diff --git a/doc/API/API-Docs.md b/doc/API/API-Docs.md index b23339ee84..55e28c5db8 100644 --- a/doc/API/API-Docs.md +++ b/doc/API/API-Docs.md @@ -30,6 +30,7 @@ - [`get_devices_by_group`](#api-route-get_devices_by_group) - [`routing`](#api-routing) - [`list_bgp`](#api-route-1) + - [`list_ipsec`](#list_ipsec) - [`switching`](#api-switching) - [`get_vlans`](#api-route-4) - [`alerts`](#api-alerts) @@ -866,6 +867,43 @@ Output: } ``` +### Function: `list_ipsec` [`top`](#top) + +List the current IPSec tunnels which are active. + +Route: /api/v0/routing/ipsec/data/:hostname + +- hostname can be either the device hostname or id + +Input: + + - + +Example: +```curl +curl -H 'X-Auth-Token: YOURAPITOKENHERE' https://librenms.org/api/v0/routing/ipsec/data/localhost +``` + +Output: +```text +{ + "status": "ok", + "err-msg": "", + "count": 0, + "ipsec": [ + "tunnel_id": "1", + "device_id": "1", + "peer_port": "0", + "peer_addr": "127.0.0.1", + "local_addr": "127.0.0.2", + "local_port": "0", + "tunnel_name": "", + "tunnel_status": "active" + ] +} +``` +> Please note, this will only show active VPN sessions not all configured. + ## `Switching` [`top`](#top) ### Function: `get_vlans` [`top`](#top) diff --git a/html/api_v0.php b/html/api_v0.php index 3ca6dc0ad4..021cbb327c 100644 --- a/html/api_v0.php +++ b/html/api_v0.php @@ -128,6 +128,19 @@ $app->group( } ); // End Inventory + // Routing section + $app->group( + '/routing', + function () use ($app) { + $app->group( + '/ipsec', + function () use ($app) { + $app->get('/data/:hostname', 'authToken', 'list_ipsec')->name('list_ipsec'); + } + ); + } + ); + // End Routing } ); $app->get('/v0', 'authToken', 'show_endpoints'); diff --git a/html/includes/api_functions.inc.php b/html/includes/api_functions.inc.php index 9a26298909..40c64a9bca 100644 --- a/html/includes/api_functions.inc.php +++ b/html/includes/api_functions.inc.php @@ -1288,3 +1288,33 @@ function get_devices_by_group() { echo _json_encode($output); } + +function list_ipsec() { + $app = \Slim\Slim::getInstance(); + $router = $app->router()->getCurrentRoute()->getParams(); + $status = 'error'; + $code = 404; + $message = ''; + $hostname = $router['hostname']; + // use hostname as device_id if it's all digits + $device_id = ctype_digit($hostname) ? $hostname : getidbyname($hostname); + if (!is_numeric($device_id)) { + $message = "No valid hostname or device ID provided"; + } + else { + $ipsec = dbFetchRows("SELECT `D`.`hostname`, `I`.* FROM `ipsec_tunnels` AS `I`, `devices` AS `D` WHERE `I`.`device_id`=? `D`.`device_id` = `I`.`device_id`", array($device_id)); + $total = count($ipsec); + $status = 'ok'; + $code = 200; + } + + $output = array( + 'status' => $status, + 'err-msg' => $message, + 'count' => $total, + 'ipsec' => $ipsec, + ); + $app->response->setStatus($code); + $app->response->headers->set('Content-Type', 'application/json'); + echo _json_encode($output); +}