tunnel IKE local ID type localIPtype=USER_FQDN: user@fqdn format localIPtype=else : passwd format ipsec.x.ike.localIdType enum IP,FQDN,USER_FQDN IPsec tunnel IKE local ID ipsec.x.ike.remoteId string remoteIPtype=IP: IP format IPsec tunnel IKE remote ID type remoteIPtype=USER_FQDN: user@fqdn format remoteIPtype=else : passwd format ipsec.x.ike.remoteIdType enum IP,FQDN,USER_FQDN IPsec tunnel IKE remote ID ipsec.x.ike.lifetime integer 60..172800 seconds IPsec tunnel IKE lifetime ipsec.x.ike.prf enum md5,sha1,sha256,sha384,sha512, IPsec tunnel IKE pseudo-random function aesxcbc,aescmac ipsec.x.esp.encryption enum 3des, IPsec tunnel ESP encryption aes128, aes192, aes256, blowfish128, blowfish192, blowfish256, aescmac, aes128ctr, aes192ctr, aes256ctr, aes128gcm12, aes192gcm12, aes256gcm12, aes128gcm16, aes192gcm16, aes256gcm16, aes128gcm64, aes192gcm64, aes256gcm64, aes128gcm96, aes192gcm96, aes256gcm96, aes128gcm128, aes192gcm128, aes256gcm128, ipsec.x.esp.hash enum md5,sha1,sha256,sha384,sha512,aesxcbc IPsec tunnel ESP autentication algorithm ipsec.x.esp.lifetime enum 60..57600 seconds IPsec tunnel ESP lifetime ipsec.x.esp.pfs integer 0 = disabled, 1 = enabled IPsec tunnel PFS status ipsec.x.esp.pfsgroup enum = use from phase1, IPsec tunnel PFS group modp1024, modp1536, modp2048, modp3072, modp4096, modp6144, modp8192, modp1024s160, modp2048s224, modp2048s256, ecp192, ecp224, ecp256, ecp384, ecp521, ecp224bp, ecp256bp, ecp384bp, ecp512bp ipsec.x.esp.forceencaps integer 0 = disabled, 1 = enabled IPsec tunnel force encapsulation ipsec.x.dpd.status integer 0 = disabled, 1 = enabled IPsec tunnel DPD status ipsec.x.dpd.cycle integer 1..60 seconds IPsec tunnel DPD detection cycle ipsec.x.dpd.failure integer 1..20 times IPsec tunnel DPD failure threshold ipsec.x.dpd.action enum hold,restart,clear IPsec tunnel DPD action ipsec.x.local.y.lanAddress address IPsec tunnel network local address ipsec.x.local.y.lanMask address IPsec tunnel network local netmask ipsec.x.local.y.natAddress address IPsec tunnel network local NAT address ipsec.x.remote.y.lanAddress address IPsec tunnel network remote address ipsec.x.remote.y.lanMask address IPsec tunnel network remote netmask ipsec.server.client.x.status integer 0 = disabled, 1 = enabled IPsec server client administrative status ipsec.server.client.x.desc string IPsec server client description # GRE gre.status integer 0 = disabled, 1 = enabled GRE administrative status gre.tunnel.x.mode integer 0 = disabled, 1 = enabled GRE tunnel administrative status gre.tunnel.x.type enum tun,tap GRE tunnel interface type gre.tunnel.x.peer address GRE tunnel peer address gre.tunnel.x.local.address address GRE tunnel local address gre.tunnel.x.local.netmask address GRE tunnel local netmask gre.tunnel.x.remote.network address GRE tunnel remote network address gre.tunnel.x.remote.netmask address GRE tunnel remote network netmask gre.tunnel.x.brdev interface GRE tunnel bridge interface (e.g. lan0) gre.tunnel.x.key integer range 0...2147483647 GRE tunnel key # PPTP pptp.status integer 0 = disabled, 1 = enabled PPTP administrative status pptp.server.listen address PTPP server listen address pptp.server.address address PPTP server address pptp.server.start address PPTP server first client address pptp.server.end address PPTP server last client address pptp.server.client.x.username string not allowed &,"",$,'' PPTP server client username pptp.server.client.x.password password not allowed &,"",$,'' PPTP server client password username and password must not contain apostrophes and double apostrophes (also not empty) pptp.server.client.x.address address PPTP server client address pptp.tunnel.x.mode integer 0 = disabled, 1 = client, 2 = server PPTP tunnel operational mode pptp.tunnel.x.address address PPTP tunnel server address pptp.tunnel.x.username string tunnel.x.mode=1: client username PPTP tunnel username tunnel.x.mode=2: no username pptp.tunnel.x.password password tunnel.x.mode=1: client password PPTP tunnel password tunnel.x.mode=2: no password #VLAN vxlan.x.status vxlan.x.id vxlan.x.remote vxlan.x.dport vxlan.x.local vxlan.x.brdev #L2TP l2tp.tunnel.x.status integer disabled = 0, enabled = 1 l2tp.tunnel.x.encap protocol IP, UDP Transport Protocol l2tp.tunnel.x.local.local.address address IP im Standardformat l2tp.tunnel.x.local.local.tunid integer 0...4294967295 l2tp.tunnel.x.local.local.sessionid integer 0...4294967295 l2tp.tunnel.x.local.udp_port integer 1...65535 l2tp.tunnel.x.local.cookie hex länge nicht 0,8,16 l2tp.tunnel.x.remote.address address IP im Standardformat l2tp.tunnel.x.remote.tunid integer 0...4294967295 l2tp.tunnel.x.remote.sessionid integer 0...4294967295 l2tp.tunnel.x.remote.udp_port integer 1...65535 l2tp.tunnel.x.remote.cookie hex länge nicht 0,8,16 l2tp.tunnel.x.brdev enum LANx,LANx-y l2tp.tunnel.x.mtu integer 1...9000 # Dial-In dialin.status integer 0 = disabled, 1 = enabled Dial-In administrative status dialin.device interface Dial-In modem (e.g. wwan0) dialin.address.start address Dial-In address range start dialin.address.size integer Dial-In address range size # Firewall firewall.status integer 0 = disabled, 1 = enabled Firewall administrative status firewall.group.x.desc string Firewall group description firewall.group.x.addr.y.address address Firewall group address firewall.group.x.addr.y.netmask address Firewall group netmask firewall.group.x.port.y.port port Firewall group port firewall.rule.x.mode integer 0 = disabled, 1 = deny, 2 = allow Firewall rule mode firewall.rule.x.log integer 0 = disabled, 1 = enabled Firewall rule logging firewall.rule.x.desc string Firewall rule description firewall.rule.x.interface interface Firewall rule incoming interface firewall.rule.x.source address Firewall rule source address firewall.rule.x.netmask address Firewall rule source netmask firewall.rule.x.protocol integer 0 = ANY, 1 = UDP, 2 = TCP, 3 = ICMP, Firewall rule protocol 4 = ESP, 5 = GRE, 6 = OSPF firewall.rule.x.startPort port Firewall rule first port firewall.rule.x.endPort port Firewall rule last port firewall.rule.x.tinterface interface Firewall rule outgoing interface firewall.rule.x.target address Firewall rule destination address firewall.rule.x.tnetmask address Firewall rule destination netmask firewall.rule.x.mac mac Firewall rule source MAC address # NAPT napt.x.interface interface NAPT masquerading interface napt.x.intHost address NAPT masquerading source address napt.x.intMask address NAPT masquerading source netmask napt.conntrack.udp.timeout integer napt.conntrack.udp.streamtimeout integer # NAPT Inbound Rule napt.rule.x.status integer 0 = disabled, 1 = enabled NAPT rule administrative status napt.rule.x.desc string NAPT rule description napt.rule.x.direction enum IN NAPT rule direction (inbound) napt.rule.x.extHost address NAPT rule target address napt.rule.x.extMask address NAPT rule target netmask napt.rule.x.extInterface interface NAPT rule incoming interface napt.rule.x.extPort.start port NAPT rule first port napt.rule.x.extPort.end port NAPT rule last port napt.rule.x.protocol integer 0 = ANY, 1 = UDP, 2 = TCP, NAPT rule protocol x 3 = ESP, 4 = GRE napt.rule.x.remNetwork address NAPT rule source address napt.rule.x.remNetmask address NAPT rule source netmask napt.rule.x.intHost address NAPT rule redirect address napt.rule.x.intMask address NAPT rule redirect netmask napt.rule.x.intPort port NAPT rule redirect port napt.rule.x.srcPort.start napt.rule.x.srcPort.end napt.rule.x.dstPort.start napt.rule.x.dstPort.end # NAPT Outbound Rule napt.rule.y.status integer 0 = disabled, 1 = enabled NAPT rule administrative status napt.rule.y.desc string NAPT rule description napt.rule.y.direction enum OUT NAPT rule direction (outbound) napt.rule.y.extHost address NAPT rule source address napt.rule.y.extMask address NAPT rule source netmask napt.rule.y.extInterface interface NAPT rule outgoing interface napt.rule.y.extPort.start port NAPT rule first port napt.rule.y.extPort.end port NAPT rule last port napt.rule.y.protocol integer 0 = ANY, 1 = UDP, 2 = TCP, NAPT rule protocol 3 = ESP, 4 = GRE napt.rule.y.remNetwork address NAPT rule target address napt.rule.y.remNetmask address NAPT rule target netmask napt.rule.y.intHost address NAPT rule rewrite address napt.rule.y.intMask address NAPT rule rewrite netmask napt.rule.y.intPort port NAPT rule rewrite port # DynDNS ddns.status integer 0 = disabled, 1 = enabled DynDNS administrative status ddns.service.x.provider enum dyndns.org, DynDNS service provider changeip.com, duckdns.org, no-ip.com, zoneedit.com, afraid.org, selfhost.de, easydns.com, namecheap.com, 3322.org, ovh.com, dnsexit.com, dnsdynamic.org, dnsomatic.com, he.net, dnsmax.com, gnudip, rfc2136, router, custom ddns.service.x.source enum wan = derive from hotlink, DynDNS service dynamic address ifc = use outgoing interface address, auto = query CheckIP service ddns.service.x.address address DynDNS service NM server address ddns.service.x.port port DynDNS service NM server port ddns.service.x.hostname hostname DynDNS service hostname ddns.service.x.username string DynDNS service username ddns.service.x.password password DynDNS service password ddns.service.x.proto enum http,https DynDNS service protocol ddns.service.x.url string DynDNS service custom URL ddns.service.x.keyname string DynDNS service rfc2136 TSIG key name ddns.service.x.key password DynDNS service rfc2135 TSIK key ddns.server.status integer 0 = disabled, 1 = enabled DynDNS server administrative status # WAN Supervision surveyor.ping.status integer 0 = disabled, 1 = enabled Supervision administrative status surveyor.ping.x.wanlink string Supervision WAN link name surveyor.ping.x.mode integer 1 = also validate when link comes up, Supervision ping mode 2 = only validate if link is up surveyor.ping.x.primary address Supervision primary ping address surveyor.ping.x.secondary address Supervision secondary ping address surveyor.ping.x.interval integer 3..3600 seconds Supervision ping interval surveyor.ping.x.retry integer 3..3600 seconds Supervision retry ping interval (if failed) surveyor.ping.x.timeout integer 500.30000 seconds Supervision ping timeout surveyor.ping.x.maxfailures integer 3..20 times Supervision max. number of failures surveyor.ping.x.maxdowntime integer 3..60 minutes Supervision max. downtime surveyor.ping.x.action enum restart,reboot Supervision action # GNSS Supervision surveyor.gnss.status integer 0 = disabled, 1 = enabled Supervision administrative status surveyor.gnss.mode integer 0 = disabled, Supervision operational mode 1 = validate NMEA stream, 2 = validate GPS fix surveyor.gnss.maxdowntime integer 3..3600 seconds Supervision max. downtime surveyor.gnss.action enum restart,reset Supervision action surveyor.gnss.maxflaps integer 1..100 times Supervision max. number of flaps per 5min # Ignition supervision surveyor.ignition.status integer 0 = disabled, 1 = enabled Supervision administrative status surveyor.ignition.hold integer 0..3600 seconds Supervision ignition hold time surveyor.ignition.shutdown integer # Voice voice.status integer 0 = disabled, 1 = enabled Voice administrative status voice.routing enum generic,sdk Voice call routing mechanism voice.sip.status integer 0 = disabled, 1 = enabled Voice SIP adminstrative status voice.sip.interface interface Voice SIP interface voice.sip.port port Voice SIP port voice.sip.expires integer 60..3600 seconds Voice SIP registration expiry time voice.fxs.status integer voice.fxs.pass voice.endpoint.x.type enum vom = Voice-over-Mobile, Voice endpoint type sip = SIP (registrar), directsip = SIP (direct), useragentsip = SIP (user-agent), aud = Audio, nil = Nil-Device voice.endpoint.x.desc string Voice endpoint description voice.endpoint.x.device interface Voice endpoint modem (e.g. wwan0) voice.endpoint.x.profile enum handset,headset,speakerphone, Voice endpoint audio profile x bluetooth,carkit voice.endpoint.x.volume integer 0..9 Voice endpoint volume level voice.endpoint.x.host address Voice endpoint SIP host voice.endpoint.x.port port Voice endpoint SIP port voice.endpoint.x.domain string Voice endpoint SIP domain voice.endpoint.x.subscriber string Voice endpoint SIP subscriber voice.endpoint.x.username string Voice endpoint SIP username voice.endpoint.x.password password Voice endpoint SIP password voice.endpoint.x.options enum auto-accept Voice endpoint options voice.endpoint.x.register.enabled integer 0 = disabled, 1 = enabled Voice endpoint SIP registration enabled voice.endpoint.x.register.subscriber string Voice endpoint SIP registration subscriber voice.endpoint.x.register.expires integer 60..3600 seconds Voice endpoint SIP registration expiry time voice.route.x.mode integer 0 = DROP, 1 = ROUTE Voice route operational mode voice.route.x.source phone-number Voice route calling number voice.route.x.dest phone-number Voice route called number # SNMP snmp.status integer 0 = disabled, 1 = enabled SNMP administrative status snmp.mode integer 0 = all, 1 = v3-only SNMP operational mode snmp.engine.id hex 12 < id(Zeichen) < 64 SNMP engineID snmp.port port between 1 and 65535 SNMP listening port snmp.community string SNMP v1/v2c read community snmp.contact string SNMP contact info snmp.location string SNMP location info snmp.auth enum MD5,SHA SNMP v3 authentication snmp.enc enum DES,AES SNMP v3 encryption snmp.admin.community string SNMP v1/v2c admin community snmp.admin.host address SNMP v1/v2c admin allowed host # LwM2M lwm2m.status integer 0 = disabled, 1 = enabled LwM2M administrative status lwm2m.agent.x.server address LwM2M agent server address lwm2m.agent.x.bootstrap integer 0 = disabled, 1 = enabled LwM2M agent bootstrap status lwm2m.agent.x.security enum none,psk,cert LwM2M agent security lwm2m.agent.x.id string LwM2M agent identification lwm2m.agent.x.key password LwM2M agent passphrase lwm2m.endpoint lwm2m.agent.x.lifetime integer #ITxPT itxpt.status itxpt.network.interface itxpt.fmstoip.enabled itxpt.fmstoip.period itxpt.fmstoip.can.interface itxpt.fmstoip.can.db.extensions itxpt.fmstoip.can.db.dl.path itxpt.fmstoip.can.db.dl.selection itxpt.fmstoip.can.db.manufacturer.file itxpt.fmstoip.can.db.manufacturer.selected itxpt.gnss.enabled itxpt.vtoip.enabled itxpt.time.enabled itxpt.mqtt.enabled # GNSS gpsd.x.status integer 0 = disabled, 1 = enabled GNSS administrative status gpsd.x.mode enum standalone,ms-based,ms-assisted GNSS operational mode gpsd.x.atype enum active,passive GNSS antenna type gpsd.x.interval integer 1..60 seconds GNSS fix frame interval gpsd.x.accuracy integer 5..1000 meter GNSS accuracy gpsd.x.supl string : GNSS SUPL server gpsd.x.apn string GNSS SUPL APN gpsd.x.port port GNSS server port gpsd.x.cmode integer 0 = on request, GNSS server client start mode 1 = raw, 2 = super-raw, 3 = json gpsd.x.allowed string
/ GNSS server allowed client hosts gpsd.x.maxdist integer 0 = off, GNSS max. linear distance between fixes 1..10000 meter gpsd.x.ftimeout integer 0 = off, GNSS max. frame timeout 1..300 seconds gpsd.x.modifynmea integer gpsd.x.dr.eabled integer gpsd.x.cfg.yaw gpsd.x.cfg.pitch gpsd.x.cfg.roll gspd.x.cfg.vrp2antenna.a gspd.x.cfg.vrp2antenna.b gspd.x.cfg.vrp2antenna.c gpsd.x.cfg.vrp2imu.a gpsd.x.cfg.vrp2imu.b gpsd.x.cfg.vrp2imu.c gpsd.x.assisturl0 gpsd.x.assisturl1 gpsd.x.dr.ignition integer # DIO dio.out1 enum on,off DIO OUT1 default state dio.out2 enum on,off DIO OUT2 default state # Administration admin.password password Administrator password admin.store_pw integer admin.hash admin.bootpass password Bootloader password admin.shell enum cli,sh Administrator shell admincliphp integer admin.access integer 0 = ignore, Authentication method 1 = authentication required, 2 = secure authentication required, 3 = secure authentication preferred admin.debug integer 0 = disabled, 1 = enabled Enabled GUI debugging admin.area enum stationary,mobe Application area # Logging syslog.storage enum root,flash,extended Syslog storage syslog.redirect address Syslog redirect address syslog.filesize integer 1024.. kB Syslog max. file size # LEDs led.mode integer 0 = right/top, LED banks to be displayed 1 = left/bottom, 2 = both (toggle mode) led.x.left led.x.right # reboot reboot.delay integer 3..300 seconds Reboot delay # Users user.x.name string User name user.x.role enum user,admin User role user.x.password password User password user.x.store_pw integer user.x.hash user.x.desc string User description user.x.shell enum cli,sh User shell user.x.cliphap integer # Remote Authentication radius.status integer 0 = disabled, 1 = enabled RADIUS administrative status radius.mode integer 0 = do not use for login, RADIUS operational mode 1 = use for login radius.server address RADIUS server address radius.server2 radius.secret password RADIUS server secret radius.secret2 radius.authport port RADIUS server authentication port radius.authport2 radius.acctport port RADIUS server accounting port radius.acctport2 # SMS daemon smsd.status integer 0 = disabled, 1 = enabled SMSD adminstrative status smsd.report integer 0 = disabled, 1 = enabled SMSD request delivery report smsd.x.burst smsd.x.device interface SMSD SIM device (e.g. sim0) smsd.x.gateway string = use from SIM SMSD gateway smsd.rule.outgoing.x.number phone-number SMS route phone number smsd.rule.outgoing.x.mode integer 0 = DROP, 1 = FORWARD SMS route mode smsd.rule.outgoing.x.device interface SMS route destination device (e.g. sim0) smsd.rule.incoming.x.number phone-number SMS filter phone number smsd.rule.incoming.x.mode integer 0 = DROP, 1 = ALLOW SMS filter mode smsd.rule.incoming.x.device interface SMS filter incoming device (e.g. sim0) # E-Mail email.sending.status integer 0 = disabled, 1 = enabled E-Mail administrative status email.sending.smtp.host host E-Mail server address email.sending.smtp.port port E-Mail server port email.sending.smtp.from e-mail E-Mail from address email.sending.smtp.authentication enum automatic,cram-md5,login,none E-Mail authentication email.sending.smtp.username string E-Mail username email.sending.smtp.password password E-Mail password email.sending.smtp.encryption enum none,tls E-Mail encryption # Events event.recipient.x.status integer 0 = disabled, 1 = enabled Event recipient administrative state event.recipient.x.desc string Event recipient description event.recipient.x.mail e-mail Event recipient E-Mail event.recipient.x.number phone-number Event recipient phone number event.recipient.x.trap.host host Event recipient trap host event.recipient.x.trap.port port Event recipient trap port event.recipient.x.trap.username string Event recipient trap username event.recipient.x.trap.password password Event recipient trap password event.recipient.x.trap.auth enum MD5,SHA Event recipient trap authentication event.recipient.x.trap.enc enum DES,AES Event recipient trap encryption event.recipient.x.trap.engine string Event recipient trap engine ID event.recipient.x.match string comma-separated list of Event recipient matching events wan-up, wan-down, dio-in1-on, dio-in2-on, dio-in1-off, dio-in2-off, dio-out1-on, dio-out2-on, dio-out1-off, dio-out2-off, gps-up, gps-down, openvpn-up, openvpn-down, ipsec-up, ipsec-down, gre-up, gre-down, dialin-up, dialin-down, mobileip-up, mobileip-down, pptp-up, pptp-down, system-login-failed, system-login-succeeded, system-logout, system-rebooting, system-poweroff, system-startup, sdk-startup, system-error, system-no-error, sms-sent, sms-notsent, sms-received, sms-report-received, call-incoming, call-outgoing, ddns-update-succeeded, ddns-update-failed, usb-storage-added, usb-storage-removed, usb-eth-added, usb-eth-removed, usb-serial-added, usb-serial-removed, system-time-updated, redundancy-master, redundancy-backup, test # Static Routes route.0.interface interface Route interface route.0.target address Route target address route.0.netmask address Route target network route.0.gateway address Route target gateway route.0.metric integer Route metric # OSPF ospf.status integer 0 = disabled, 1 = enabled OSPF administrative status ospf.redist.connected integer 0 = disabled, 1 = enabled OSPF redistribute connected routes ospf.redist.kernel integer 0 = disabled, 1 = enabled OSPF redistribute local routes ospf.redist.bgp integer 0 = disabled, 1 = enabled OSPF redistribute BGP routes ospf.redist.default integer 0 = disabled, 1 = enabled OSPF redistribute default route ospf.vrrpmasteronly integer 1 = disabled, 0 = enabled OSPF disable when redundancy backup ospf.interface.x.name interface OSPF interface name ospf.interface.x.auth integer 0 = none, 1 = password, 2 = hmac-md5 OSPF interface authentication ospf.interface.x.keyid string OSPF interface key ID ospf.interface.x.key password OSPF interface key ospf.interface.x.cost integer OSPF interface cost ospf.interface.x.passive integer 0 = not passive, 1 = passive OSPF interface passive ospf.router.id ospf.network.x.prefix address OSPF network prefix address ospf.network.x.prefixlength integer OSPF network prefix length ospf.network.x.area integer 0..65535 OSPF network area # BGP bgp.status integer 0 = disabled, 1 = enabled BGP administrative status bgp.router.id bgp.as interface BGP AS number bgp.redist.connected integer 0 = disabled, 1 = enabled BGP redistribute connected routes bgp.redist.kernel integer 0 = disabled, 1 = enabled BGP redistribute local routes bgp.redist.ospf integer 0 = disabled, 1 = enabled BGP redistribute OSPF routes bgp.vrrpmasteronly integer 1 = disabled, 0 = enabled BGP disable when redundancy backup bgp.keepalive integer bgp.holddown integer bgp.neighbor.x.addr address BGP neighbor address bgp.neighbor.x.as integer BGP neighbor AS number bgp.neighbor.x.weight bgp.neighbor.x.password password BGP neighbor password bgp.neighbor.x.multihop integer 0 = disabled, 1 = enabled BGP neighbor multihop bgp.neighbor.x.extended_nexthop bgp.neighbor.x.address_family bgp.network.0.prefix address BGP network prefix address bgp.network.0.prefixlength integer BGP network prefix length # Extended Routes eroute.x.source address ExtRoute source address eroute.x.snetmask address ExtRoute source netmask eroute.x.target address ExtRoute destination address eroute.x.tnetmask address ExtRoute destination netmask eroute.x.proto integer 0 = ANY, 1 = UDP, 2 = TCP ExtRoute protocol eroute.x.sport.start port ExtRoute first source port eroute.x.sport.end port ExtRoute last source port eroute.x.tport.start port ExtRoute first destination port eroute.x.tport.end port ExtRoute last destination port eroute.x.tos integer -1 = any, ExtRoute type of service 0 = normal-service, 2 = minimize-cost, 4 = maximize-reliability, 8 = maximize-throughput, 16 = minimize-delay eroute.x.iif interface ExtRoute incoming interface eroute.x.gateway address ExtRoute target gateway eroute.x.oif interface ExtRoute target interface eroute.x.force integer 0 = disabled, 1 = enabled ExtRoute discard if down # Multipath Routes mroute.x.target address MultipathRoute target network mroute.x.netmask address MultipathRoute target netmask mroute.x.interface.y.name interface MultipathRoute interface name mroute.x.interface.y.weight integer 0..10 MultipathRoute weight mroute.x.interface.y.nexthop address MultipathRoute gateway # SSH Server ssh.status integer 0 = disabled, 1 = enabled SSH server administrative status ssh.port port SSH server port ssh.pwlogin integer 0 = disabled, 1 = enabled SSH password login ssh.rootlogin integer 0 = disabled, 1 = enabled SSH root login # Telnet Server telnet.status integer 0 = disabled, 1 = enabled Telnet server administrative status telnet.port port Telnet server port # MQTT Broker mqtt.status integer mqtt.port integer mqtt.tls integer # Web Server http.status integer 0 = disabled, 1 = enabled Web server administrative status http.port port Web server port https.status integer 0 = disabled, 1 = enabled Web server HTTPS administrative status https.port port Web server HTTPS port https.security integer 0 = none = Windows XP IE6, Java 6 Web server HTTPS security 1 = old = Firefox 1, Chrome 1, IE 7, ... 2 = modern = Firefox 27, Chrome 30, IE 11 on Windows 7, ... cliphp.status integer 0 = disabled, 1 = enabled CLI-PHP administrative status # Serial Server serial.x.status integer 0 = disabled, 1 = enabled Serial port administrative state serial.server.x.baudrate enum 300,1200,2400,4800,9600,19200, Serial server port baudrate 38400,57600,115200 serial.server.x.parity enum NONE,ODD,EVEN Serial server parity serial.server.x.stopbits enum 1,2 Serial server stop bits serial.server.x.databits enum 7,8 Serial server data bits serial.server.x.xonxoff enum 0 = none, 1 = XON/XOFF Serial server software flow control serial.server.x.rtscts enum 0 = none, 1 = RTS/CTS Serial server hardware flow control serial.server.x.physproto enum RS232,RS485,IBIS Serial server physical protocol serial.server.x.protocol enum raw,telnet Serial server protocol on IP port serial.server.x.termination integer serial.server.x.port port Serial server port serial.server.x.timeout integer 0 = endless, Serial server timeout 1..600 seconds serial.server.x.remctl integer 0 = disabled, 1 = enabled Serial server RFC 2217 remote control serial.server.x.allowed string
/ Serial server allowed hosts serial.server.x.banner integer 0 = disabled, 1 = enabled Serial serer show banner serial.server.x.modem interface Serial modem bridge device (e.g. wwan0) serial.server.x.phonebook.y.number serial.server.x.phonebook.y.ip serial.server.x.phonebook.y.port # Audio audio.x.volume integer 0..9 Audio default volume level # Maintenance manual.swupdate.url url Manual software update URL auto.swupdate.status integer 0 = disabled, 1 = enabled Automatic software update administrative status auto.swupdate.time string : Automatic software update time of day auto.swupdate.url url Automatic software update URL auto.cfupdate.status integer 0 = disabled, 1 = enabled Automatic config update administrative status auto.cfupdate.time string : Automatic config update time of day auto.cfupdate.url url Automatic config update URL auto.reboot.status integer 0 = disabled, 1 = enabled Automatic reboot administrative status auto.reboot.time string : Automatic reboot time of day # VRRP vrrpd.status integer 0 = disabled, 1 = enabled VRRP administrative status vrrpd.id integer VRRP ID vrrpd.prio enum 100 = master, 1 = backup VRRP role vrrpd.interface interface VRRP interface (e.g. lan0) vrrpd.address address VRRP virtual gateway address # Discovery lldpd.status integer 0 = disabled, 1 = enabled Discovery administrative status lldpd.proto string comma-separated list of Discovery protocols lldp, cdp, sonmp, edp, fdp, irdp vrrpd.x.status vrrpd.x.id vrrpd.x.prio vrrpd.x.interface vrrpd.x.address # IGMP Proxy igmpproxy.status integer 0 = disabled, 1 = enabled IGMP proxy administrative status igmpproxy.interface interface IGMP proxy incoming interface igmpproxy.downstream string all = all LAN interfaces IGMP proxy downstream interfaces or comma-separated list of interfaces igmpproxy.sender.x.network address IGMP proxy sender address igmpproxy.sender.x.netmask address IGMP proxy sender network # Static Multicast Routing smcroute.status integer 0 = disabled, 1 = enabled Static multicast administrative status smcroute.x.group address Static multicast group address smcroute.x.source address Static multicast source address smcroute.x.from interface Static multicast incoming interface smcroute.x.to interface Static multicast outgoing interface # Softflow softflow.x.status = softflow.x.interface = softflow.x.host softflow.x.port softflow.x.version softflow.x.maxflow softflow.x.tracklevel softflow.x.samplerate # ARP arp.x.interface interface ARP interface arp.x.host address ARP host address arp.x.address mac ARP MAC address # Arpwatch arpwatch.status integer 0 = disabled, 1 = enabled Arpwatch administrative status arpwatch.x.interface interface Arpwatch interface # FTP Daemon ftpd.status integer 0 = disabled, 1 = enabled FTP server administrative status # TFTP Daemon tftpd.status integer 0 = disabled, 1 = enabled TFTP server administrative status tftpd.directory string TFTP server directory # SDK sdk.status integer 0 = disabled, 1 = enabled SDK administrative status sdk.storage enum root,flash,extended,usb0 SDK storage sdk.size integer 3..14 MB SDK max. size sdk.sched enum low,normal,high SDK scheduling priority sdk.watchdog integer 0 = disabled, 1 = enabled SDK watchdog script monitoring sdk.maxvsz integer sdk.trigger.x.name string a-z,A-Z,0-9,-,_,. erlaubt SDK trigger name sdk.trigger.x.timecond enum hourly,daily,weekly,monthly,yearly, SDK trigger time condition workdays,weekend,periodically sdk.trigger.x.timespec string SDK trigger timespec sdk.trigger.x.event enum wan-up, SDK trigger event wan-down, dio-in1-on, dio-in2-on, dio-in1-off, dio-in2-off, dio-out1-on, dio-out2-on, dio-out1-off, dio-out2-off, gps-up, gps-down, openvpn-up, openvpn-down, ipsec-up, ipsec-down, gre-up, gre-down, dialin-up, dialin-down, mobileip-up, mobileip-down, pptp-up, pptp-down, system-login-failed, system-login-succeeded, system-logout, system-rebooting, system-poweroff, system-startup, sdk-startup, system-error, system-no-error, sms-sent, sms-notsent, sms-received, sms-report-received, call-incoming, call-outgoing, ddns-update-succeeded, ddns-update-failed, usb-storage-added, usb-storage-removed, usb-eth-added, usb-eth-removed, usb-serial-added, usb-serial-removed, system-time-updated, redundancy-master, redundancy-backup, test sdk.script.0.name string a-z,A-Z,0-9,-,_,. erlaubt SDK script name sdk.script.0.desc string A-Z,a-z,0-9,-,_,+,whitespace SDK script description sdk.script.0.args string colon-separated list of arguments SDK script arguments sdk.job.0.name string a-z,A-Z,0-9,-,_,. erlaubt SDK job name sdk.job.0.trigger integer nicht leer SDK job trigger index sdk.job.0.script integer nicht leer SDK job script index sdk.job.0.args string colon-separated list of arguments SDK job arguments regex für args:a-z, A-Z, 0-9,whitespace,/,:,.,-,@,+,"",'',\ erlaubt # Virtualization virt.status integer 0 = disabled, 1 = enabled Virtualization administrative status virt.guest.x.status integer 0 = disabled, 1 = enabled Virtual guest administrative status virt.guest.x.desc string Virtual guest description virt.guest.x.type enum lxc Virtual guest type virt.guest.x.storage enum flash,extended,usb0 Virtual guest storage virt.guest.x.limit.cpu double 0.5..1.0 Virtual guest CPU limit virt.guest.x.limit.memory integer 32.768 Virtual guest memory limit virt.guest.x.network.y.mode integer 0 = disabled, 1 = routed, 2 = bridged Virtual network mode virt.guest.x.network.y.brdev interface Virtual network bridge interface virt.guest.x.network.y.address address Virtual network address virt.guest.x.network.y.netmask address Virtual network netmask virt.guest.x.network.y.gateway address Virtual network gateway virt.guest.x.device.y.name string Virtual device name virt.guest.x.device.y.type enum can,bluetooth Virtual device type virt.guest.x.install.url URL https://share.netmodule.com/router /public/virt/ubuntu_bionic.tar.xz Ubuntu Bionic Beaver virt.guest.x.install.trigger integer 0 = disabled, 1 = enabled Install on Apply #storage storage.flashroot.id storage.flashroot.automount storage.flashroot.mountpoint storage.flashstorage.id storage.flashstorage.automount storage.flashstorage.mountpoint storage.extended.id storage.extended.automount storage.extended.mountpoint storage.usb0.id storage.usb0.automount storage.usb0.mountpoint storage.sdcard0.id storage.sdcard0.automount storage.sdcard0.mountpoint # custom custom.status integer custom.secret string custom.var0 string custom.var1 string custom.var2 string custom.var3 string custom.var4 string custom.table0.x.var0 string custom.table0.x.var1 string custom.table0.x.var2 string custom.table0.x.var3 string custom.table0.x.var4 string custom.table1.x.var0 string custom.table1.x.var1 string custom.table1.x.var2 string custom.table1.x.var3 string custom.table1.x.var4 string custom.table2.0.var0 string custom.table2.0.var1 string custom.table2.0.var2 string custom.table2.0.var3 string custom.table2.0.var4 string checkEmail: format local@domain, user can contain a-z,A-Z,0-9,@,-,.,-,_, domain is 0-255 characters and contains a-z,A-Z,0-9,-,_. It is also possible that the email is an IP. ApnUsername=ApnPassword: not allowed:"",'',whitespace(\r\n\t\f\v) Passwd: not allowed &,|,",',`,\