CLIHandler: copied updates from pve-common
[pve-client.git] / pve-api-definition.js
1 [
2    {
3       "children" : [
4          {
5             "children" : [
6                {
7                   "info" : {
8                      "DELETE" : {
9                         "description" : "Mark replication job for removal.",
10                         "method" : "DELETE",
11                         "name" : "delete",
12                         "parameters" : {
13                            "additionalProperties" : 0,
14                            "properties" : {
15                               "force" : {
16                                  "default" : 0,
17                                  "description" : "Will remove the jobconfig entry, but will not cleanup.",
18                                  "optional" : 1,
19                                  "type" : "boolean",
20                                  "typetext" : "<boolean>"
21                               },
22                               "id" : {
23                                  "description" : "Replication Job ID. The ID is composed of a Guest ID and a job number, separated by a hyphen, i.e. '<GUEST>-<JOBNUM>'.",
24                                  "format" : "pve-replication-job-id",
25                                  "pattern" : "[1-9][0-9]{2,8}-\\d{1,9}",
26                                  "type" : "string"
27                               },
28                               "keep" : {
29                                  "default" : 0,
30                                  "description" : "Keep replicated data at target (do not remove).",
31                                  "optional" : 1,
32                                  "type" : "boolean",
33                                  "typetext" : "<boolean>"
34                               }
35                            }
36                         },
37                         "permissions" : {
38                            "check" : [
39                               "perm",
40                               "/storage",
41                               [
42                                  "Datastore.Allocate"
43                               ]
44                            ]
45                         },
46                         "protected" : 1,
47                         "returns" : {
48                            "type" : "null"
49                         }
50                      },
51                      "GET" : {
52                         "description" : "Read replication job configuration.",
53                         "method" : "GET",
54                         "name" : "read",
55                         "parameters" : {
56                            "additionalProperties" : 0,
57                            "properties" : {
58                               "id" : {
59                                  "description" : "Replication Job ID. The ID is composed of a Guest ID and a job number, separated by a hyphen, i.e. '<GUEST>-<JOBNUM>'.",
60                                  "format" : "pve-replication-job-id",
61                                  "pattern" : "[1-9][0-9]{2,8}-\\d{1,9}",
62                                  "type" : "string"
63                               }
64                            }
65                         },
66                         "permissions" : {
67                            "description" : "Requires the VM.Audit permission on /vms/<vmid>.",
68                            "user" : "all"
69                         },
70                         "returns" : {
71                            "type" : "object"
72                         }
73                      },
74                      "PUT" : {
75                         "description" : "Update replication job configuration.",
76                         "method" : "PUT",
77                         "name" : "update",
78                         "parameters" : {
79                            "additionalProperties" : 0,
80                            "properties" : {
81                               "comment" : {
82                                  "description" : "Description.",
83                                  "maxLength" : 4096,
84                                  "optional" : 1,
85                                  "type" : "string",
86                                  "typetext" : "<string>"
87                               },
88                               "delete" : {
89                                  "description" : "A list of settings you want to delete.",
90                                  "format" : "pve-configid-list",
91                                  "maxLength" : 4096,
92                                  "optional" : 1,
93                                  "type" : "string",
94                                  "typetext" : "<string>"
95                               },
96                               "digest" : {
97                                  "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
98                                  "maxLength" : 40,
99                                  "optional" : 1,
100                                  "type" : "string",
101                                  "typetext" : "<string>"
102                               },
103                               "disable" : {
104                                  "description" : "Flag to disable/deactivate the entry.",
105                                  "optional" : 1,
106                                  "type" : "boolean",
107                                  "typetext" : "<boolean>"
108                               },
109                               "id" : {
110                                  "description" : "Replication Job ID. The ID is composed of a Guest ID and a job number, separated by a hyphen, i.e. '<GUEST>-<JOBNUM>'.",
111                                  "format" : "pve-replication-job-id",
112                                  "pattern" : "[1-9][0-9]{2,8}-\\d{1,9}",
113                                  "type" : "string"
114                               },
115                               "rate" : {
116                                  "description" : "Rate limit in mbps (megabytes per second) as floating point number.",
117                                  "minimum" : 1,
118                                  "optional" : 1,
119                                  "type" : "number",
120                                  "typetext" : "<number> (1 - N)"
121                               },
122                               "remove_job" : {
123                                  "description" : "Mark the replication job for removal. The job will remove all local replication snapshots. When set to 'full', it also tries to remove replicated volumes on the target. The job then removes itself from the configuration file.",
124                                  "enum" : [
125                                     "local",
126                                     "full"
127                                  ],
128                                  "optional" : 1,
129                                  "type" : "string"
130                               },
131                               "schedule" : {
132                                  "default" : "*/15",
133                                  "description" : "Storage replication schedule. The format is a subset of `systemd` calender events.",
134                                  "format" : "pve-calendar-event",
135                                  "maxLength" : 128,
136                                  "optional" : 1,
137                                  "type" : "string",
138                                  "typetext" : "<string>"
139                               },
140                               "source" : {
141                                  "description" : "Source of the replication.",
142                                  "format" : "pve-node",
143                                  "optional" : 1,
144                                  "type" : "string",
145                                  "typetext" : "<string>"
146                               }
147                            },
148                            "type" : "object"
149                         },
150                         "permissions" : {
151                            "check" : [
152                               "perm",
153                               "/storage",
154                               [
155                                  "Datastore.Allocate"
156                               ]
157                            ]
158                         },
159                         "protected" : 1,
160                         "returns" : {
161                            "type" : "null"
162                         }
163                      }
164                   },
165                   "leaf" : 1,
166                   "path" : "/cluster/replication/{id}",
167                   "text" : "{id}"
168                }
169             ],
170             "info" : {
171                "GET" : {
172                   "description" : "List replication jobs.",
173                   "method" : "GET",
174                   "name" : "index",
175                   "parameters" : {
176                      "additionalProperties" : 0
177                   },
178                   "permissions" : {
179                      "description" : "Requires the VM.Audit permission on /vms/<vmid>.",
180                      "user" : "all"
181                   },
182                   "returns" : {
183                      "items" : {
184                         "properties" : {},
185                         "type" : "object"
186                      },
187                      "links" : [
188                         {
189                            "href" : "{id}",
190                            "rel" : "child"
191                         }
192                      ],
193                      "type" : "array"
194                   }
195                },
196                "POST" : {
197                   "description" : "Create a new replication job",
198                   "method" : "POST",
199                   "name" : "create",
200                   "parameters" : {
201                      "additionalProperties" : 0,
202                      "properties" : {
203                         "comment" : {
204                            "description" : "Description.",
205                            "maxLength" : 4096,
206                            "optional" : 1,
207                            "type" : "string",
208                            "typetext" : "<string>"
209                         },
210                         "disable" : {
211                            "description" : "Flag to disable/deactivate the entry.",
212                            "optional" : 1,
213                            "type" : "boolean",
214                            "typetext" : "<boolean>"
215                         },
216                         "id" : {
217                            "description" : "Replication Job ID. The ID is composed of a Guest ID and a job number, separated by a hyphen, i.e. '<GUEST>-<JOBNUM>'.",
218                            "format" : "pve-replication-job-id",
219                            "pattern" : "[1-9][0-9]{2,8}-\\d{1,9}",
220                            "type" : "string"
221                         },
222                         "rate" : {
223                            "description" : "Rate limit in mbps (megabytes per second) as floating point number.",
224                            "minimum" : 1,
225                            "optional" : 1,
226                            "type" : "number",
227                            "typetext" : "<number> (1 - N)"
228                         },
229                         "remove_job" : {
230                            "description" : "Mark the replication job for removal. The job will remove all local replication snapshots. When set to 'full', it also tries to remove replicated volumes on the target. The job then removes itself from the configuration file.",
231                            "enum" : [
232                               "local",
233                               "full"
234                            ],
235                            "optional" : 1,
236                            "type" : "string"
237                         },
238                         "schedule" : {
239                            "default" : "*/15",
240                            "description" : "Storage replication schedule. The format is a subset of `systemd` calender events.",
241                            "format" : "pve-calendar-event",
242                            "maxLength" : 128,
243                            "optional" : 1,
244                            "type" : "string",
245                            "typetext" : "<string>"
246                         },
247                         "source" : {
248                            "description" : "Source of the replication.",
249                            "format" : "pve-node",
250                            "optional" : 1,
251                            "type" : "string",
252                            "typetext" : "<string>"
253                         },
254                         "target" : {
255                            "description" : "Target node.",
256                            "format" : "pve-node",
257                            "optional" : 0,
258                            "type" : "string",
259                            "typetext" : "<string>"
260                         },
261                         "type" : {
262                            "description" : "Section type.",
263                            "enum" : [
264                               "local"
265                            ],
266                            "type" : "string"
267                         }
268                      },
269                      "type" : "object"
270                   },
271                   "permissions" : {
272                      "check" : [
273                         "perm",
274                         "/storage",
275                         [
276                            "Datastore.Allocate"
277                         ]
278                      ]
279                   },
280                   "protected" : 1,
281                   "returns" : {
282                      "type" : "null"
283                   }
284                }
285             },
286             "leaf" : 0,
287             "path" : "/cluster/replication",
288             "text" : "replication"
289          },
290          {
291             "children" : [
292                {
293                   "children" : [
294                      {
295                         "info" : {
296                            "DELETE" : {
297                               "description" : "Removes a node from the cluster configuration.",
298                               "method" : "DELETE",
299                               "name" : "delnode",
300                               "parameters" : {
301                                  "additionalProperties" : 0,
302                                  "properties" : {
303                                     "node" : {
304                                        "description" : "The cluster node name.",
305                                        "format" : "pve-node",
306                                        "type" : "string",
307                                        "typetext" : "<string>"
308                                     }
309                                  }
310                               },
311                               "protected" : 1,
312                               "returns" : {
313                                  "type" : "null"
314                               }
315                            },
316                            "POST" : {
317                               "description" : "Adds a node to the cluster configuration.",
318                               "method" : "POST",
319                               "name" : "addnode",
320                               "parameters" : {
321                                  "additionalProperties" : 0,
322                                  "properties" : {
323                                     "force" : {
324                                        "description" : "Do not throw error if node already exists.",
325                                        "optional" : 1,
326                                        "type" : "boolean",
327                                        "typetext" : "<boolean>"
328                                     },
329                                     "node" : {
330                                        "description" : "The cluster node name.",
331                                        "format" : "pve-node",
332                                        "type" : "string",
333                                        "typetext" : "<string>"
334                                     },
335                                     "nodeid" : {
336                                        "description" : "Node id for this node.",
337                                        "minimum" : 1,
338                                        "optional" : 1,
339                                        "type" : "integer",
340                                        "typetext" : "<integer> (1 - N)"
341                                     },
342                                     "ring0_addr" : {
343                                        "default" : "Hostname of the node",
344                                        "description" : "Hostname (or IP) of the corosync ring0 address of this node.",
345                                        "format" : "address",
346                                        "optional" : 1,
347                                        "type" : "string",
348                                        "typetext" : "<string>"
349                                     },
350                                     "ring1_addr" : {
351                                        "description" : "Hostname (or IP) of the corosync ring1 address of this node. Requires a valid configured ring 1 (bindnet1_addr) in the cluster.",
352                                        "format" : "address",
353                                        "optional" : 1,
354                                        "type" : "string",
355                                        "typetext" : "<string>"
356                                     },
357                                     "votes" : {
358                                        "description" : "Number of votes for this node",
359                                        "minimum" : 0,
360                                        "optional" : 1,
361                                        "type" : "integer",
362                                        "typetext" : "<integer> (0 - N)"
363                                     }
364                                  }
365                               },
366                               "protected" : 1,
367                               "returns" : {
368                                  "properties" : {
369                                     "corosync_authkey" : {
370                                        "type" : "string"
371                                     },
372                                     "corosync_conf" : {
373                                        "type" : "string"
374                                     }
375                                  },
376                                  "type" : "object"
377                               }
378                            }
379                         },
380                         "leaf" : 1,
381                         "path" : "/cluster/config/nodes/{node}",
382                         "text" : "{node}"
383                      }
384                   ],
385                   "info" : {
386                      "GET" : {
387                         "description" : "Corosync node list.",
388                         "method" : "GET",
389                         "name" : "nodes",
390                         "parameters" : {
391                            "additionalProperties" : 0
392                         },
393                         "permissions" : {
394                            "check" : [
395                               "perm",
396                               "/",
397                               [
398                                  "Sys.Audit"
399                               ]
400                            ]
401                         },
402                         "returns" : {
403                            "items" : {
404                               "properties" : {
405                                  "node" : {
406                                     "type" : "string"
407                                  }
408                               },
409                               "type" : "object"
410                            },
411                            "links" : [
412                               {
413                                  "href" : "{node}",
414                                  "rel" : "child"
415                               }
416                            ],
417                            "type" : "array"
418                         }
419                      }
420                   },
421                   "leaf" : 0,
422                   "path" : "/cluster/config/nodes",
423                   "text" : "nodes"
424                },
425                {
426                   "info" : {
427                      "GET" : {
428                         "description" : "Get information needed to join this cluster over the connected node.",
429                         "method" : "GET",
430                         "name" : "join_info",
431                         "parameters" : {
432                            "additionalProperties" : 0,
433                            "properties" : {
434                               "node" : {
435                                  "default" : "current connected node",
436                                  "description" : "The node for which the joinee gets the nodeinfo. ",
437                                  "format" : "pve-node",
438                                  "optional" : 1,
439                                  "type" : "string",
440                                  "typetext" : "<string>"
441                               }
442                            }
443                         },
444                         "permissions" : {
445                            "check" : [
446                               "perm",
447                               "/",
448                               [
449                                  "Sys.Audit"
450                               ]
451                            ]
452                         },
453                         "returns" : {
454                            "additionalProperties" : 0,
455                            "properties" : {
456                               "config_digest" : {
457                                  "type" : "string"
458                               },
459                               "nodelist" : {
460                                  "items" : {
461                                     "additionalProperties" : 1,
462                                     "properties" : {
463                                        "name" : {
464                                           "description" : "The cluster node name.",
465                                           "format" : "pve-node",
466                                           "type" : "string"
467                                        },
468                                        "nodeid" : {
469                                           "description" : "Node id for this node.",
470                                           "minimum" : 1,
471                                           "optional" : 1,
472                                           "type" : "integer"
473                                        },
474                                        "pve_addr" : {
475                                           "format" : "ip",
476                                           "type" : "string"
477                                        },
478                                        "pve_fp" : {
479                                           "description" : "Certificate SHA 256 fingerprint.",
480                                           "pattern" : "([A-Fa-f0-9]{2}:){31}[A-Fa-f0-9]{2}",
481                                           "type" : "string"
482                                        },
483                                        "quorum_votes" : {
484                                           "minimum" : 0,
485                                           "type" : "integer"
486                                        },
487                                        "ring0_addr" : {
488                                           "default" : "Hostname of the node",
489                                           "description" : "Hostname (or IP) of the corosync ring0 address of this node.",
490                                           "format" : "address",
491                                           "optional" : 1,
492                                           "type" : "string"
493                                        }
494                                     },
495                                     "type" : "object"
496                                  },
497                                  "type" : "array"
498                               },
499                               "preferred_node" : {
500                                  "description" : "The cluster node name.",
501                                  "format" : "pve-node",
502                                  "type" : "string"
503                               },
504                               "totem" : {
505                                  "type" : "object"
506                               }
507                            },
508                            "type" : "object"
509                         }
510                      },
511                      "POST" : {
512                         "description" : "Joins this node into an existing cluster.",
513                         "method" : "POST",
514                         "name" : "join",
515                         "parameters" : {
516                            "additionalProperties" : 0,
517                            "properties" : {
518                               "fingerprint" : {
519                                  "description" : "Certificate SHA 256 fingerprint.",
520                                  "pattern" : "([A-Fa-f0-9]{2}:){31}[A-Fa-f0-9]{2}",
521                                  "type" : "string"
522                               },
523                               "force" : {
524                                  "description" : "Do not throw error if node already exists.",
525                                  "optional" : 1,
526                                  "type" : "boolean",
527                                  "typetext" : "<boolean>"
528                               },
529                               "hostname" : {
530                                  "description" : "Hostname (or IP) of an existing cluster member.",
531                                  "type" : "string",
532                                  "typetext" : "<string>"
533                               },
534                               "nodeid" : {
535                                  "description" : "Node id for this node.",
536                                  "minimum" : 1,
537                                  "optional" : 1,
538                                  "type" : "integer",
539                                  "typetext" : "<integer> (1 - N)"
540                               },
541                               "password" : {
542                                  "description" : "Superuser (root) password of peer node.",
543                                  "maxLength" : 128,
544                                  "type" : "string",
545                                  "typetext" : "<string>"
546                               },
547                               "ring0_addr" : {
548                                  "default" : "IP resolved by node's hostname",
549                                  "description" : "Hostname (or IP) of the corosync ring0 address of this node.",
550                                  "format" : "address",
551                                  "optional" : 1,
552                                  "type" : "string",
553                                  "typetext" : "<string>"
554                               },
555                               "ring1_addr" : {
556                                  "description" : "Hostname (or IP) of the corosync ring1 address of this node. Requires a valid configured ring 1 (bindnet1_addr) in the cluster.",
557                                  "format" : "address",
558                                  "optional" : 1,
559                                  "type" : "string",
560                                  "typetext" : "<string>"
561                               },
562                               "votes" : {
563                                  "description" : "Number of votes for this node",
564                                  "minimum" : 0,
565                                  "optional" : 1,
566                                  "type" : "integer",
567                                  "typetext" : "<integer> (0 - N)"
568                               }
569                            }
570                         },
571                         "protected" : 1,
572                         "returns" : {
573                            "type" : "string"
574                         }
575                      }
576                   },
577                   "leaf" : 1,
578                   "path" : "/cluster/config/join",
579                   "text" : "join"
580                },
581                {
582                   "info" : {
583                      "GET" : {
584                         "description" : "Get corosync totem protocol settings.",
585                         "method" : "GET",
586                         "name" : "totem",
587                         "parameters" : {
588                            "additionalProperties" : 0
589                         },
590                         "permissions" : {
591                            "check" : [
592                               "perm",
593                               "/",
594                               [
595                                  "Sys.Audit"
596                               ]
597                            ]
598                         },
599                         "returns" : {
600                            "properties" : {},
601                            "type" : "object"
602                         }
603                      }
604                   },
605                   "leaf" : 1,
606                   "path" : "/cluster/config/totem",
607                   "text" : "totem"
608                }
609             ],
610             "info" : {
611                "GET" : {
612                   "description" : "Directory index.",
613                   "method" : "GET",
614                   "name" : "index",
615                   "parameters" : {
616                      "additionalProperties" : 0
617                   },
618                   "permissions" : {
619                      "check" : [
620                         "perm",
621                         "/",
622                         [
623                            "Sys.Audit"
624                         ]
625                      ]
626                   },
627                   "returns" : {
628                      "items" : {
629                         "properties" : {},
630                         "type" : "object"
631                      },
632                      "links" : [
633                         {
634                            "href" : "{name}",
635                            "rel" : "child"
636                         }
637                      ],
638                      "type" : "array"
639                   }
640                },
641                "POST" : {
642                   "description" : "Generate new cluster configuration.",
643                   "method" : "POST",
644                   "name" : "create",
645                   "parameters" : {
646                      "additionalProperties" : 0,
647                      "properties" : {
648                         "bindnet0_addr" : {
649                            "description" : "This specifies the network address the corosync ring 0 executive should bind to and defaults to the local IP address of the node.",
650                            "format" : "ip",
651                            "optional" : 1,
652                            "type" : "string",
653                            "typetext" : "<string>"
654                         },
655                         "bindnet1_addr" : {
656                            "description" : "This specifies the network address the corosync ring 1 executive should bind to and is optional.",
657                            "format" : "ip",
658                            "optional" : 1,
659                            "type" : "string",
660                            "typetext" : "<string>"
661                         },
662                         "clustername" : {
663                            "description" : "The name of the cluster.",
664                            "format" : "pve-node",
665                            "maxLength" : 15,
666                            "type" : "string",
667                            "typetext" : "<string>"
668                         },
669                         "nodeid" : {
670                            "description" : "Node id for this node.",
671                            "minimum" : 1,
672                            "optional" : 1,
673                            "type" : "integer",
674                            "typetext" : "<integer> (1 - N)"
675                         },
676                         "ring0_addr" : {
677                            "default" : "Hostname of the node",
678                            "description" : "Hostname (or IP) of the corosync ring0 address of this node.",
679                            "format" : "address",
680                            "optional" : 1,
681                            "type" : "string",
682                            "typetext" : "<string>"
683                         },
684                         "ring1_addr" : {
685                            "description" : "Hostname (or IP) of the corosync ring1 address of this node. Requires a valid configured ring 1 (bindnet1_addr) in the cluster.",
686                            "format" : "address",
687                            "optional" : 1,
688                            "type" : "string",
689                            "typetext" : "<string>"
690                         },
691                         "votes" : {
692                            "description" : "Number of votes for this node.",
693                            "minimum" : 1,
694                            "optional" : 1,
695                            "type" : "integer",
696                            "typetext" : "<integer> (1 - N)"
697                         }
698                      }
699                   },
700                   "protected" : 1,
701                   "returns" : {
702                      "type" : "string"
703                   }
704                }
705             },
706             "leaf" : 0,
707             "path" : "/cluster/config",
708             "text" : "config"
709          },
710          {
711             "children" : [
712                {
713                   "children" : [
714                      {
715                         "children" : [
716                            {
717                               "info" : {
718                                  "DELETE" : {
719                                     "description" : "Delete rule.",
720                                     "method" : "DELETE",
721                                     "name" : "delete_rule",
722                                     "parameters" : {
723                                        "additionalProperties" : 0,
724                                        "properties" : {
725                                           "digest" : {
726                                              "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
727                                              "maxLength" : 40,
728                                              "optional" : 1,
729                                              "type" : "string",
730                                              "typetext" : "<string>"
731                                           },
732                                           "group" : {
733                                              "description" : "Security Group name.",
734                                              "maxLength" : 18,
735                                              "minLength" : 2,
736                                              "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
737                                              "type" : "string"
738                                           },
739                                           "pos" : {
740                                              "description" : "Update rule at position <pos>.",
741                                              "minimum" : 0,
742                                              "optional" : 1,
743                                              "type" : "integer",
744                                              "typetext" : "<integer> (0 - N)"
745                                           }
746                                        }
747                                     },
748                                     "permissions" : {
749                                        "check" : [
750                                           "perm",
751                                           "/",
752                                           [
753                                              "Sys.Modify"
754                                           ]
755                                        ]
756                                     },
757                                     "protected" : 1,
758                                     "proxyto" : null,
759                                     "returns" : {
760                                        "type" : "null"
761                                     }
762                                  },
763                                  "GET" : {
764                                     "description" : "Get single rule data.",
765                                     "method" : "GET",
766                                     "name" : "get_rule",
767                                     "parameters" : {
768                                        "additionalProperties" : 0,
769                                        "properties" : {
770                                           "group" : {
771                                              "description" : "Security Group name.",
772                                              "maxLength" : 18,
773                                              "minLength" : 2,
774                                              "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
775                                              "type" : "string"
776                                           },
777                                           "pos" : {
778                                              "description" : "Update rule at position <pos>.",
779                                              "minimum" : 0,
780                                              "optional" : 1,
781                                              "type" : "integer",
782                                              "typetext" : "<integer> (0 - N)"
783                                           }
784                                        }
785                                     },
786                                     "permissions" : {
787                                        "check" : [
788                                           "perm",
789                                           "/",
790                                           [
791                                              "Sys.Audit"
792                                           ]
793                                        ]
794                                     },
795                                     "proxyto" : null,
796                                     "returns" : {
797                                        "properties" : {
798                                           "pos" : {
799                                              "type" : "integer"
800                                           }
801                                        },
802                                        "type" : "object"
803                                     }
804                                  },
805                                  "PUT" : {
806                                     "description" : "Modify rule data.",
807                                     "method" : "PUT",
808                                     "name" : "update_rule",
809                                     "parameters" : {
810                                        "additionalProperties" : 0,
811                                        "properties" : {
812                                           "action" : {
813                                              "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
814                                              "maxLength" : 20,
815                                              "minLength" : 2,
816                                              "optional" : 1,
817                                              "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
818                                              "type" : "string"
819                                           },
820                                           "comment" : {
821                                              "description" : "Descriptive comment.",
822                                              "optional" : 1,
823                                              "type" : "string",
824                                              "typetext" : "<string>"
825                                           },
826                                           "delete" : {
827                                              "description" : "A list of settings you want to delete.",
828                                              "format" : "pve-configid-list",
829                                              "optional" : 1,
830                                              "type" : "string",
831                                              "typetext" : "<string>"
832                                           },
833                                           "dest" : {
834                                              "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
835                                              "format" : "pve-fw-addr-spec",
836                                              "optional" : 1,
837                                              "type" : "string",
838                                              "typetext" : "<string>"
839                                           },
840                                           "digest" : {
841                                              "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
842                                              "maxLength" : 40,
843                                              "optional" : 1,
844                                              "type" : "string",
845                                              "typetext" : "<string>"
846                                           },
847                                           "dport" : {
848                                              "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
849                                              "format" : "pve-fw-dport-spec",
850                                              "optional" : 1,
851                                              "type" : "string",
852                                              "typetext" : "<string>"
853                                           },
854                                           "enable" : {
855                                              "description" : "Flag to enable/disable a rule.",
856                                              "minimum" : 0,
857                                              "optional" : 1,
858                                              "type" : "integer",
859                                              "typetext" : "<integer> (0 - N)"
860                                           },
861                                           "group" : {
862                                              "description" : "Security Group name.",
863                                              "maxLength" : 18,
864                                              "minLength" : 2,
865                                              "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
866                                              "type" : "string"
867                                           },
868                                           "iface" : {
869                                              "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
870                                              "format" : "pve-iface",
871                                              "maxLength" : 20,
872                                              "minLength" : 2,
873                                              "optional" : 1,
874                                              "type" : "string",
875                                              "typetext" : "<string>"
876                                           },
877                                           "macro" : {
878                                              "description" : "Use predefined standard macro.",
879                                              "maxLength" : 128,
880                                              "optional" : 1,
881                                              "type" : "string",
882                                              "typetext" : "<string>"
883                                           },
884                                           "moveto" : {
885                                              "description" : "Move rule to new position <moveto>. Other arguments are ignored.",
886                                              "minimum" : 0,
887                                              "optional" : 1,
888                                              "type" : "integer",
889                                              "typetext" : "<integer> (0 - N)"
890                                           },
891                                           "pos" : {
892                                              "description" : "Update rule at position <pos>.",
893                                              "minimum" : 0,
894                                              "optional" : 1,
895                                              "type" : "integer",
896                                              "typetext" : "<integer> (0 - N)"
897                                           },
898                                           "proto" : {
899                                              "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
900                                              "format" : "pve-fw-protocol-spec",
901                                              "optional" : 1,
902                                              "type" : "string",
903                                              "typetext" : "<string>"
904                                           },
905                                           "source" : {
906                                              "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
907                                              "format" : "pve-fw-addr-spec",
908                                              "optional" : 1,
909                                              "type" : "string",
910                                              "typetext" : "<string>"
911                                           },
912                                           "sport" : {
913                                              "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
914                                              "format" : "pve-fw-sport-spec",
915                                              "optional" : 1,
916                                              "type" : "string",
917                                              "typetext" : "<string>"
918                                           },
919                                           "type" : {
920                                              "description" : "Rule type.",
921                                              "enum" : [
922                                                 "in",
923                                                 "out",
924                                                 "group"
925                                              ],
926                                              "optional" : 1,
927                                              "type" : "string"
928                                           }
929                                        }
930                                     },
931                                     "permissions" : {
932                                        "check" : [
933                                           "perm",
934                                           "/",
935                                           [
936                                              "Sys.Modify"
937                                           ]
938                                        ]
939                                     },
940                                     "protected" : 1,
941                                     "proxyto" : null,
942                                     "returns" : {
943                                        "type" : "null"
944                                     }
945                                  }
946                               },
947                               "leaf" : 1,
948                               "path" : "/cluster/firewall/groups/{group}/{pos}",
949                               "text" : "{pos}"
950                            }
951                         ],
952                         "info" : {
953                            "DELETE" : {
954                               "description" : "Delete security group.",
955                               "method" : "DELETE",
956                               "name" : "delete_security_group",
957                               "parameters" : {
958                                  "additionalProperties" : 0,
959                                  "properties" : {
960                                     "group" : {
961                                        "description" : "Security Group name.",
962                                        "maxLength" : 18,
963                                        "minLength" : 2,
964                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
965                                        "type" : "string"
966                                     }
967                                  }
968                               },
969                               "permissions" : {
970                                  "check" : [
971                                     "perm",
972                                     "/",
973                                     [
974                                        "Sys.Modify"
975                                     ]
976                                  ]
977                               },
978                               "protected" : 1,
979                               "returns" : {
980                                  "type" : "null"
981                               }
982                            },
983                            "GET" : {
984                               "description" : "List rules.",
985                               "method" : "GET",
986                               "name" : "get_rules",
987                               "parameters" : {
988                                  "additionalProperties" : 0,
989                                  "properties" : {
990                                     "group" : {
991                                        "description" : "Security Group name.",
992                                        "maxLength" : 18,
993                                        "minLength" : 2,
994                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
995                                        "type" : "string"
996                                     }
997                                  }
998                               },
999                               "permissions" : {
1000                                  "check" : [
1001                                     "perm",
1002                                     "/",
1003                                     [
1004                                        "Sys.Audit"
1005                                     ]
1006                                  ]
1007                               },
1008                               "proxyto" : null,
1009                               "returns" : {
1010                                  "items" : {
1011                                     "properties" : {
1012                                        "pos" : {
1013                                           "type" : "integer"
1014                                        }
1015                                     },
1016                                     "type" : "object"
1017                                  },
1018                                  "links" : [
1019                                     {
1020                                        "href" : "{pos}",
1021                                        "rel" : "child"
1022                                     }
1023                                  ],
1024                                  "type" : "array"
1025                               }
1026                            },
1027                            "POST" : {
1028                               "description" : "Create new rule.",
1029                               "method" : "POST",
1030                               "name" : "create_rule",
1031                               "parameters" : {
1032                                  "additionalProperties" : 0,
1033                                  "properties" : {
1034                                     "action" : {
1035                                        "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
1036                                        "maxLength" : 20,
1037                                        "minLength" : 2,
1038                                        "optional" : 0,
1039                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1040                                        "type" : "string"
1041                                     },
1042                                     "comment" : {
1043                                        "description" : "Descriptive comment.",
1044                                        "optional" : 1,
1045                                        "type" : "string",
1046                                        "typetext" : "<string>"
1047                                     },
1048                                     "dest" : {
1049                                        "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
1050                                        "format" : "pve-fw-addr-spec",
1051                                        "optional" : 1,
1052                                        "type" : "string",
1053                                        "typetext" : "<string>"
1054                                     },
1055                                     "digest" : {
1056                                        "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1057                                        "maxLength" : 40,
1058                                        "optional" : 1,
1059                                        "type" : "string",
1060                                        "typetext" : "<string>"
1061                                     },
1062                                     "dport" : {
1063                                        "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
1064                                        "format" : "pve-fw-dport-spec",
1065                                        "optional" : 1,
1066                                        "type" : "string",
1067                                        "typetext" : "<string>"
1068                                     },
1069                                     "enable" : {
1070                                        "description" : "Flag to enable/disable a rule.",
1071                                        "minimum" : 0,
1072                                        "optional" : 1,
1073                                        "type" : "integer",
1074                                        "typetext" : "<integer> (0 - N)"
1075                                     },
1076                                     "group" : {
1077                                        "description" : "Security Group name.",
1078                                        "maxLength" : 18,
1079                                        "minLength" : 2,
1080                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1081                                        "type" : "string"
1082                                     },
1083                                     "iface" : {
1084                                        "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
1085                                        "format" : "pve-iface",
1086                                        "maxLength" : 20,
1087                                        "minLength" : 2,
1088                                        "optional" : 1,
1089                                        "type" : "string",
1090                                        "typetext" : "<string>"
1091                                     },
1092                                     "macro" : {
1093                                        "description" : "Use predefined standard macro.",
1094                                        "maxLength" : 128,
1095                                        "optional" : 1,
1096                                        "type" : "string",
1097                                        "typetext" : "<string>"
1098                                     },
1099                                     "pos" : {
1100                                        "description" : "Update rule at position <pos>.",
1101                                        "minimum" : 0,
1102                                        "optional" : 1,
1103                                        "type" : "integer",
1104                                        "typetext" : "<integer> (0 - N)"
1105                                     },
1106                                     "proto" : {
1107                                        "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
1108                                        "format" : "pve-fw-protocol-spec",
1109                                        "optional" : 1,
1110                                        "type" : "string",
1111                                        "typetext" : "<string>"
1112                                     },
1113                                     "source" : {
1114                                        "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
1115                                        "format" : "pve-fw-addr-spec",
1116                                        "optional" : 1,
1117                                        "type" : "string",
1118                                        "typetext" : "<string>"
1119                                     },
1120                                     "sport" : {
1121                                        "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
1122                                        "format" : "pve-fw-sport-spec",
1123                                        "optional" : 1,
1124                                        "type" : "string",
1125                                        "typetext" : "<string>"
1126                                     },
1127                                     "type" : {
1128                                        "description" : "Rule type.",
1129                                        "enum" : [
1130                                           "in",
1131                                           "out",
1132                                           "group"
1133                                        ],
1134                                        "optional" : 0,
1135                                        "type" : "string"
1136                                     }
1137                                  }
1138                               },
1139                               "permissions" : {
1140                                  "check" : [
1141                                     "perm",
1142                                     "/",
1143                                     [
1144                                        "Sys.Modify"
1145                                     ]
1146                                  ]
1147                               },
1148                               "protected" : 1,
1149                               "proxyto" : null,
1150                               "returns" : {
1151                                  "type" : "null"
1152                               }
1153                            }
1154                         },
1155                         "leaf" : 0,
1156                         "path" : "/cluster/firewall/groups/{group}",
1157                         "text" : "{group}"
1158                      }
1159                   ],
1160                   "info" : {
1161                      "GET" : {
1162                         "description" : "List security groups.",
1163                         "method" : "GET",
1164                         "name" : "list_security_groups",
1165                         "parameters" : {
1166                            "additionalProperties" : 0
1167                         },
1168                         "permissions" : {
1169                            "user" : "all"
1170                         },
1171                         "returns" : {
1172                            "items" : {
1173                               "properties" : {
1174                                  "comment" : {
1175                                     "optional" : 1,
1176                                     "type" : "string"
1177                                  },
1178                                  "digest" : {
1179                                     "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1180                                     "maxLength" : 40,
1181                                     "optional" : 0,
1182                                     "type" : "string"
1183                                  },
1184                                  "group" : {
1185                                     "description" : "Security Group name.",
1186                                     "maxLength" : 18,
1187                                     "minLength" : 2,
1188                                     "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1189                                     "type" : "string"
1190                                  }
1191                               },
1192                               "type" : "object"
1193                            },
1194                            "links" : [
1195                               {
1196                                  "href" : "{group}",
1197                                  "rel" : "child"
1198                               }
1199                            ],
1200                            "type" : "array"
1201                         }
1202                      },
1203                      "POST" : {
1204                         "description" : "Create new security group.",
1205                         "method" : "POST",
1206                         "name" : "create_security_group",
1207                         "parameters" : {
1208                            "additionalProperties" : 0,
1209                            "properties" : {
1210                               "comment" : {
1211                                  "optional" : 1,
1212                                  "type" : "string",
1213                                  "typetext" : "<string>"
1214                               },
1215                               "digest" : {
1216                                  "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1217                                  "maxLength" : 40,
1218                                  "optional" : 1,
1219                                  "type" : "string",
1220                                  "typetext" : "<string>"
1221                               },
1222                               "group" : {
1223                                  "description" : "Security Group name.",
1224                                  "maxLength" : 18,
1225                                  "minLength" : 2,
1226                                  "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1227                                  "type" : "string"
1228                               },
1229                               "rename" : {
1230                                  "description" : "Rename/update an existing security group. You can set 'rename' to the same value as 'name' to update the 'comment' of an existing group.",
1231                                  "maxLength" : 18,
1232                                  "minLength" : 2,
1233                                  "optional" : 1,
1234                                  "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1235                                  "type" : "string"
1236                               }
1237                            }
1238                         },
1239                         "permissions" : {
1240                            "check" : [
1241                               "perm",
1242                               "/",
1243                               [
1244                                  "Sys.Modify"
1245                               ]
1246                            ]
1247                         },
1248                         "protected" : 1,
1249                         "returns" : {
1250                            "type" : "null"
1251                         }
1252                      }
1253                   },
1254                   "leaf" : 0,
1255                   "path" : "/cluster/firewall/groups",
1256                   "text" : "groups"
1257                },
1258                {
1259                   "children" : [
1260                      {
1261                         "info" : {
1262                            "DELETE" : {
1263                               "description" : "Delete rule.",
1264                               "method" : "DELETE",
1265                               "name" : "delete_rule",
1266                               "parameters" : {
1267                                  "additionalProperties" : 0,
1268                                  "properties" : {
1269                                     "digest" : {
1270                                        "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1271                                        "maxLength" : 40,
1272                                        "optional" : 1,
1273                                        "type" : "string",
1274                                        "typetext" : "<string>"
1275                                     },
1276                                     "pos" : {
1277                                        "description" : "Update rule at position <pos>.",
1278                                        "minimum" : 0,
1279                                        "optional" : 1,
1280                                        "type" : "integer",
1281                                        "typetext" : "<integer> (0 - N)"
1282                                     }
1283                                  }
1284                               },
1285                               "permissions" : {
1286                                  "check" : [
1287                                     "perm",
1288                                     "/",
1289                                     [
1290                                        "Sys.Modify"
1291                                     ]
1292                                  ]
1293                               },
1294                               "protected" : 1,
1295                               "proxyto" : null,
1296                               "returns" : {
1297                                  "type" : "null"
1298                               }
1299                            },
1300                            "GET" : {
1301                               "description" : "Get single rule data.",
1302                               "method" : "GET",
1303                               "name" : "get_rule",
1304                               "parameters" : {
1305                                  "additionalProperties" : 0,
1306                                  "properties" : {
1307                                     "pos" : {
1308                                        "description" : "Update rule at position <pos>.",
1309                                        "minimum" : 0,
1310                                        "optional" : 1,
1311                                        "type" : "integer",
1312                                        "typetext" : "<integer> (0 - N)"
1313                                     }
1314                                  }
1315                               },
1316                               "permissions" : {
1317                                  "check" : [
1318                                     "perm",
1319                                     "/",
1320                                     [
1321                                        "Sys.Audit"
1322                                     ]
1323                                  ]
1324                               },
1325                               "proxyto" : null,
1326                               "returns" : {
1327                                  "properties" : {
1328                                     "pos" : {
1329                                        "type" : "integer"
1330                                     }
1331                                  },
1332                                  "type" : "object"
1333                               }
1334                            },
1335                            "PUT" : {
1336                               "description" : "Modify rule data.",
1337                               "method" : "PUT",
1338                               "name" : "update_rule",
1339                               "parameters" : {
1340                                  "additionalProperties" : 0,
1341                                  "properties" : {
1342                                     "action" : {
1343                                        "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
1344                                        "maxLength" : 20,
1345                                        "minLength" : 2,
1346                                        "optional" : 1,
1347                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1348                                        "type" : "string"
1349                                     },
1350                                     "comment" : {
1351                                        "description" : "Descriptive comment.",
1352                                        "optional" : 1,
1353                                        "type" : "string",
1354                                        "typetext" : "<string>"
1355                                     },
1356                                     "delete" : {
1357                                        "description" : "A list of settings you want to delete.",
1358                                        "format" : "pve-configid-list",
1359                                        "optional" : 1,
1360                                        "type" : "string",
1361                                        "typetext" : "<string>"
1362                                     },
1363                                     "dest" : {
1364                                        "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
1365                                        "format" : "pve-fw-addr-spec",
1366                                        "optional" : 1,
1367                                        "type" : "string",
1368                                        "typetext" : "<string>"
1369                                     },
1370                                     "digest" : {
1371                                        "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1372                                        "maxLength" : 40,
1373                                        "optional" : 1,
1374                                        "type" : "string",
1375                                        "typetext" : "<string>"
1376                                     },
1377                                     "dport" : {
1378                                        "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
1379                                        "format" : "pve-fw-dport-spec",
1380                                        "optional" : 1,
1381                                        "type" : "string",
1382                                        "typetext" : "<string>"
1383                                     },
1384                                     "enable" : {
1385                                        "description" : "Flag to enable/disable a rule.",
1386                                        "minimum" : 0,
1387                                        "optional" : 1,
1388                                        "type" : "integer",
1389                                        "typetext" : "<integer> (0 - N)"
1390                                     },
1391                                     "iface" : {
1392                                        "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
1393                                        "format" : "pve-iface",
1394                                        "maxLength" : 20,
1395                                        "minLength" : 2,
1396                                        "optional" : 1,
1397                                        "type" : "string",
1398                                        "typetext" : "<string>"
1399                                     },
1400                                     "macro" : {
1401                                        "description" : "Use predefined standard macro.",
1402                                        "maxLength" : 128,
1403                                        "optional" : 1,
1404                                        "type" : "string",
1405                                        "typetext" : "<string>"
1406                                     },
1407                                     "moveto" : {
1408                                        "description" : "Move rule to new position <moveto>. Other arguments are ignored.",
1409                                        "minimum" : 0,
1410                                        "optional" : 1,
1411                                        "type" : "integer",
1412                                        "typetext" : "<integer> (0 - N)"
1413                                     },
1414                                     "pos" : {
1415                                        "description" : "Update rule at position <pos>.",
1416                                        "minimum" : 0,
1417                                        "optional" : 1,
1418                                        "type" : "integer",
1419                                        "typetext" : "<integer> (0 - N)"
1420                                     },
1421                                     "proto" : {
1422                                        "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
1423                                        "format" : "pve-fw-protocol-spec",
1424                                        "optional" : 1,
1425                                        "type" : "string",
1426                                        "typetext" : "<string>"
1427                                     },
1428                                     "source" : {
1429                                        "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
1430                                        "format" : "pve-fw-addr-spec",
1431                                        "optional" : 1,
1432                                        "type" : "string",
1433                                        "typetext" : "<string>"
1434                                     },
1435                                     "sport" : {
1436                                        "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
1437                                        "format" : "pve-fw-sport-spec",
1438                                        "optional" : 1,
1439                                        "type" : "string",
1440                                        "typetext" : "<string>"
1441                                     },
1442                                     "type" : {
1443                                        "description" : "Rule type.",
1444                                        "enum" : [
1445                                           "in",
1446                                           "out",
1447                                           "group"
1448                                        ],
1449                                        "optional" : 1,
1450                                        "type" : "string"
1451                                     }
1452                                  }
1453                               },
1454                               "permissions" : {
1455                                  "check" : [
1456                                     "perm",
1457                                     "/",
1458                                     [
1459                                        "Sys.Modify"
1460                                     ]
1461                                  ]
1462                               },
1463                               "protected" : 1,
1464                               "proxyto" : null,
1465                               "returns" : {
1466                                  "type" : "null"
1467                               }
1468                            }
1469                         },
1470                         "leaf" : 1,
1471                         "path" : "/cluster/firewall/rules/{pos}",
1472                         "text" : "{pos}"
1473                      }
1474                   ],
1475                   "info" : {
1476                      "GET" : {
1477                         "description" : "List rules.",
1478                         "method" : "GET",
1479                         "name" : "get_rules",
1480                         "parameters" : {
1481                            "additionalProperties" : 0
1482                         },
1483                         "permissions" : {
1484                            "check" : [
1485                               "perm",
1486                               "/",
1487                               [
1488                                  "Sys.Audit"
1489                               ]
1490                            ]
1491                         },
1492                         "proxyto" : null,
1493                         "returns" : {
1494                            "items" : {
1495                               "properties" : {
1496                                  "pos" : {
1497                                     "type" : "integer"
1498                                  }
1499                               },
1500                               "type" : "object"
1501                            },
1502                            "links" : [
1503                               {
1504                                  "href" : "{pos}",
1505                                  "rel" : "child"
1506                               }
1507                            ],
1508                            "type" : "array"
1509                         }
1510                      },
1511                      "POST" : {
1512                         "description" : "Create new rule.",
1513                         "method" : "POST",
1514                         "name" : "create_rule",
1515                         "parameters" : {
1516                            "additionalProperties" : 0,
1517                            "properties" : {
1518                               "action" : {
1519                                  "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
1520                                  "maxLength" : 20,
1521                                  "minLength" : 2,
1522                                  "optional" : 0,
1523                                  "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1524                                  "type" : "string"
1525                               },
1526                               "comment" : {
1527                                  "description" : "Descriptive comment.",
1528                                  "optional" : 1,
1529                                  "type" : "string",
1530                                  "typetext" : "<string>"
1531                               },
1532                               "dest" : {
1533                                  "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
1534                                  "format" : "pve-fw-addr-spec",
1535                                  "optional" : 1,
1536                                  "type" : "string",
1537                                  "typetext" : "<string>"
1538                               },
1539                               "digest" : {
1540                                  "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1541                                  "maxLength" : 40,
1542                                  "optional" : 1,
1543                                  "type" : "string",
1544                                  "typetext" : "<string>"
1545                               },
1546                               "dport" : {
1547                                  "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
1548                                  "format" : "pve-fw-dport-spec",
1549                                  "optional" : 1,
1550                                  "type" : "string",
1551                                  "typetext" : "<string>"
1552                               },
1553                               "enable" : {
1554                                  "description" : "Flag to enable/disable a rule.",
1555                                  "minimum" : 0,
1556                                  "optional" : 1,
1557                                  "type" : "integer",
1558                                  "typetext" : "<integer> (0 - N)"
1559                               },
1560                               "iface" : {
1561                                  "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
1562                                  "format" : "pve-iface",
1563                                  "maxLength" : 20,
1564                                  "minLength" : 2,
1565                                  "optional" : 1,
1566                                  "type" : "string",
1567                                  "typetext" : "<string>"
1568                               },
1569                               "macro" : {
1570                                  "description" : "Use predefined standard macro.",
1571                                  "maxLength" : 128,
1572                                  "optional" : 1,
1573                                  "type" : "string",
1574                                  "typetext" : "<string>"
1575                               },
1576                               "pos" : {
1577                                  "description" : "Update rule at position <pos>.",
1578                                  "minimum" : 0,
1579                                  "optional" : 1,
1580                                  "type" : "integer",
1581                                  "typetext" : "<integer> (0 - N)"
1582                               },
1583                               "proto" : {
1584                                  "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
1585                                  "format" : "pve-fw-protocol-spec",
1586                                  "optional" : 1,
1587                                  "type" : "string",
1588                                  "typetext" : "<string>"
1589                               },
1590                               "source" : {
1591                                  "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
1592                                  "format" : "pve-fw-addr-spec",
1593                                  "optional" : 1,
1594                                  "type" : "string",
1595                                  "typetext" : "<string>"
1596                               },
1597                               "sport" : {
1598                                  "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
1599                                  "format" : "pve-fw-sport-spec",
1600                                  "optional" : 1,
1601                                  "type" : "string",
1602                                  "typetext" : "<string>"
1603                               },
1604                               "type" : {
1605                                  "description" : "Rule type.",
1606                                  "enum" : [
1607                                     "in",
1608                                     "out",
1609                                     "group"
1610                                  ],
1611                                  "optional" : 0,
1612                                  "type" : "string"
1613                               }
1614                            }
1615                         },
1616                         "permissions" : {
1617                            "check" : [
1618                               "perm",
1619                               "/",
1620                               [
1621                                  "Sys.Modify"
1622                               ]
1623                            ]
1624                         },
1625                         "protected" : 1,
1626                         "proxyto" : null,
1627                         "returns" : {
1628                            "type" : "null"
1629                         }
1630                      }
1631                   },
1632                   "leaf" : 0,
1633                   "path" : "/cluster/firewall/rules",
1634                   "text" : "rules"
1635                },
1636                {
1637                   "children" : [
1638                      {
1639                         "children" : [
1640                            {
1641                               "info" : {
1642                                  "DELETE" : {
1643                                     "description" : "Remove IP or Network from IPSet.",
1644                                     "method" : "DELETE",
1645                                     "name" : "remove_ip",
1646                                     "parameters" : {
1647                                        "additionalProperties" : 0,
1648                                        "properties" : {
1649                                           "cidr" : {
1650                                              "description" : "Network/IP specification in CIDR format.",
1651                                              "format" : "IPorCIDRorAlias",
1652                                              "type" : "string",
1653                                              "typetext" : "<string>"
1654                                           },
1655                                           "digest" : {
1656                                              "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1657                                              "maxLength" : 40,
1658                                              "optional" : 1,
1659                                              "type" : "string",
1660                                              "typetext" : "<string>"
1661                                           },
1662                                           "name" : {
1663                                              "description" : "IP set name.",
1664                                              "maxLength" : 64,
1665                                              "minLength" : 2,
1666                                              "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1667                                              "type" : "string"
1668                                           }
1669                                        }
1670                                     },
1671                                     "permissions" : {
1672                                        "check" : [
1673                                           "perm",
1674                                           "/",
1675                                           [
1676                                              "Sys.Modify"
1677                                           ]
1678                                        ]
1679                                     },
1680                                     "protected" : 1,
1681                                     "returns" : {
1682                                        "type" : "null"
1683                                     }
1684                                  },
1685                                  "GET" : {
1686                                     "description" : "Read IP or Network settings from IPSet.",
1687                                     "method" : "GET",
1688                                     "name" : "read_ip",
1689                                     "parameters" : {
1690                                        "additionalProperties" : 0,
1691                                        "properties" : {
1692                                           "cidr" : {
1693                                              "description" : "Network/IP specification in CIDR format.",
1694                                              "format" : "IPorCIDRorAlias",
1695                                              "type" : "string",
1696                                              "typetext" : "<string>"
1697                                           },
1698                                           "name" : {
1699                                              "description" : "IP set name.",
1700                                              "maxLength" : 64,
1701                                              "minLength" : 2,
1702                                              "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1703                                              "type" : "string"
1704                                           }
1705                                        }
1706                                     },
1707                                     "permissions" : {
1708                                        "check" : [
1709                                           "perm",
1710                                           "/",
1711                                           [
1712                                              "Sys.Audit"
1713                                           ]
1714                                        ]
1715                                     },
1716                                     "protected" : 1,
1717                                     "returns" : {
1718                                        "type" : "object"
1719                                     }
1720                                  },
1721                                  "PUT" : {
1722                                     "description" : "Update IP or Network settings",
1723                                     "method" : "PUT",
1724                                     "name" : "update_ip",
1725                                     "parameters" : {
1726                                        "additionalProperties" : 0,
1727                                        "properties" : {
1728                                           "cidr" : {
1729                                              "description" : "Network/IP specification in CIDR format.",
1730                                              "format" : "IPorCIDRorAlias",
1731                                              "type" : "string",
1732                                              "typetext" : "<string>"
1733                                           },
1734                                           "comment" : {
1735                                              "optional" : 1,
1736                                              "type" : "string",
1737                                              "typetext" : "<string>"
1738                                           },
1739                                           "digest" : {
1740                                              "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1741                                              "maxLength" : 40,
1742                                              "optional" : 1,
1743                                              "type" : "string",
1744                                              "typetext" : "<string>"
1745                                           },
1746                                           "name" : {
1747                                              "description" : "IP set name.",
1748                                              "maxLength" : 64,
1749                                              "minLength" : 2,
1750                                              "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1751                                              "type" : "string"
1752                                           },
1753                                           "nomatch" : {
1754                                              "optional" : 1,
1755                                              "type" : "boolean",
1756                                              "typetext" : "<boolean>"
1757                                           }
1758                                        }
1759                                     },
1760                                     "permissions" : {
1761                                        "check" : [
1762                                           "perm",
1763                                           "/",
1764                                           [
1765                                              "Sys.Modify"
1766                                           ]
1767                                        ]
1768                                     },
1769                                     "protected" : 1,
1770                                     "returns" : {
1771                                        "type" : "null"
1772                                     }
1773                                  }
1774                               },
1775                               "leaf" : 1,
1776                               "path" : "/cluster/firewall/ipset/{name}/{cidr}",
1777                               "text" : "{cidr}"
1778                            }
1779                         ],
1780                         "info" : {
1781                            "DELETE" : {
1782                               "description" : "Delete IPSet",
1783                               "method" : "DELETE",
1784                               "name" : "delete_ipset",
1785                               "parameters" : {
1786                                  "additionalProperties" : 0,
1787                                  "properties" : {
1788                                     "name" : {
1789                                        "description" : "IP set name.",
1790                                        "maxLength" : 64,
1791                                        "minLength" : 2,
1792                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1793                                        "type" : "string"
1794                                     }
1795                                  }
1796                               },
1797                               "permissions" : {
1798                                  "check" : [
1799                                     "perm",
1800                                     "/",
1801                                     [
1802                                        "Sys.Modify"
1803                                     ]
1804                                  ]
1805                               },
1806                               "protected" : 1,
1807                               "returns" : {
1808                                  "type" : "null"
1809                               }
1810                            },
1811                            "GET" : {
1812                               "description" : "List IPSet content",
1813                               "method" : "GET",
1814                               "name" : "get_ipset",
1815                               "parameters" : {
1816                                  "additionalProperties" : 0,
1817                                  "properties" : {
1818                                     "name" : {
1819                                        "description" : "IP set name.",
1820                                        "maxLength" : 64,
1821                                        "minLength" : 2,
1822                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1823                                        "type" : "string"
1824                                     }
1825                                  }
1826                               },
1827                               "permissions" : {
1828                                  "check" : [
1829                                     "perm",
1830                                     "/",
1831                                     [
1832                                        "Sys.Audit"
1833                                     ]
1834                                  ]
1835                               },
1836                               "returns" : {
1837                                  "items" : {
1838                                     "properties" : {
1839                                        "cidr" : {
1840                                           "type" : "string"
1841                                        },
1842                                        "comment" : {
1843                                           "optional" : 1,
1844                                           "type" : "string"
1845                                        },
1846                                        "digest" : {
1847                                           "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1848                                           "maxLength" : 40,
1849                                           "optional" : 0,
1850                                           "type" : "string"
1851                                        },
1852                                        "nomatch" : {
1853                                           "optional" : 1,
1854                                           "type" : "boolean"
1855                                        }
1856                                     },
1857                                     "type" : "object"
1858                                  },
1859                                  "links" : [
1860                                     {
1861                                        "href" : "{cidr}",
1862                                        "rel" : "child"
1863                                     }
1864                                  ],
1865                                  "type" : "array"
1866                               }
1867                            },
1868                            "POST" : {
1869                               "description" : "Add IP or Network to IPSet.",
1870                               "method" : "POST",
1871                               "name" : "create_ip",
1872                               "parameters" : {
1873                                  "additionalProperties" : 0,
1874                                  "properties" : {
1875                                     "cidr" : {
1876                                        "description" : "Network/IP specification in CIDR format.",
1877                                        "format" : "IPorCIDRorAlias",
1878                                        "type" : "string",
1879                                        "typetext" : "<string>"
1880                                     },
1881                                     "comment" : {
1882                                        "optional" : 1,
1883                                        "type" : "string",
1884                                        "typetext" : "<string>"
1885                                     },
1886                                     "name" : {
1887                                        "description" : "IP set name.",
1888                                        "maxLength" : 64,
1889                                        "minLength" : 2,
1890                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1891                                        "type" : "string"
1892                                     },
1893                                     "nomatch" : {
1894                                        "optional" : 1,
1895                                        "type" : "boolean",
1896                                        "typetext" : "<boolean>"
1897                                     }
1898                                  }
1899                               },
1900                               "permissions" : {
1901                                  "check" : [
1902                                     "perm",
1903                                     "/",
1904                                     [
1905                                        "Sys.Modify"
1906                                     ]
1907                                  ]
1908                               },
1909                               "protected" : 1,
1910                               "returns" : {
1911                                  "type" : "null"
1912                               }
1913                            }
1914                         },
1915                         "leaf" : 0,
1916                         "path" : "/cluster/firewall/ipset/{name}",
1917                         "text" : "{name}"
1918                      }
1919                   ],
1920                   "info" : {
1921                      "GET" : {
1922                         "description" : "List IPSets",
1923                         "method" : "GET",
1924                         "name" : "ipset_index",
1925                         "parameters" : {
1926                            "additionalProperties" : 0
1927                         },
1928                         "permissions" : {
1929                            "check" : [
1930                               "perm",
1931                               "/",
1932                               [
1933                                  "Sys.Audit"
1934                               ]
1935                            ]
1936                         },
1937                         "returns" : {
1938                            "items" : {
1939                               "properties" : {
1940                                  "comment" : {
1941                                     "optional" : 1,
1942                                     "type" : "string"
1943                                  },
1944                                  "digest" : {
1945                                     "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1946                                     "maxLength" : 40,
1947                                     "optional" : 0,
1948                                     "type" : "string"
1949                                  },
1950                                  "name" : {
1951                                     "description" : "IP set name.",
1952                                     "maxLength" : 64,
1953                                     "minLength" : 2,
1954                                     "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1955                                     "type" : "string"
1956                                  }
1957                               },
1958                               "type" : "object"
1959                            },
1960                            "links" : [
1961                               {
1962                                  "href" : "{name}",
1963                                  "rel" : "child"
1964                               }
1965                            ],
1966                            "type" : "array"
1967                         }
1968                      },
1969                      "POST" : {
1970                         "description" : "Create new IPSet",
1971                         "method" : "POST",
1972                         "name" : "create_ipset",
1973                         "parameters" : {
1974                            "additionalProperties" : 0,
1975                            "properties" : {
1976                               "comment" : {
1977                                  "optional" : 1,
1978                                  "type" : "string",
1979                                  "typetext" : "<string>"
1980                               },
1981                               "digest" : {
1982                                  "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1983                                  "maxLength" : 40,
1984                                  "optional" : 1,
1985                                  "type" : "string",
1986                                  "typetext" : "<string>"
1987                               },
1988                               "name" : {
1989                                  "description" : "IP set name.",
1990                                  "maxLength" : 64,
1991                                  "minLength" : 2,
1992                                  "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1993                                  "type" : "string"
1994                               },
1995                               "rename" : {
1996                                  "description" : "Rename an existing IPSet. You can set 'rename' to the same value as 'name' to update the 'comment' of an existing IPSet.",
1997                                  "maxLength" : 64,
1998                                  "minLength" : 2,
1999                                  "optional" : 1,
2000                                  "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2001                                  "type" : "string"
2002                               }
2003                            }
2004                         },
2005                         "permissions" : {
2006                            "check" : [
2007                               "perm",
2008                               "/",
2009                               [
2010                                  "Sys.Modify"
2011                               ]
2012                            ]
2013                         },
2014                         "protected" : 1,
2015                         "returns" : {
2016                            "type" : "null"
2017                         }
2018                      }
2019                   },
2020                   "leaf" : 0,
2021                   "path" : "/cluster/firewall/ipset",
2022                   "text" : "ipset"
2023                },
2024                {
2025                   "children" : [
2026                      {
2027                         "info" : {
2028                            "DELETE" : {
2029                               "description" : "Remove IP or Network alias.",
2030                               "method" : "DELETE",
2031                               "name" : "remove_alias",
2032                               "parameters" : {
2033                                  "additionalProperties" : 0,
2034                                  "properties" : {
2035                                     "digest" : {
2036                                        "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
2037                                        "maxLength" : 40,
2038                                        "optional" : 1,
2039                                        "type" : "string",
2040                                        "typetext" : "<string>"
2041                                     },
2042                                     "name" : {
2043                                        "description" : "Alias name.",
2044                                        "maxLength" : 64,
2045                                        "minLength" : 2,
2046                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2047                                        "type" : "string"
2048                                     }
2049                                  }
2050                               },
2051                               "permissions" : {
2052                                  "check" : [
2053                                     "perm",
2054                                     "/",
2055                                     [
2056                                        "Sys.Modify"
2057                                     ]
2058                                  ]
2059                               },
2060                               "protected" : 1,
2061                               "returns" : {
2062                                  "type" : "null"
2063                               }
2064                            },
2065                            "GET" : {
2066                               "description" : "Read alias.",
2067                               "method" : "GET",
2068                               "name" : "read_alias",
2069                               "parameters" : {
2070                                  "additionalProperties" : 0,
2071                                  "properties" : {
2072                                     "name" : {
2073                                        "description" : "Alias name.",
2074                                        "maxLength" : 64,
2075                                        "minLength" : 2,
2076                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2077                                        "type" : "string"
2078                                     }
2079                                  }
2080                               },
2081                               "permissions" : {
2082                                  "check" : [
2083                                     "perm",
2084                                     "/",
2085                                     [
2086                                        "Sys.Audit"
2087                                     ]
2088                                  ]
2089                               },
2090                               "returns" : {
2091                                  "type" : "object"
2092                               }
2093                            },
2094                            "PUT" : {
2095                               "description" : "Update IP or Network alias.",
2096                               "method" : "PUT",
2097                               "name" : "update_alias",
2098                               "parameters" : {
2099                                  "additionalProperties" : 0,
2100                                  "properties" : {
2101                                     "cidr" : {
2102                                        "description" : "Network/IP specification in CIDR format.",
2103                                        "format" : "IPorCIDR",
2104                                        "type" : "string",
2105                                        "typetext" : "<string>"
2106                                     },
2107                                     "comment" : {
2108                                        "optional" : 1,
2109                                        "type" : "string",
2110                                        "typetext" : "<string>"
2111                                     },
2112                                     "digest" : {
2113                                        "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
2114                                        "maxLength" : 40,
2115                                        "optional" : 1,
2116                                        "type" : "string",
2117                                        "typetext" : "<string>"
2118                                     },
2119                                     "name" : {
2120                                        "description" : "Alias name.",
2121                                        "maxLength" : 64,
2122                                        "minLength" : 2,
2123                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2124                                        "type" : "string"
2125                                     },
2126                                     "rename" : {
2127                                        "description" : "Rename an existing alias.",
2128                                        "maxLength" : 64,
2129                                        "minLength" : 2,
2130                                        "optional" : 1,
2131                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2132                                        "type" : "string"
2133                                     }
2134                                  }
2135                               },
2136                               "permissions" : {
2137                                  "check" : [
2138                                     "perm",
2139                                     "/",
2140                                     [
2141                                        "Sys.Modify"
2142                                     ]
2143                                  ]
2144                               },
2145                               "protected" : 1,
2146                               "returns" : {
2147                                  "type" : "null"
2148                               }
2149                            }
2150                         },
2151                         "leaf" : 1,
2152                         "path" : "/cluster/firewall/aliases/{name}",
2153                         "text" : "{name}"
2154                      }
2155                   ],
2156                   "info" : {
2157                      "GET" : {
2158                         "description" : "List aliases",
2159                         "method" : "GET",
2160                         "name" : "get_aliases",
2161                         "parameters" : {
2162                            "additionalProperties" : 0
2163                         },
2164                         "permissions" : {
2165                            "check" : [
2166                               "perm",
2167                               "/",
2168                               [
2169                                  "Sys.Audit"
2170                               ]
2171                            ]
2172                         },
2173                         "returns" : {
2174                            "items" : {
2175                               "properties" : {
2176                                  "cidr" : {
2177                                     "type" : "string"
2178                                  },
2179                                  "comment" : {
2180                                     "optional" : 1,
2181                                     "type" : "string"
2182                                  },
2183                                  "digest" : {
2184                                     "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
2185                                     "maxLength" : 40,
2186                                     "optional" : 0,
2187                                     "type" : "string"
2188                                  },
2189                                  "name" : {
2190                                     "type" : "string"
2191                                  }
2192                               },
2193                               "type" : "object"
2194                            },
2195                            "links" : [
2196                               {
2197                                  "href" : "{name}",
2198                                  "rel" : "child"
2199                               }
2200                            ],
2201                            "type" : "array"
2202                         }
2203                      },
2204                      "POST" : {
2205                         "description" : "Create IP or Network Alias.",
2206                         "method" : "POST",
2207                         "name" : "create_alias",
2208                         "parameters" : {
2209                            "additionalProperties" : 0,
2210                            "properties" : {
2211                               "cidr" : {
2212                                  "description" : "Network/IP specification in CIDR format.",
2213                                  "format" : "IPorCIDR",
2214                                  "type" : "string",
2215                                  "typetext" : "<string>"
2216                               },
2217                               "comment" : {
2218                                  "optional" : 1,
2219                                  "type" : "string",
2220                                  "typetext" : "<string>"
2221                               },
2222                               "name" : {
2223                                  "description" : "Alias name.",
2224                                  "maxLength" : 64,
2225                                  "minLength" : 2,
2226                                  "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2227                                  "type" : "string"
2228                               }
2229                            }
2230                         },
2231                         "permissions" : {
2232                            "check" : [
2233                               "perm",
2234                               "/",
2235                               [
2236                                  "Sys.Modify"
2237                               ]
2238                            ]
2239                         },
2240                         "protected" : 1,
2241                         "returns" : {
2242                            "type" : "null"
2243                         }
2244                      }
2245                   },
2246                   "leaf" : 0,
2247                   "path" : "/cluster/firewall/aliases",
2248                   "text" : "aliases"
2249                },
2250                {
2251                   "info" : {
2252                      "GET" : {
2253                         "description" : "Get Firewall options.",
2254                         "method" : "GET",
2255                         "name" : "get_options",
2256                         "parameters" : {
2257                            "additionalProperties" : 0
2258                         },
2259                         "permissions" : {
2260                            "check" : [
2261                               "perm",
2262                               "/",
2263                               [
2264                                  "Sys.Audit"
2265                               ]
2266                            ]
2267                         },
2268                         "returns" : {
2269                            "properties" : {
2270                               "enable" : {
2271                                  "description" : "Enable or disable the firewall cluster wide.",
2272                                  "minimum" : 0,
2273                                  "optional" : 1,
2274                                  "type" : "integer"
2275                               },
2276                               "policy_in" : {
2277                                  "description" : "Input policy.",
2278                                  "enum" : [
2279                                     "ACCEPT",
2280                                     "REJECT",
2281                                     "DROP"
2282                                  ],
2283                                  "optional" : 1,
2284                                  "type" : "string"
2285                               },
2286                               "policy_out" : {
2287                                  "description" : "Output policy.",
2288                                  "enum" : [
2289                                     "ACCEPT",
2290                                     "REJECT",
2291                                     "DROP"
2292                                  ],
2293                                  "optional" : 1,
2294                                  "type" : "string"
2295                               }
2296                            },
2297                            "type" : "object"
2298                         }
2299                      },
2300                      "PUT" : {
2301                         "description" : "Set Firewall options.",
2302                         "method" : "PUT",
2303                         "name" : "set_options",
2304                         "parameters" : {
2305                            "additionalProperties" : 0,
2306                            "properties" : {
2307                               "delete" : {
2308                                  "description" : "A list of settings you want to delete.",
2309                                  "format" : "pve-configid-list",
2310                                  "optional" : 1,
2311                                  "type" : "string",
2312                                  "typetext" : "<string>"
2313                               },
2314                               "digest" : {
2315                                  "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
2316                                  "maxLength" : 40,
2317                                  "optional" : 1,
2318                                  "type" : "string",
2319                                  "typetext" : "<string>"
2320                               },
2321                               "enable" : {
2322                                  "description" : "Enable or disable the firewall cluster wide.",
2323                                  "minimum" : 0,
2324                                  "optional" : 1,
2325                                  "type" : "integer",
2326                                  "typetext" : "<integer> (0 - N)"
2327                               },
2328                               "policy_in" : {
2329                                  "description" : "Input policy.",
2330                                  "enum" : [
2331                                     "ACCEPT",
2332                                     "REJECT",
2333                                     "DROP"
2334                                  ],
2335                                  "optional" : 1,
2336                                  "type" : "string"
2337          &n