b3a21f3f616f24af468a9ef10c4ed43928dac510
[pve-docs.git] / api-viewer / apidata.js
1 var pveapi = [
2    {
3       "children" : [
4          {
5             "children" : [
6                {
7                   "info" : {
8                      "DELETE" : {
9                         "description" : "Mark replication job for removal.",
10                         "method" : "DELETE",
11                         "name" : "delete",
12                         "parameters" : {
13                            "additionalProperties" : 0,
14                            "properties" : {
15                               "force" : {
16                                  "default" : 0,
17                                  "description" : "Will remove the jobconfig entry, but will not cleanup.",
18                                  "optional" : 1,
19                                  "type" : "boolean",
20                                  "typetext" : "<boolean>"
21                               },
22                               "id" : {
23                                  "description" : "Replication Job ID. The ID is composed of a Guest ID and a job number, separated by a hyphen, i.e. '<GUEST>-<JOBNUM>'.",
24                                  "format" : "pve-replication-job-id",
25                                  "pattern" : "[1-9][0-9]{2,8}-\\d{1,9}",
26                                  "type" : "string"
27                               },
28                               "keep" : {
29                                  "default" : 0,
30                                  "description" : "Keep replicated data at target (do not remove).",
31                                  "optional" : 1,
32                                  "type" : "boolean",
33                                  "typetext" : "<boolean>"
34                               }
35                            }
36                         },
37                         "permissions" : {
38                            "check" : [
39                               "perm",
40                               "/storage",
41                               [
42                                  "Datastore.Allocate"
43                               ]
44                            ]
45                         },
46                         "protected" : 1,
47                         "returns" : {
48                            "type" : "null"
49                         }
50                      },
51                      "GET" : {
52                         "description" : "Read replication job configuration.",
53                         "method" : "GET",
54                         "name" : "read",
55                         "parameters" : {
56                            "additionalProperties" : 0,
57                            "properties" : {
58                               "id" : {
59                                  "description" : "Replication Job ID. The ID is composed of a Guest ID and a job number, separated by a hyphen, i.e. '<GUEST>-<JOBNUM>'.",
60                                  "format" : "pve-replication-job-id",
61                                  "pattern" : "[1-9][0-9]{2,8}-\\d{1,9}",
62                                  "type" : "string"
63                               }
64                            }
65                         },
66                         "permissions" : {
67                            "description" : "Requires the VM.Audit permission on /vms/<vmid>.",
68                            "user" : "all"
69                         },
70                         "returns" : {
71                            "type" : "object"
72                         }
73                      },
74                      "PUT" : {
75                         "description" : "Update replication job configuration.",
76                         "method" : "PUT",
77                         "name" : "update",
78                         "parameters" : {
79                            "additionalProperties" : 0,
80                            "properties" : {
81                               "comment" : {
82                                  "description" : "Description.",
83                                  "maxLength" : 4096,
84                                  "optional" : 1,
85                                  "type" : "string",
86                                  "typetext" : "<string>"
87                               },
88                               "delete" : {
89                                  "description" : "A list of settings you want to delete.",
90                                  "format" : "pve-configid-list",
91                                  "maxLength" : 4096,
92                                  "optional" : 1,
93                                  "type" : "string",
94                                  "typetext" : "<string>"
95                               },
96                               "digest" : {
97                                  "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
98                                  "maxLength" : 40,
99                                  "optional" : 1,
100                                  "type" : "string",
101                                  "typetext" : "<string>"
102                               },
103                               "disable" : {
104                                  "description" : "Flag to disable/deactivate the entry.",
105                                  "optional" : 1,
106                                  "type" : "boolean",
107                                  "typetext" : "<boolean>"
108                               },
109                               "id" : {
110                                  "description" : "Replication Job ID. The ID is composed of a Guest ID and a job number, separated by a hyphen, i.e. '<GUEST>-<JOBNUM>'.",
111                                  "format" : "pve-replication-job-id",
112                                  "pattern" : "[1-9][0-9]{2,8}-\\d{1,9}",
113                                  "type" : "string"
114                               },
115                               "rate" : {
116                                  "description" : "Rate limit in mbps (megabytes per second) as floating point number.",
117                                  "minimum" : 1,
118                                  "optional" : 1,
119                                  "type" : "number",
120                                  "typetext" : "<number> (1 - N)"
121                               },
122                               "remove_job" : {
123                                  "description" : "Mark the replication job for removal. The job will remove all local replication snapshots. When set to 'full', it also tries to remove replicated volumes on the target. The job then removes itself from the configuration file.",
124                                  "enum" : [
125                                     "local",
126                                     "full"
127                                  ],
128                                  "optional" : 1,
129                                  "type" : "string"
130                               },
131                               "schedule" : {
132                                  "default" : "*/15",
133                                  "description" : "Storage replication schedule. The format is a subset of `systemd` calender events.",
134                                  "format" : "pve-calendar-event",
135                                  "maxLength" : 128,
136                                  "optional" : 1,
137                                  "type" : "string",
138                                  "typetext" : "<string>"
139                               },
140                               "source" : {
141                                  "description" : "Source of the replication.",
142                                  "format" : "pve-node",
143                                  "optional" : 1,
144                                  "type" : "string",
145                                  "typetext" : "<string>"
146                               }
147                            },
148                            "type" : "object"
149                         },
150                         "permissions" : {
151                            "check" : [
152                               "perm",
153                               "/storage",
154                               [
155                                  "Datastore.Allocate"
156                               ]
157                            ]
158                         },
159                         "protected" : 1,
160                         "returns" : {
161                            "type" : "null"
162                         }
163                      }
164                   },
165                   "leaf" : 1,
166                   "path" : "/cluster/replication/{id}",
167                   "text" : "{id}"
168                }
169             ],
170             "info" : {
171                "GET" : {
172                   "description" : "List replication jobs.",
173                   "method" : "GET",
174                   "name" : "index",
175                   "parameters" : {
176                      "additionalProperties" : 0
177                   },
178                   "permissions" : {
179                      "description" : "Requires the VM.Audit permission on /vms/<vmid>.",
180                      "user" : "all"
181                   },
182                   "returns" : {
183                      "items" : {
184                         "properties" : {},
185                         "type" : "object"
186                      },
187                      "links" : [
188                         {
189                            "href" : "{id}",
190                            "rel" : "child"
191                         }
192                      ],
193                      "type" : "array"
194                   }
195                },
196                "POST" : {
197                   "description" : "Create a new replication job",
198                   "method" : "POST",
199                   "name" : "create",
200                   "parameters" : {
201                      "additionalProperties" : 0,
202                      "properties" : {
203                         "comment" : {
204                            "description" : "Description.",
205                            "maxLength" : 4096,
206                            "optional" : 1,
207                            "type" : "string",
208                            "typetext" : "<string>"
209                         },
210                         "disable" : {
211                            "description" : "Flag to disable/deactivate the entry.",
212                            "optional" : 1,
213                            "type" : "boolean",
214                            "typetext" : "<boolean>"
215                         },
216                         "id" : {
217                            "description" : "Replication Job ID. The ID is composed of a Guest ID and a job number, separated by a hyphen, i.e. '<GUEST>-<JOBNUM>'.",
218                            "format" : "pve-replication-job-id",
219                            "pattern" : "[1-9][0-9]{2,8}-\\d{1,9}",
220                            "type" : "string"
221                         },
222                         "rate" : {
223                            "description" : "Rate limit in mbps (megabytes per second) as floating point number.",
224                            "minimum" : 1,
225                            "optional" : 1,
226                            "type" : "number",
227                            "typetext" : "<number> (1 - N)"
228                         },
229                         "remove_job" : {
230                            "description" : "Mark the replication job for removal. The job will remove all local replication snapshots. When set to 'full', it also tries to remove replicated volumes on the target. The job then removes itself from the configuration file.",
231                            "enum" : [
232                               "local",
233                               "full"
234                            ],
235                            "optional" : 1,
236                            "type" : "string"
237                         },
238                         "schedule" : {
239                            "default" : "*/15",
240                            "description" : "Storage replication schedule. The format is a subset of `systemd` calender events.",
241                            "format" : "pve-calendar-event",
242                            "maxLength" : 128,
243                            "optional" : 1,
244                            "type" : "string",
245                            "typetext" : "<string>"
246                         },
247                         "source" : {
248                            "description" : "Source of the replication.",
249                            "format" : "pve-node",
250                            "optional" : 1,
251                            "type" : "string",
252                            "typetext" : "<string>"
253                         },
254                         "target" : {
255                            "description" : "Target node.",
256                            "format" : "pve-node",
257                            "optional" : 0,
258                            "type" : "string",
259                            "typetext" : "<string>"
260                         },
261                         "type" : {
262                            "description" : "Section type.",
263                            "enum" : [
264                               "local"
265                            ],
266                            "type" : "string"
267                         }
268                      },
269                      "type" : "object"
270                   },
271                   "permissions" : {
272                      "check" : [
273                         "perm",
274                         "/storage",
275                         [
276                            "Datastore.Allocate"
277                         ]
278                      ]
279                   },
280                   "protected" : 1,
281                   "returns" : {
282                      "type" : "null"
283                   }
284                }
285             },
286             "leaf" : 0,
287             "path" : "/cluster/replication",
288             "text" : "replication"
289          },
290          {
291             "children" : [
292                {
293                   "children" : [
294                      {
295                         "info" : {
296                            "DELETE" : {
297                               "description" : "Removes a node from the cluster configuration.",
298                               "method" : "DELETE",
299                               "name" : "delnode",
300                               "parameters" : {
301                                  "additionalProperties" : 0,
302                                  "properties" : {
303                                     "node" : {
304                                        "description" : "The cluster node name.",
305                                        "format" : "pve-node",
306                                        "type" : "string",
307                                        "typetext" : "<string>"
308                                     }
309                                  }
310                               },
311                               "protected" : 1,
312                               "returns" : {
313                                  "type" : "null"
314                               }
315                            },
316                            "POST" : {
317                               "description" : "Adds a node to the cluster configuration. This call is for internal use.",
318                               "method" : "POST",
319                               "name" : "addnode",
320                               "parameters" : {
321                                  "additionalProperties" : 0,
322                                  "properties" : {
323                                     "force" : {
324                                        "description" : "Do not throw error if node already exists.",
325                                        "optional" : 1,
326                                        "type" : "boolean",
327                                        "typetext" : "<boolean>"
328                                     },
329                                     "node" : {
330                                        "description" : "The cluster node name.",
331                                        "format" : "pve-node",
332                                        "type" : "string",
333                                        "typetext" : "<string>"
334                                     },
335                                     "nodeid" : {
336                                        "description" : "Node id for this node.",
337                                        "minimum" : 1,
338                                        "optional" : 1,
339                                        "type" : "integer",
340                                        "typetext" : "<integer> (1 - N)"
341                                     },
342                                     "ring0_addr" : {
343                                        "default" : "Hostname of the node",
344                                        "description" : "Hostname (or IP) of the corosync ring0 address of this node.",
345                                        "format" : "address",
346                                        "optional" : 1,
347                                        "type" : "string",
348                                        "typetext" : "<string>"
349                                     },
350                                     "ring1_addr" : {
351                                        "description" : "Hostname (or IP) of the corosync ring1 address of this node. Requires a valid configured ring 1 (bindnet1_addr) in the cluster.",
352                                        "format" : "address",
353                                        "optional" : 1,
354                                        "type" : "string",
355                                        "typetext" : "<string>"
356                                     },
357                                     "votes" : {
358                                        "description" : "Number of votes for this node",
359                                        "minimum" : 0,
360                                        "optional" : 1,
361                                        "type" : "integer",
362                                        "typetext" : "<integer> (0 - N)"
363                                     }
364                                  }
365                               },
366                               "protected" : 1,
367                               "returns" : {
368                                  "properties" : {
369                                     "corosync_authkey" : {
370                                        "type" : "string"
371                                     },
372                                     "corosync_conf" : {
373                                        "type" : "string"
374                                     }
375                                  },
376                                  "type" : "object"
377                               }
378                            }
379                         },
380                         "leaf" : 1,
381                         "path" : "/cluster/config/nodes/{node}",
382                         "text" : "{node}"
383                      }
384                   ],
385                   "info" : {
386                      "GET" : {
387                         "description" : "Corosync node list.",
388                         "method" : "GET",
389                         "name" : "nodes",
390                         "parameters" : {
391                            "additionalProperties" : 0
392                         },
393                         "permissions" : {
394                            "check" : [
395                               "perm",
396                               "/",
397                               [
398                                  "Sys.Audit"
399                               ]
400                            ]
401                         },
402                         "returns" : {
403                            "items" : {
404                               "properties" : {
405                                  "node" : {
406                                     "type" : "string"
407                                  }
408                               },
409                               "type" : "object"
410                            },
411                            "links" : [
412                               {
413                                  "href" : "{node}",
414                                  "rel" : "child"
415                               }
416                            ],
417                            "type" : "array"
418                         }
419                      }
420                   },
421                   "leaf" : 0,
422                   "path" : "/cluster/config/nodes",
423                   "text" : "nodes"
424                },
425                {
426                   "info" : {
427                      "GET" : {
428                         "description" : "Get information needed to join this cluster over the connected node.",
429                         "method" : "GET",
430                         "name" : "join_info",
431                         "parameters" : {
432                            "additionalProperties" : 0,
433                            "properties" : {
434                               "node" : {
435                                  "default" : "current connected node",
436                                  "description" : "The node for which the joinee gets the nodeinfo. ",
437                                  "format" : "pve-node",
438                                  "optional" : 1,
439                                  "type" : "string",
440                                  "typetext" : "<string>"
441                               }
442                            }
443                         },
444                         "permissions" : {
445                            "check" : [
446                               "perm",
447                               "/",
448                               [
449                                  "Sys.Audit"
450                               ]
451                            ]
452                         },
453                         "returns" : {
454                            "additionalProperties" : 0,
455                            "properties" : {
456                               "config_digest" : {
457                                  "type" : "string"
458                               },
459                               "nodelist" : {
460                                  "items" : {
461                                     "additionalProperties" : 1,
462                                     "properties" : {
463                                        "name" : {
464                                           "description" : "The cluster node name.",
465                                           "format" : "pve-node",
466                                           "type" : "string"
467                                        },
468                                        "nodeid" : {
469                                           "description" : "Node id for this node.",
470                                           "minimum" : 1,
471                                           "optional" : 1,
472                                           "type" : "integer"
473                                        },
474                                        "pve_addr" : {
475                                           "format" : "ip",
476                                           "type" : "string"
477                                        },
478                                        "pve_fp" : {
479                                           "description" : "Certificate SHA 256 fingerprint.",
480                                           "pattern" : "([A-Fa-f0-9]{2}:){31}[A-Fa-f0-9]{2}",
481                                           "type" : "string"
482                                        },
483                                        "quorum_votes" : {
484                                           "minimum" : 0,
485                                           "type" : "integer"
486                                        },
487                                        "ring0_addr" : {
488                                           "default" : "Hostname of the node",
489                                           "description" : "Hostname (or IP) of the corosync ring0 address of this node.",
490                                           "format" : "address",
491                                           "optional" : 1,
492                                           "type" : "string"
493                                        }
494                                     },
495                                     "type" : "object"
496                                  },
497                                  "type" : "array"
498                               },
499                               "preferred_node" : {
500                                  "description" : "The cluster node name.",
501                                  "format" : "pve-node",
502                                  "type" : "string"
503                               },
504                               "totem" : {
505                                  "type" : "object"
506                               }
507                            },
508                            "type" : "object"
509                         }
510                      },
511                      "POST" : {
512                         "description" : "Joins this node into an existing cluster.",
513                         "method" : "POST",
514                         "name" : "join",
515                         "parameters" : {
516                            "additionalProperties" : 0,
517                            "properties" : {
518                               "fingerprint" : {
519                                  "description" : "Certificate SHA 256 fingerprint.",
520                                  "pattern" : "([A-Fa-f0-9]{2}:){31}[A-Fa-f0-9]{2}",
521                                  "type" : "string"
522                               },
523                               "force" : {
524                                  "description" : "Do not throw error if node already exists.",
525                                  "optional" : 1,
526                                  "type" : "boolean",
527                                  "typetext" : "<boolean>"
528                               },
529                               "hostname" : {
530                                  "description" : "Hostname (or IP) of an existing cluster member.",
531                                  "type" : "string",
532                                  "typetext" : "<string>"
533                               },
534                               "nodeid" : {
535                                  "description" : "Node id for this node.",
536                                  "minimum" : 1,
537                                  "optional" : 1,
538                                  "type" : "integer",
539                                  "typetext" : "<integer> (1 - N)"
540                               },
541                               "password" : {
542                                  "description" : "Superuser (root) password of peer node.",
543                                  "maxLength" : 128,
544                                  "type" : "string",
545                                  "typetext" : "<string>"
546                               },
547                               "ring0_addr" : {
548                                  "default" : "IP resolved by node's hostname",
549                                  "description" : "Hostname (or IP) of the corosync ring0 address of this node.",
550                                  "format" : "address",
551                                  "optional" : 1,
552                                  "type" : "string",
553                                  "typetext" : "<string>"
554                               },
555                               "ring1_addr" : {
556                                  "description" : "Hostname (or IP) of the corosync ring1 address of this node. Requires a valid configured ring 1 (bindnet1_addr) in the cluster.",
557                                  "format" : "address",
558                                  "optional" : 1,
559                                  "type" : "string",
560                                  "typetext" : "<string>"
561                               },
562                               "votes" : {
563                                  "description" : "Number of votes for this node",
564                                  "minimum" : 0,
565                                  "optional" : 1,
566                                  "type" : "integer",
567                                  "typetext" : "<integer> (0 - N)"
568                               }
569                            }
570                         },
571                         "protected" : 1,
572                         "returns" : {
573                            "type" : "string"
574                         }
575                      }
576                   },
577                   "leaf" : 1,
578                   "path" : "/cluster/config/join",
579                   "text" : "join"
580                },
581                {
582                   "info" : {
583                      "GET" : {
584                         "description" : "Get corosync totem protocol settings.",
585                         "method" : "GET",
586                         "name" : "totem",
587                         "parameters" : {
588                            "additionalProperties" : 0
589                         },
590                         "permissions" : {
591                            "check" : [
592                               "perm",
593                               "/",
594                               [
595                                  "Sys.Audit"
596                               ]
597                            ]
598                         },
599                         "returns" : {
600                            "type" : "object"
601                         }
602                      }
603                   },
604                   "leaf" : 1,
605                   "path" : "/cluster/config/totem",
606                   "text" : "totem"
607                }
608             ],
609             "info" : {
610                "GET" : {
611                   "description" : "Directory index.",
612                   "method" : "GET",
613                   "name" : "index",
614                   "parameters" : {
615                      "additionalProperties" : 0
616                   },
617                   "permissions" : {
618                      "check" : [
619                         "perm",
620                         "/",
621                         [
622                            "Sys.Audit"
623                         ]
624                      ]
625                   },
626                   "returns" : {
627                      "items" : {
628                         "properties" : {},
629                         "type" : "object"
630                      },
631                      "links" : [
632                         {
633                            "href" : "{name}",
634                            "rel" : "child"
635                         }
636                      ],
637                      "type" : "array"
638                   }
639                },
640                "POST" : {
641                   "description" : "Generate new cluster configuration.",
642                   "method" : "POST",
643                   "name" : "create",
644                   "parameters" : {
645                      "additionalProperties" : 0,
646                      "properties" : {
647                         "bindnet0_addr" : {
648                            "description" : "This specifies the network address the corosync ring 0 executive should bind to and defaults to the local IP address of the node.",
649                            "format" : "ip",
650                            "optional" : 1,
651                            "type" : "string",
652                            "typetext" : "<string>"
653                         },
654                         "bindnet1_addr" : {
655                            "description" : "This specifies the network address the corosync ring 1 executive should bind to and is optional.",
656                            "format" : "ip",
657                            "optional" : 1,
658                            "type" : "string",
659                            "typetext" : "<string>"
660                         },
661                         "clustername" : {
662                            "description" : "The name of the cluster.",
663                            "format" : "pve-node",
664                            "maxLength" : 15,
665                            "type" : "string",
666                            "typetext" : "<string>"
667                         },
668                         "nodeid" : {
669                            "description" : "Node id for this node.",
670                            "minimum" : 1,
671                            "optional" : 1,
672                            "type" : "integer",
673                            "typetext" : "<integer> (1 - N)"
674                         },
675                         "ring0_addr" : {
676                            "default" : "Hostname of the node",
677                            "description" : "Hostname (or IP) of the corosync ring0 address of this node.",
678                            "format" : "address",
679                            "optional" : 1,
680                            "type" : "string",
681                            "typetext" : "<string>"
682                         },
683                         "ring1_addr" : {
684                            "description" : "Hostname (or IP) of the corosync ring1 address of this node. Requires a valid configured ring 1 (bindnet1_addr) in the cluster.",
685                            "format" : "address",
686                            "optional" : 1,
687                            "type" : "string",
688                            "typetext" : "<string>"
689                         },
690                         "votes" : {
691                            "description" : "Number of votes for this node.",
692                            "minimum" : 1,
693                            "optional" : 1,
694                            "type" : "integer",
695                            "typetext" : "<integer> (1 - N)"
696                         }
697                      }
698                   },
699                   "protected" : 1,
700                   "returns" : {
701                      "type" : "string"
702                   }
703                }
704             },
705             "leaf" : 0,
706             "path" : "/cluster/config",
707             "text" : "config"
708          },
709          {
710             "children" : [
711                {
712                   "children" : [
713                      {
714                         "children" : [
715                            {
716                               "info" : {
717                                  "DELETE" : {
718                                     "description" : "Delete rule.",
719                                     "method" : "DELETE",
720                                     "name" : "delete_rule",
721                                     "parameters" : {
722                                        "additionalProperties" : 0,
723                                        "properties" : {
724                                           "digest" : {
725                                              "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
726                                              "maxLength" : 40,
727                                              "optional" : 1,
728                                              "type" : "string",
729                                              "typetext" : "<string>"
730                                           },
731                                           "group" : {
732                                              "description" : "Security Group name.",
733                                              "maxLength" : 18,
734                                              "minLength" : 2,
735                                              "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
736                                              "type" : "string"
737                                           },
738                                           "pos" : {
739                                              "description" : "Update rule at position <pos>.",
740                                              "minimum" : 0,
741                                              "optional" : 1,
742                                              "type" : "integer",
743                                              "typetext" : "<integer> (0 - N)"
744                                           }
745                                        }
746                                     },
747                                     "permissions" : {
748                                        "check" : [
749                                           "perm",
750                                           "/",
751                                           [
752                                              "Sys.Modify"
753                                           ]
754                                        ]
755                                     },
756                                     "protected" : 1,
757                                     "proxyto" : null,
758                                     "returns" : {
759                                        "type" : "null"
760                                     }
761                                  },
762                                  "GET" : {
763                                     "description" : "Get single rule data.",
764                                     "method" : "GET",
765                                     "name" : "get_rule",
766                                     "parameters" : {
767                                        "additionalProperties" : 0,
768                                        "properties" : {
769                                           "group" : {
770                                              "description" : "Security Group name.",
771                                              "maxLength" : 18,
772                                              "minLength" : 2,
773                                              "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
774                                              "type" : "string"
775                                           },
776                                           "pos" : {
777                                              "description" : "Update rule at position <pos>.",
778                                              "minimum" : 0,
779                                              "optional" : 1,
780                                              "type" : "integer",
781                                              "typetext" : "<integer> (0 - N)"
782                                           }
783                                        }
784                                     },
785                                     "permissions" : {
786                                        "check" : [
787                                           "perm",
788                                           "/",
789                                           [
790                                              "Sys.Audit"
791                                           ]
792                                        ]
793                                     },
794                                     "proxyto" : null,
795                                     "returns" : {
796                                        "properties" : {
797                                           "action" : {
798                                              "type" : "string"
799                                           },
800                                           "comment" : {
801                                              "optional" : 1,
802                                              "type" : "string"
803                                           },
804                                           "dest" : {
805                                              "optional" : 1,
806                                              "type" : "string"
807                                           },
808                                           "dport" : {
809                                              "optional" : 1,
810                                              "type" : "string"
811                                           },
812                                           "enable" : {
813                                              "optional" : 1,
814                                              "type" : "integer"
815                                           },
816                                           "iface" : {
817                                              "optional" : 1,
818                                              "type" : "string"
819                                           },
820                                           "ipversion" : {
821                                              "optional" : 1,
822                                              "type" : "integer"
823                                           },
824                                           "log" : {
825                                              "description" : "Log level for firewall rule",
826                                              "enum" : [
827                                                 "emerg",
828                                                 "alert",
829                                                 "crit",
830                                                 "err",
831                                                 "warning",
832                                                 "notice",
833                                                 "info",
834                                                 "debug",
835                                                 "nolog"
836                                              ],
837                                              "optional" : 1,
838                                              "type" : "string"
839                                           },
840                                           "macro" : {
841                                              "optional" : 1,
842                                              "type" : "string"
843                                           },
844                                           "pos" : {
845                                              "type" : "integer"
846                                           },
847                                           "proto" : {
848                                              "optional" : 1,
849                                              "type" : "string"
850                                           },
851                                           "source" : {
852                                              "optional" : 1,
853                                              "type" : "string"
854                                           },
855                                           "sport" : {
856                                              "optional" : 1,
857                                              "type" : "string"
858                                           },
859                                           "type" : {
860                                              "type" : "string"
861                                           }
862                                        },
863                                        "type" : "object"
864                                     }
865                                  },
866                                  "PUT" : {
867                                     "description" : "Modify rule data.",
868                                     "method" : "PUT",
869                                     "name" : "update_rule",
870                                     "parameters" : {
871                                        "additionalProperties" : 0,
872                                        "properties" : {
873                                           "action" : {
874                                              "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
875                                              "maxLength" : 20,
876                                              "minLength" : 2,
877                                              "optional" : 1,
878                                              "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
879                                              "type" : "string"
880                                           },
881                                           "comment" : {
882                                              "description" : "Descriptive comment.",
883                                              "optional" : 1,
884                                              "type" : "string",
885                                              "typetext" : "<string>"
886                                           },
887                                           "delete" : {
888                                              "description" : "A list of settings you want to delete.",
889                                              "format" : "pve-configid-list",
890                                              "optional" : 1,
891                                              "type" : "string",
892                                              "typetext" : "<string>"
893                                           },
894                                           "dest" : {
895                                              "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
896                                              "format" : "pve-fw-addr-spec",
897                                              "optional" : 1,
898                                              "type" : "string",
899                                              "typetext" : "<string>"
900                                           },
901                                           "digest" : {
902                                              "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
903                                              "maxLength" : 40,
904                                              "optional" : 1,
905                                              "type" : "string",
906                                              "typetext" : "<string>"
907                                           },
908                                           "dport" : {
909                                              "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
910                                              "format" : "pve-fw-dport-spec",
911                                              "optional" : 1,
912                                              "type" : "string",
913                                              "typetext" : "<string>"
914                                           },
915                                           "enable" : {
916                                              "description" : "Flag to enable/disable a rule.",
917                                              "minimum" : 0,
918                                              "optional" : 1,
919                                              "type" : "integer",
920                                              "typetext" : "<integer> (0 - N)"
921                                           },
922                                           "group" : {
923                                              "description" : "Security Group name.",
924                                              "maxLength" : 18,
925                                              "minLength" : 2,
926                                              "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
927                                              "type" : "string"
928                                           },
929                                           "iface" : {
930                                              "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
931                                              "format" : "pve-iface",
932                                              "maxLength" : 20,
933                                              "minLength" : 2,
934                                              "optional" : 1,
935                                              "type" : "string",
936                                              "typetext" : "<string>"
937                                           },
938                                           "log" : {
939                                              "description" : "Log level for firewall rule.",
940                                              "enum" : [
941                                                 "emerg",
942                                                 "alert",
943                                                 "crit",
944                                                 "err",
945                                                 "warning",
946                                                 "notice",
947                                                 "info",
948                                                 "debug",
949                                                 "nolog"
950                                              ],
951                                              "optional" : 1,
952                                              "type" : "string"
953                                           },
954                                           "macro" : {
955                                              "description" : "Use predefined standard macro.",
956                                              "maxLength" : 128,
957                                              "optional" : 1,
958                                              "type" : "string",
959                                              "typetext" : "<string>"
960                                           },
961                                           "moveto" : {
962                                              "description" : "Move rule to new position <moveto>. Other arguments are ignored.",
963                                              "minimum" : 0,
964                                              "optional" : 1,
965                                              "type" : "integer",
966                                              "typetext" : "<integer> (0 - N)"
967                                           },
968                                           "pos" : {
969                                              "description" : "Update rule at position <pos>.",
970                                              "minimum" : 0,
971                                              "optional" : 1,
972                                              "type" : "integer",
973                                              "typetext" : "<integer> (0 - N)"
974                                           },
975                                           "proto" : {
976                                              "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
977                                              "format" : "pve-fw-protocol-spec",
978                                              "optional" : 1,
979                                              "type" : "string",
980                                              "typetext" : "<string>"
981                                           },
982                                           "source" : {
983                                              "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
984                                              "format" : "pve-fw-addr-spec",
985                                              "optional" : 1,
986                                              "type" : "string",
987                                              "typetext" : "<string>"
988                                           },
989                                           "sport" : {
990                                              "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
991                                              "format" : "pve-fw-sport-spec",
992                                              "optional" : 1,
993                                              "type" : "string",
994                                              "typetext" : "<string>"
995                                           },
996                                           "type" : {
997                                              "description" : "Rule type.",
998                                              "enum" : [
999                                                 "in",
1000                                                 "out",
1001                                                 "group"
1002                                              ],
1003                                              "optional" : 1,
1004                                              "type" : "string"
1005                                           }
1006                                        }
1007                                     },
1008                                     "permissions" : {
1009                                        "check" : [
1010                                           "perm",
1011                                           "/",
1012                                           [
1013                                              "Sys.Modify"
1014                                           ]
1015                                        ]
1016                                     },
1017                                     "protected" : 1,
1018                                     "proxyto" : null,
1019                                     "returns" : {
1020                                        "type" : "null"
1021                                     }
1022                                  }
1023                               },
1024                               "leaf" : 1,
1025                               "path" : "/cluster/firewall/groups/{group}/{pos}",
1026                               "text" : "{pos}"
1027                            }
1028                         ],
1029                         "info" : {
1030                            "DELETE" : {
1031                               "description" : "Delete security group.",
1032                               "method" : "DELETE",
1033                               "name" : "delete_security_group",
1034                               "parameters" : {
1035                                  "additionalProperties" : 0,
1036                                  "properties" : {
1037                                     "group" : {
1038                                        "description" : "Security Group name.",
1039                                        "maxLength" : 18,
1040                                        "minLength" : 2,
1041                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1042                                        "type" : "string"
1043                                     }
1044                                  }
1045                               },
1046                               "permissions" : {
1047                                  "check" : [
1048                                     "perm",
1049                                     "/",
1050                                     [
1051                                        "Sys.Modify"
1052                                     ]
1053                                  ]
1054                               },
1055                               "protected" : 1,
1056                               "returns" : {
1057                                  "type" : "null"
1058                               }
1059                            },
1060                            "GET" : {
1061                               "description" : "List rules.",
1062                               "method" : "GET",
1063                               "name" : "get_rules",
1064                               "parameters" : {
1065                                  "additionalProperties" : 0,
1066                                  "properties" : {
1067                                     "group" : {
1068                                        "description" : "Security Group name.",
1069                                        "maxLength" : 18,
1070                                        "minLength" : 2,
1071                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1072                                        "type" : "string"
1073                                     }
1074                                  }
1075                               },
1076                               "permissions" : {
1077                                  "check" : [
1078                                     "perm",
1079                                     "/",
1080                                     [
1081                                        "Sys.Audit"
1082                                     ]
1083                                  ]
1084                               },
1085                               "proxyto" : null,
1086                               "returns" : {
1087                                  "items" : {
1088                                     "properties" : {
1089                                        "pos" : {
1090                                           "type" : "integer"
1091                                        }
1092                                     },
1093                                     "type" : "object"
1094                                  },
1095                                  "links" : [
1096                                     {
1097                                        "href" : "{pos}",
1098                                        "rel" : "child"
1099                                     }
1100                                  ],
1101                                  "type" : "array"
1102                               }
1103                            },
1104                            "POST" : {
1105                               "description" : "Create new rule.",
1106                               "method" : "POST",
1107                               "name" : "create_rule",
1108                               "parameters" : {
1109                                  "additionalProperties" : 0,
1110                                  "properties" : {
1111                                     "action" : {
1112                                        "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
1113                                        "maxLength" : 20,
1114                                        "minLength" : 2,
1115                                        "optional" : 0,
1116                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1117                                        "type" : "string"
1118                                     },
1119                                     "comment" : {
1120                                        "description" : "Descriptive comment.",
1121                                        "optional" : 1,
1122                                        "type" : "string",
1123                                        "typetext" : "<string>"
1124                                     },
1125                                     "dest" : {
1126                                        "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
1127                                        "format" : "pve-fw-addr-spec",
1128                                        "optional" : 1,
1129                                        "type" : "string",
1130                                        "typetext" : "<string>"
1131                                     },
1132                                     "digest" : {
1133                                        "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1134                                        "maxLength" : 40,
1135                                        "optional" : 1,
1136                                        "type" : "string",
1137                                        "typetext" : "<string>"
1138                                     },
1139                                     "dport" : {
1140                                        "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
1141                                        "format" : "pve-fw-dport-spec",
1142                                        "optional" : 1,
1143                                        "type" : "string",
1144                                        "typetext" : "<string>"
1145                                     },
1146                                     "enable" : {
1147                                        "description" : "Flag to enable/disable a rule.",
1148                                        "minimum" : 0,
1149                                        "optional" : 1,
1150                                        "type" : "integer",
1151                                        "typetext" : "<integer> (0 - N)"
1152                                     },
1153                                     "group" : {
1154                                        "description" : "Security Group name.",
1155                                        "maxLength" : 18,
1156                                        "minLength" : 2,
1157                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1158                                        "type" : "string"
1159                                     },
1160                                     "iface" : {
1161                                        "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
1162                                        "format" : "pve-iface",
1163                                        "maxLength" : 20,
1164                                        "minLength" : 2,
1165                                        "optional" : 1,
1166                                        "type" : "string",
1167                                        "typetext" : "<string>"
1168                                     },
1169                                     "log" : {
1170                                        "description" : "Log level for firewall rule.",
1171                                        "enum" : [
1172                                           "emerg",
1173                                           "alert",
1174                                           "crit",
1175                                           "err",
1176                                           "warning",
1177                                           "notice",
1178                                           "info",
1179                                           "debug",
1180                                           "nolog"
1181                                        ],
1182                                        "optional" : 1,
1183                                        "type" : "string"
1184                                     },
1185                                     "macro" : {
1186                                        "description" : "Use predefined standard macro.",
1187                                        "maxLength" : 128,
1188                                        "optional" : 1,
1189                                        "type" : "string",
1190                                        "typetext" : "<string>"
1191                                     },
1192                                     "pos" : {
1193                                        "description" : "Update rule at position <pos>.",
1194                                        "minimum" : 0,
1195                                        "optional" : 1,
1196                                        "type" : "integer",
1197                                        "typetext" : "<integer> (0 - N)"
1198                                     },
1199                                     "proto" : {
1200                                        "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
1201                                        "format" : "pve-fw-protocol-spec",
1202                                        "optional" : 1,
1203                                        "type" : "string",
1204                                        "typetext" : "<string>"
1205                                     },
1206                                     "source" : {
1207                                        "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
1208                                        "format" : "pve-fw-addr-spec",
1209                                        "optional" : 1,
1210                                        "type" : "string",
1211                                        "typetext" : "<string>"
1212                                     },
1213                                     "sport" : {
1214                                        "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
1215                                        "format" : "pve-fw-sport-spec",
1216                                        "optional" : 1,
1217                                        "type" : "string",
1218                                        "typetext" : "<string>"
1219                                     },
1220                                     "type" : {
1221                                        "description" : "Rule type.",
1222                                        "enum" : [
1223                                           "in",
1224                                           "out",
1225                                           "group"
1226                                        ],
1227                                        "optional" : 0,
1228                                        "type" : "string"
1229                                     }
1230                                  }
1231                               },
1232                               "permissions" : {
1233                                  "check" : [
1234                                     "perm",
1235                                     "/",
1236                                     [
1237                                        "Sys.Modify"
1238                                     ]
1239                                  ]
1240                               },
1241                               "protected" : 1,
1242                               "proxyto" : null,
1243                               "returns" : {
1244                                  "type" : "null"
1245                               }
1246                            }
1247                         },
1248                         "leaf" : 0,
1249                         "path" : "/cluster/firewall/groups/{group}",
1250                         "text" : "{group}"
1251                      }
1252                   ],
1253                   "info" : {
1254                      "GET" : {
1255                         "description" : "List security groups.",
1256                         "method" : "GET",
1257                         "name" : "list_security_groups",
1258                         "parameters" : {
1259                            "additionalProperties" : 0
1260                         },
1261                         "permissions" : {
1262                            "user" : "all"
1263                         },
1264                         "returns" : {
1265                            "items" : {
1266                               "properties" : {
1267                                  "comment" : {
1268                                     "optional" : 1,
1269                                     "type" : "string"
1270                                  },
1271                                  "digest" : {
1272                                     "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1273                                     "maxLength" : 40,
1274                                     "optional" : 0,
1275                                     "type" : "string"
1276                                  },
1277                                  "group" : {
1278                                     "description" : "Security Group name.",
1279                                     "maxLength" : 18,
1280                                     "minLength" : 2,
1281                                     "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1282                                     "type" : "string"
1283                                  }
1284                               },
1285                               "type" : "object"
1286                            },
1287                            "links" : [
1288                               {
1289                                  "href" : "{group}",
1290                                  "rel" : "child"
1291                               }
1292                            ],
1293                            "type" : "array"
1294                         }
1295                      },
1296                      "POST" : {
1297                         "description" : "Create new security group.",
1298                         "method" : "POST",
1299                         "name" : "create_security_group",
1300                         "parameters" : {
1301                            "additionalProperties" : 0,
1302                            "properties" : {
1303                               "comment" : {
1304                                  "optional" : 1,
1305                                  "type" : "string",
1306                                  "typetext" : "<string>"
1307                               },
1308                               "digest" : {
1309                                  "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1310                                  "maxLength" : 40,
1311                                  "optional" : 1,
1312                                  "type" : "string",
1313                                  "typetext" : "<string>"
1314                               },
1315                               "group" : {
1316                                  "description" : "Security Group name.",
1317                                  "maxLength" : 18,
1318                                  "minLength" : 2,
1319                                  "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1320                                  "type" : "string"
1321                               },
1322                               "rename" : {
1323                                  "description" : "Rename/update an existing security group. You can set 'rename' to the same value as 'name' to update the 'comment' of an existing group.",
1324                                  "maxLength" : 18,
1325                                  "minLength" : 2,
1326                                  "optional" : 1,
1327                                  "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1328                                  "type" : "string"
1329                               }
1330                            }
1331                         },
1332                         "permissions" : {
1333                            "check" : [
1334                               "perm",
1335                               "/",
1336                               [
1337                                  "Sys.Modify"
1338                               ]
1339                            ]
1340                         },
1341                         "protected" : 1,
1342                         "returns" : {
1343                            "type" : "null"
1344                         }
1345                      }
1346                   },
1347                   "leaf" : 0,
1348                   "path" : "/cluster/firewall/groups",
1349                   "text" : "groups"
1350                },
1351                {
1352                   "children" : [
1353                      {
1354                         "info" : {
1355                            "DELETE" : {
1356                               "description" : "Delete rule.",
1357                               "method" : "DELETE",
1358                               "name" : "delete_rule",
1359                               "parameters" : {
1360                                  "additionalProperties" : 0,
1361                                  "properties" : {
1362                                     "digest" : {
1363                                        "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1364                                        "maxLength" : 40,
1365                                        "optional" : 1,
1366                                        "type" : "string",
1367                                        "typetext" : "<string>"
1368                                     },
1369                                     "pos" : {
1370                                        "description" : "Update rule at position <pos>.",
1371                                        "minimum" : 0,
1372                                        "optional" : 1,
1373                                        "type" : "integer",
1374                                        "typetext" : "<integer> (0 - N)"
1375                                     }
1376                                  }
1377                               },
1378                               "permissions" : {
1379                                  "check" : [
1380                                     "perm",
1381                                     "/",
1382                                     [
1383                                        "Sys.Modify"
1384                                     ]
1385                                  ]
1386                               },
1387                               "protected" : 1,
1388                               "proxyto" : null,
1389                               "returns" : {
1390                                  "type" : "null"
1391                               }
1392                            },
1393                            "GET" : {
1394                               "description" : "Get single rule data.",
1395                               "method" : "GET",
1396                               "name" : "get_rule",
1397                               "parameters" : {
1398                                  "additionalProperties" : 0,
1399                                  "properties" : {
1400                                     "pos" : {
1401                                        "description" : "Update rule at position <pos>.",
1402                                        "minimum" : 0,
1403                                        "optional" : 1,
1404                                        "type" : "integer",
1405                                        "typetext" : "<integer> (0 - N)"
1406                                     }
1407                                  }
1408                               },
1409                               "permissions" : {
1410                                  "check" : [
1411                                     "perm",
1412                                     "/",
1413                                     [
1414                                        "Sys.Audit"
1415                                     ]
1416                                  ]
1417                               },
1418                               "proxyto" : null,
1419                               "returns" : {
1420                                  "properties" : {
1421                                     "action" : {
1422                                        "type" : "string"
1423                                     },
1424                                     "comment" : {
1425                                        "optional" : 1,
1426                                        "type" : "string"
1427                                     },
1428                                     "dest" : {
1429                                        "optional" : 1,
1430                                        "type" : "string"
1431                                     },
1432                                     "dport" : {
1433                                        "optional" : 1,
1434                                        "type" : "string"
1435                                     },
1436                                     "enable" : {
1437                                        "optional" : 1,
1438                                        "type" : "integer"
1439                                     },
1440                                     "iface" : {
1441                                        "optional" : 1,
1442                                        "type" : "string"
1443                                     },
1444                                     "ipversion" : {
1445                                        "optional" : 1,
1446                                        "type" : "integer"
1447                                     },
1448                                     "log" : {
1449                                        "description" : "Log level for firewall rule",
1450                                        "enum" : [
1451                                           "emerg",
1452                                           "alert",
1453                                           "crit",
1454                                           "err",
1455                                           "warning",
1456                                           "notice",
1457                                           "info",
1458                                           "debug",
1459                                           "nolog"
1460                                        ],
1461                                        "optional" : 1,
1462                                        "type" : "string"
1463                                     },
1464                                     "macro" : {
1465                                        "optional" : 1,
1466                                        "type" : "string"
1467                                     },
1468                                     "pos" : {
1469                                        "type" : "integer"
1470                                     },
1471                                     "proto" : {
1472                                        "optional" : 1,
1473                                        "type" : "string"
1474                                     },
1475                                     "source" : {
1476                                        "optional" : 1,
1477                                        "type" : "string"
1478                                     },
1479                                     "sport" : {
1480                                        "optional" : 1,
1481                                        "type" : "string"
1482                                     },
1483                                     "type" : {
1484                                        "type" : "string"
1485                                     }
1486                                  },
1487                                  "type" : "object"
1488                               }
1489                            },
1490                            "PUT" : {
1491                               "description" : "Modify rule data.",
1492                               "method" : "PUT",
1493                               "name" : "update_rule",
1494                               "parameters" : {
1495                                  "additionalProperties" : 0,
1496                                  "properties" : {
1497                                     "action" : {
1498                                        "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
1499                                        "maxLength" : 20,
1500                                        "minLength" : 2,
1501                                        "optional" : 1,
1502                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1503                                        "type" : "string"
1504                                     },
1505                                     "comment" : {
1506                                        "description" : "Descriptive comment.",
1507                                        "optional" : 1,
1508                                        "type" : "string",
1509                                        "typetext" : "<string>"
1510                                     },
1511                                     "delete" : {
1512                                        "description" : "A list of settings you want to delete.",
1513                                        "format" : "pve-configid-list",
1514                                        "optional" : 1,
1515                                        "type" : "string",
1516                                        "typetext" : "<string>"
1517                                     },
1518                                     "dest" : {
1519                                        "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
1520                                        "format" : "pve-fw-addr-spec",
1521                                        "optional" : 1,
1522                                        "type" : "string",
1523                                        "typetext" : "<string>"
1524                                     },
1525                                     "digest" : {
1526                                        "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1527                                        "maxLength" : 40,
1528                                        "optional" : 1,
1529                                        "type" : "string",
1530                                        "typetext" : "<string>"
1531                                     },
1532                                     "dport" : {
1533                                        "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
1534                                        "format" : "pve-fw-dport-spec",
1535                                        "optional" : 1,
1536                                        "type" : "string",
1537                                        "typetext" : "<string>"
1538                                     },
1539                                     "enable" : {
1540                                        "description" : "Flag to enable/disable a rule.",
1541                                        "minimum" : 0,
1542                                        "optional" : 1,
1543                                        "type" : "integer",
1544                                        "typetext" : "<integer> (0 - N)"
1545                                     },
1546                                     "iface" : {
1547                                        "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
1548                                        "format" : "pve-iface",
1549                                        "maxLength" : 20,
1550                                        "minLength" : 2,
1551                                        "optional" : 1,
1552                                        "type" : "string",
1553                                        "typetext" : "<string>"
1554                                     },
1555                                     "log" : {
1556                                        "description" : "Log level for firewall rule.",
1557                                        "enum" : [
1558                                           "emerg",
1559                                           "alert",
1560                                           "crit",
1561                                           "err",
1562                                           "warning",
1563                                           "notice",
1564                                           "info",
1565                                           "debug",
1566                                           "nolog"
1567                                        ],
1568                                        "optional" : 1,
1569                                        "type" : "string"
1570                                     },
1571                                     "macro" : {
1572                                        "description" : "Use predefined standard macro.",
1573                                        "maxLength" : 128,
1574                                        "optional" : 1,
1575                                        "type" : "string",
1576                                        "typetext" : "<string>"
1577                                     },
1578                                     "moveto" : {
1579                                        "description" : "Move rule to new position <moveto>. Other arguments are ignored.",
1580                                        "minimum" : 0,
1581                                        "optional" : 1,
1582                                        "type" : "integer",
1583                                        "typetext" : "<integer> (0 - N)"
1584                                     },
1585                                     "pos" : {
1586                                        "description" : "Update rule at position <pos>.",
1587                                        "minimum" : 0,
1588                                        "optional" : 1,
1589                                        "type" : "integer",
1590                                        "typetext" : "<integer> (0 - N)"
1591                                     },
1592                                     "proto" : {
1593                                        "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
1594                                        "format" : "pve-fw-protocol-spec",
1595                                        "optional" : 1,
1596                                        "type" : "string",
1597                                        "typetext" : "<string>"
1598                                     },
1599                                     "source" : {
1600                                        "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
1601                                        "format" : "pve-fw-addr-spec",
1602                                        "optional" : 1,
1603                                        "type" : "string",
1604                                        "typetext" : "<string>"
1605                                     },
1606                                     "sport" : {
1607                                        "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
1608                                        "format" : "pve-fw-sport-spec",
1609                                        "optional" : 1,
1610                                        "type" : "string",
1611                                        "typetext" : "<string>"
1612                                     },
1613                                     "type" : {
1614                                        "description" : "Rule type.",
1615                                        "enum" : [
1616                                           "in",
1617                                           "out",
1618                                           "group"
1619                                        ],
1620                                        "optional" : 1,
1621                                        "type" : "string"
1622                                     }
1623                                  }
1624                               },
1625                               "permissions" : {
1626                                  "check" : [
1627                                     "perm",
1628                                     "/",
1629                                     [
1630                                        "Sys.Modify"
1631                                     ]
1632                                  ]
1633                               },
1634                               "protected" : 1,
1635                               "proxyto" : null,
1636                               "returns" : {
1637                                  "type" : "null"
1638                               }
1639                            }
1640                         },
1641                         "leaf" : 1,
1642                         "path" : "/cluster/firewall/rules/{pos}",
1643                         "text" : "{pos}"
1644                      }
1645                   ],
1646                   "info" : {
1647                      "GET" : {
1648                         "description" : "List rules.",
1649                         "method" : "GET",
1650                         "name" : "get_rules",
1651                         "parameters" : {
1652                            "additionalProperties" : 0
1653                         },
1654                         "permissions" : {
1655                            "check" : [
1656                               "perm",
1657                               "/",
1658                               [
1659                                  "Sys.Audit"
1660                               ]
1661                            ]
1662                         },
1663                         "proxyto" : null,
1664                         "returns" : {
1665                            "items" : {
1666                               "properties" : {
1667                                  "pos" : {
1668                                     "type" : "integer"
1669                                  }
1670                               },
1671                               "type" : "object"
1672                            },
1673                            "links" : [
1674                               {
1675                                  "href" : "{pos}",
1676                                  "rel" : "child"
1677                               }
1678                            ],
1679                            "type" : "array"
1680                         }
1681                      },
1682                      "POST" : {
1683                         "description" : "Create new rule.",
1684                         "method" : "POST",
1685                         "name" : "create_rule",
1686                         "parameters" : {
1687                            "additionalProperties" : 0,
1688                            "properties" : {
1689                               "action" : {
1690                                  "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
1691                                  "maxLength" : 20,
1692                                  "minLength" : 2,
1693                                  "optional" : 0,
1694                                  "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1695                                  "type" : "string"
1696                               },
1697                               "comment" : {
1698                                  "description" : "Descriptive comment.",
1699                                  "optional" : 1,
1700                                  "type" : "string",
1701                                  "typetext" : "<string>"
1702                               },
1703                               "dest" : {
1704                                  "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
1705                                  "format" : "pve-fw-addr-spec",
1706                                  "optional" : 1,
1707                                  "type" : "string",
1708                                  "typetext" : "<string>"
1709                               },
1710                               "digest" : {
1711                                  "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1712                                  "maxLength" : 40,
1713                                  "optional" : 1,
1714                                  "type" : "string",
1715                                  "typetext" : "<string>"
1716                               },
1717                               "dport" : {
1718                                  "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
1719                                  "format" : "pve-fw-dport-spec",
1720                                  "optional" : 1,
1721                                  "type" : "string",
1722                                  "typetext" : "<string>"
1723                               },
1724                               "enable" : {
1725                                  "description" : "Flag to enable/disable a rule.",
1726                                  "minimum" : 0,
1727                                  "optional" : 1,
1728                                  "type" : "integer",
1729                                  "typetext" : "<integer> (0 - N)"
1730                               },
1731                               "iface" : {
1732                                  "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
1733                                  "format" : "pve-iface",
1734                                  "maxLength" : 20,
1735                                  "minLength" : 2,
1736                                  "optional" : 1,
1737                                  "type" : "string",
1738                                  "typetext" : "<string>"
1739                               },
1740                               "log" : {
1741                                  "description" : "Log level for firewall rule.",
1742                                  "enum" : [
1743                                     "emerg",
1744                                     "alert",
1745                                     "crit",
1746                                     "err",
1747                                     "warning",
1748                                     "notice",
1749                                     "info",
1750                                     "debug",
1751                                     "nolog"
1752                                  ],
1753                                  "optional" : 1,
1754                                  "type" : "string"
1755                               },
1756                               "macro" : {
1757                                  "description" : "Use predefined standard macro.",
1758                                  "maxLength" : 128,
1759                                  "optional" : 1,
1760                                  "type" : "string",
1761                                  "typetext" : "<string>"
1762                               },
1763                               "pos" : {
1764                                  "description" : "Update rule at position <pos>.",
1765                                  "minimum" : 0,
1766                                  "optional" : 1,
1767                                  "type" : "integer",
1768                                  "typetext" : "<integer> (0 - N)"
1769                               },
1770                               "proto" : {
1771                                  "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
1772                                  "format" : "pve-fw-protocol-spec",
1773                                  "optional" : 1,
1774                                  "type" : "string",
1775                                  "typetext" : "<string>"
1776                               },
1777                               "source" : {
1778                                  "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
1779                                  "format" : "pve-fw-addr-spec",
1780                                  "optional" : 1,
1781                                  "type" : "string",
1782                                  "typetext" : "<string>"
1783                               },
1784                               "sport" : {
1785                                  "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
1786                                  "format" : "pve-fw-sport-spec",
1787                                  "optional" : 1,
1788                                  "type" : "string",
1789                                  "typetext" : "<string>"
1790                               },
1791                               "type" : {
1792                                  "description" : "Rule type.",
1793                                  "enum" : [
1794                                     "in",
1795                                     "out",
1796                                     "group"
1797                                  ],
1798                                  "optional" : 0,
1799                                  "type" : "string"
1800                               }
1801                            }
1802                         },
1803                         "permissions" : {
1804                            "check" : [
1805                               "perm",
1806                               "/",
1807                               [
1808                                  "Sys.Modify"
1809                               ]
1810                            ]
1811                         },
1812                         "protected" : 1,
1813                         "proxyto" : null,
1814                         "returns" : {
1815                            "type" : "null"
1816                         }
1817                      }
1818                   },
1819                   "leaf" : 0,
1820                   "path" : "/cluster/firewall/rules",
1821                   "text" : "rules"
1822                },
1823                {
1824                   "children" : [
1825                      {
1826                         "children" : [
1827                            {
1828                               "info" : {
1829                                  "DELETE" : {
1830                                     "description" : "Remove IP or Network from IPSet.",
1831                                     "method" : "DELETE",
1832                                     "name" : "remove_ip",
1833                                     "parameters" : {
1834                                        "additionalProperties" : 0,
1835                                        "properties" : {
1836                                           "cidr" : {
1837                                              "description" : "Network/IP specification in CIDR format.",
1838                                              "format" : "IPorCIDRorAlias",
1839                                              "type" : "string",
1840                                              "typetext" : "<string>"
1841                                           },
1842                                           "digest" : {
1843                                              "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1844                                              "maxLength" : 40,
1845                                              "optional" : 1,
1846                                              "type" : "string",
1847                                              "typetext" : "<string>"
1848                                           },
1849                                           "name" : {
1850                                              "description" : "IP set name.",
1851                                              "maxLength" : 64,
1852                                              "minLength" : 2,
1853                                              "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1854                                              "type" : "string"
1855                                           }
1856                                        }
1857                                     },
1858                                     "permissions" : {
1859                                        "check" : [
1860                                           "perm",
1861                                           "/",
1862                                           [
1863                                              "Sys.Modify"
1864                                           ]
1865                                        ]
1866                                     },
1867                                     "protected" : 1,
1868                                     "returns" : {
1869                                        "type" : "null"
1870                                     }
1871                                  },
1872                                  "GET" : {
1873                                     "description" : "Read IP or Network settings from IPSet.",
1874                                     "method" : "GET",
1875                                     "name" : "read_ip",
1876                                     "parameters" : {
1877                                        "additionalProperties" : 0,
1878                                        "properties" : {
1879                                           "cidr" : {
1880                                              "description" : "Network/IP specification in CIDR format.",
1881                                              "format" : "IPorCIDRorAlias",
1882                                              "type" : "string",
1883                                              "typetext" : "<string>"
1884                                           },
1885                                           "name" : {
1886                                              "description" : "IP set name.",
1887                                              "maxLength" : 64,
1888                                              "minLength" : 2,
1889                                              "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1890                                              "type" : "string"
1891                                           }
1892                                        }
1893                                     },
1894                                     "permissions" : {
1895                                        "check" : [
1896                                           "perm",
1897                                           "/",
1898                                           [
1899                                              "Sys.Audit"
1900                                           ]
1901                                        ]
1902                                     },
1903                                     "protected" : 1,
1904                                     "returns" : {
1905                                        "type" : "object"
1906                                     }
1907                                  },
1908                                  "PUT" : {
1909                                     "description" : "Update IP or Network settings",
1910                                     "method" : "PUT",
1911                                     "name" : "update_ip",
1912                                     "parameters" : {
1913                                        "additionalProperties" : 0,
1914                                        "properties" : {
1915                                           "cidr" : {
1916                                              "description" : "Network/IP specification in CIDR format.",
1917                                              "format" : "IPorCIDRorAlias",
1918                                              "type" : "string",
1919                                              "typetext" : "<string>"
1920                                           },
1921                                           "comment" : {
1922                                              "optional" : 1,
1923                                              "type" : "string",
1924                                              "typetext" : "<string>"
1925                                           },
1926                                           "digest" : {
1927                                              "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1928                                              "maxLength" : 40,
1929                                              "optional" : 1,
1930                                              "type" : "string",
1931                                              "typetext" : "<string>"
1932                                           },
1933                                           "name" : {
1934                                              "description" : "IP set name.",
1935                                              "maxLength" : 64,
1936                                              "minLength" : 2,
1937                                              "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1938                                              "type" : "string"
1939                                           },
1940                                           "nomatch" : {
1941                                              "optional" : 1,
1942                                              "type" : "boolean",
1943                                              "typetext" : "<boolean>"
1944                                           }
1945                                        }
1946                                     },
1947                                     "permissions" : {
1948                                        "check" : [
1949                                           "perm",
1950                                           "/",
1951                                           [
1952                                              "Sys.Modify"
1953                                           ]
1954                                        ]
1955                                     },
1956                                     "protected" : 1,
1957                                     "returns" : {
1958                                        "type" : "null"
1959                                     }
1960                                  }
1961                               },
1962                               "leaf" : 1,
1963                               "path" : "/cluster/firewall/ipset/{name}/{cidr}",
1964                               "text" : "{cidr}"
1965                            }
1966                         ],
1967                         "info" : {
1968                            "DELETE" : {
1969                               "description" : "Delete IPSet",
1970                               "method" : "DELETE",
1971                               "name" : "delete_ipset",
1972                               "parameters" : {
1973                                  "additionalProperties" : 0,
1974                                  "properties" : {
1975                                     "name" : {
1976                                        "description" : "IP set name.",
1977                                        "maxLength" : 64,
1978                                        "minLength" : 2,
1979                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1980                                        "type" : "string"
1981                                     }
1982                                  }
1983                               },
1984                               "permissions" : {
1985                                  "check" : [
1986                                     "perm",
1987                                     "/",
1988                                     [
1989                                        "Sys.Modify"
1990                                     ]
1991                                  ]
1992                               },
1993                               "protected" : 1,
1994                               "returns" : {
1995                                  "type" : "null"
1996                               }
1997                            },
1998                            "GET" : {
1999                               "description" : "List IPSet content",
2000                               "method" : "GET",
2001                               "name" : "get_ipset",
2002                               "parameters" : {
2003                                  "additionalProperties" : 0,
2004                                  "properties" : {
2005                                     "name" : {
2006                                        "description" : "IP set name.",
2007                                        "maxLength" : 64,
2008                                        "minLength" : 2,
2009                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2010                                        "type" : "string"
2011                                     }
2012                                  }
2013                               },
2014                               "permissions" : {
2015                                  "check" : [
2016                                     "perm",
2017                                     "/",
2018                                     [
2019                                        "Sys.Audit"
2020                                     ]
2021                                  ]
2022                               },
2023                               "returns" : {
2024                                  "items" : {
2025                                     "properties" : {
2026                                        "cidr" : {
2027                                           "type" : "string"
2028                                        },
2029                                        "comment" : {
2030                                           "optional" : 1,
2031                                           "type" : "string"
2032                                        },
2033                                        "digest" : {
2034                                           "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
2035                                           "maxLength" : 40,
2036                                           "optional" : 0,
2037                                           "type" : "string"
2038                                        },
2039                                        "nomatch" : {
2040                                           "optional" : 1,
2041                                           "type" : "boolean"
2042                                        }
2043                                     },
2044                                     "type" : "object"
2045                                  },
2046                                  "links" : [
2047                                     {
2048                                        "href" : "{cidr}",
2049                                        "rel" : "child"
2050                                     }
2051                                  ],
2052                                  "type" : "array"
2053                               }
2054                            },
2055                            "POST" : {
2056                               "description" : "Add IP or Network to IPSet.",
2057                               "method" : "POST",
2058                               "name" : "create_ip",
2059                               "parameters" : {
2060                                  "additionalProperties" : 0,
2061                                  "properties" : {
2062                                     "cidr" : {
2063                                        "description" : "Network/IP specification in CIDR format.",
2064                                        "format" : "IPorCIDRorAlias",
2065                                        "type" : "string",
2066                                        "typetext" : "<string>"
2067                                     },
2068                                     "comment" : {
2069                                        "optional" : 1,
2070                                        "type" : "string",
2071                                        "typetext" : "<string>"
2072                                     },
2073                                     "name" : {
2074                                        "description" : "IP set name.",
2075                                        "maxLength" : 64,
2076                                        "minLength" : 2,
2077                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2078                                        "type" : "string"
2079                                     },
2080                                     "nomatch" : {
2081                                        "optional" : 1,
2082                                        "type" : "boolean",
2083                                        "typetext" : "<boolean>"
2084                                     }
2085                                  }
2086                               },
2087                               "permissions" : {
2088                                  "check" : [
2089                                     "perm",
2090                                     "/",
2091                                     [
2092                                        "Sys.Modify"
2093                                     ]
2094                                  ]
2095                               },
2096                               "protected" : 1,
2097                               "returns" : {
2098                                  "type" : "null"
2099                               }
2100                            }
2101                         },
2102                         "leaf" : 0,
2103                         "path" : "/cluster/firewall/ipset/{name}",
2104                         "text" : "{name}"
2105                      }
2106                   ],
2107                   "info" : {
2108                      "GET" : {
2109                         "description" : "List IPSets",
2110                         "method" : "GET",
2111                         "name" : "ipset_index",
2112                         "parameters" : {
2113                            "additionalProperties" : 0
2114                         },
2115                         "permissions" : {
2116                            "check" : [
2117                               "perm",
2118                               "/",
2119                               [
2120                                  "Sys.Audit"
2121                               ]
2122                            ]
2123                         },
2124                         "returns" : {
2125                            "items" : {
2126                               "properties" : {
2127                                  "comment" : {
2128                                     "optional" : 1,
2129                                     "type" : "string"
2130                                  },
2131                                  "digest" : {
2132                                     "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
2133                                     "maxLength" : 40,
2134                                     "optional" : 0,
2135                                     "type" : "string"
2136                                  },
2137                                  "name" : {
2138                                     "description" : "IP set name.",
2139                                     "maxLength" : 64,
2140                                     "minLength" : 2,
2141                                     "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2142                                     "type" : "string"
2143                                  }
2144                               },
2145                               "type" : "object"
2146                            },
2147                            "links" : [
2148                               {
2149                                  "href" : "{name}",
2150                                  "rel" : "child"
2151                               }
2152                            ],
2153                            "type" : "array"
2154                         }
2155                      },
2156                      "POST" : {
2157                         "description" : "Create new IPSet",
2158                         "method" : "POST",
2159                         "name" : "create_ipset",
2160                         "parameters" : {
2161                            "additionalProperties" : 0,
2162                            "properties" : {
2163                               "comment" : {
2164                                  "optional" : 1,
2165                                  "type" : "string",
2166                                  "typetext" : "<string>"
2167                               },
2168                               "digest" : {
2169                                  "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
2170                                  "maxLength" : 40,
2171                                  "optional" : 1,
2172                                  "type" : "string",
2173                                  "typetext" : "<string>"
2174                               },
2175                               "name" : {
2176                                  "description" : "IP set name.",
2177                                  "maxLength" : 64,
2178                                  "minLength" : 2,
2179                                  "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2180                                  "type" : "string"
2181                               },
2182                               "rename" : {
2183                                  "description" : "Rename an existing IPSet. You can set 'rename' to the same value as 'name' to update the 'comment' of an existing IPSet.",
2184                                  "maxLength" : 64,
2185                                  "minLength" : 2,
2186                                  "optional" : 1,
2187                                  "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2188                                  "type" : "string"
2189                               }
2190                            }
2191                         },
2192                         "permissions" : {
2193                            "check" : [
2194                               "perm",
2195                               "/",
2196                               [
2197                                  "Sys.Modify"
2198                               ]
2199                            ]
2200                         },
2201                         "protected" : 1,
2202                         "returns" : {
2203                            "type" : "null"
2204                         }
2205                      }
2206                   },
2207                   "leaf" : 0,
2208                   "path" : "/cluster/firewall/ipset",
2209                   "text" : "ipset"
2210                },
2211                {
2212                   "children" : [
2213                      {
2214                         "info" : {
2215                            "DELETE" : {
2216                               "description" : "Remove IP or Network alias.",
2217                               "method" : "DELETE",
2218                               "name" : "remove_alias",
2219                               "parameters" : {
2220                                  "additionalProperties" : 0,
2221                                  "properties" : {
2222                                     "digest" : {
2223                                        "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
2224                                        "maxLength" : 40,
2225                                        "optional" : 1,
2226                                        "type" : "string",
2227                                        "typetext" : "<string>"
2228                                     },
2229                                     "name" : {
2230                                        "description" : "Alias name.",
2231                                        "maxLength" : 64,
2232                                        "minLength" : 2,
2233                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2234                                        "type" : "string"
2235                                     }
2236                                  }
2237                               },
2238                               "permissions" : {
2239                                  "check" : [
2240                                     "perm",
2241                                     "/",
2242                                     [
2243                                        "Sys.Modify"
2244                                     ]
2245                                  ]
2246                               },
2247                               "protected" : 1,
2248                               "returns" : {
2249                                  "type" : "null"
2250                               }
2251                            },
2252                            "GET" : {
2253                               "description" : "Read alias.",
2254                               "method" : "GET",
2255                               "name" : "read_alias",
2256                               "parameters" : {
2257                                  "additionalProperties" : 0,
2258                                  "properties" : {
2259                                     "name" : {
2260                                        "description" : "Alias name.",
2261                                        "maxLength" : 64,
2262                                        "minLength" : 2,
2263                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2264                                        "type" : "string"
2265                                     }
2266                                  }
2267                               },
2268                               "permissions" : {
2269                                  "check" : [
2270                                     "perm",
2271                                     "/",
2272                                     [
2273                                        "Sys.Audit"
2274                                     ]
2275                                  ]
2276                               },
2277                               "returns" : {
2278                                  "type" : "object"
2279                               }
2280                            },
2281                            "PUT" : {
2282                               "description" : "Update IP or Network alias.",
2283                               "method" : "PUT",
2284                               "name" : "update_alias",
2285                               "parameters" : {
2286                                  "additionalProperties" : 0,
2287                                  "properties" : {
2288                                     "cidr" : {
2289                                        "description" : "Network/IP specification in CIDR format.",
2290                                        "format" : "IPorCIDR",
2291                                        "type" : "string",
2292                                        "typetext" : "<string>"
2293                                     },
2294                                     "comment" : {
2295                                        "optional" : 1,
2296                                        "type" : "string",
2297                                        "typetext" : "<string>"
2298                                     },
2299                                     "digest" : {
2300                                        "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
2301                                        "maxLength" : 40,
2302                                        "optional" : 1,
2303                                        "type" : "string",
2304                                        "typetext" : "<string>"
2305                                     },
2306                                     "name" : {
2307                                        "description" : "Alias name.",
2308                                        "maxLength" : 64,
2309                                        "minLength" : 2,
2310                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2311                                        "type" : "string"
2312                                     },
2313                                     "rename" : {
2314                                        "description" : "Rename an existing alias.",
2315                                        "maxLength" : 64,
2316                                        "minLength" : 2,
2317                                        "optional" : 1,
2318                                        "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2319                                        "type" : "string"
2320                                     }
2321                                  }
2322                               },
2323                               "permissions" : {
2324                                  "check" : [
2325                                     "perm",
2326                                     "/",
2327                                     [
2328                                        "Sys.Modify"
2329                                     ]
2330                                  ]
2331                               },
2332                               "protected" : 1,
2333                               "returns" : {
2334                                  "type" : "null"
2335                               }
2336                            }
2337                         },
2338                         "leaf" : 1,
2339                         "path" : "/cluster/firewall/aliases/{name}",
2340                         "text" : "{name}"
2341                      }
2342                   ],
2343                   "info" : {
2344                      "GET" : {
2345                         "description" : "List aliases",
2346                         "method" : "GET",
2347                         "name" : "get_aliases",
2348                         "parameters" : {
2349                            "additionalProperties" : 0
2350                         },
2351                         "permissions" : {
2352                            "check" : [
2353                               "perm",
2354                               "/",
2355                               [
2356                                  "Sys.Audit"
2357                               ]
2358                            ]
2359                         },
2360                         "returns" : {
2361                            "items" : {
2362                               "properties" : {
2363                                  "cidr" : {
2364                                     "type" : "string"
2365                                  },
2366                                  "comment" : {
2367                                     "optional" : 1,
2368                                     "type" : "string"
2369                                  },
2370                                  "digest" : {
2371                                     "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
2372                                     "maxLength" : 40,
2373                                     "optional" : 0,
2374                                     "type" : "string"
2375                                  },
2376                                  "name" : {
2377                                     "type" : "string"
2378                                  }
2379                               },
2380                               "type" : "object"
2381                            },
2382                            "links" : [
2383                               {
2384                                  "href" : "{name}",
2385                                  "rel" : "child"
2386                               }
2387                            ],
2388                            "type" : "array"
2389                         }
2390                      },
2391                      "POST" : {
2392                         "description" : "Create IP or Network Alias.",
2393                         "method" : "POST",
2394                         "name" : "create_alias",
2395                         "parameters" : {
2396                            "additionalProperties" : 0,
2397                            "properties" : {
2398                               "cidr" : {
2399                                  "description" : "Network/IP specification in CIDR format.",
2400                                  "format" : "IPorCIDR",
2401                                  "type" : "string",
2402                                  "typetext" : "<string>"
2403                               },
2404                               "comment" : {
2405                                  "optional" : 1,
2406                                  "type" : "string",
2407                                  "typetext" : "<string>"
2408                               },
2409                               "name" : {
2410                                  "description" : "Alias name.",
2411                                  "maxLength" : 64,
2412                                  "minLength" : 2,
2413                                  "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2414                                  "type" : "string"
2415                               }
2416                            }
2417                         },
2418                         "permissions" : {
2419                            "check" : [
2420                               "perm",
2421                               "/",
2422                               [
2423                                  "Sys.Modify"
2424                               ]
2425                            ]
2426                         },
2427                         "protected" : 1,
2428                         "returns" : {
2429                            "type" : "null"
2430                         }
2431                      }
2432                   },
2433                   "leaf" : 0,
2434                   "path" : "/cluster/firewall/aliases",
2435                   "text" : "aliases"
2436                },
2437                {
2438                   "info" : {
2439                      "GET" : {
2440                         "description" : "Get Firewall options.",
2441                         "method" : "GET",
2442                         "name" : "get_options",
2443                         "parameters" : {
2444                            "additionalProperties" : 0
2445                         },
2446                         "permissions" : {
2447                            "check" : [
2448                               "perm",
2449                               "/",
2450                               [
2451                                  "Sys.Audit"
2452                               ]
2453                            ]
2454                         },
2455                         "returns" : {
2456                            "properties" : {
2457                               "ebtables" : {
2458                                  "default" : 1,
2459                                  "description" : "Enable ebtables rules cluster wide.",
2460                                  "optional" : 1,
2461                                  "type" : "boolean"
2462                               },
2463                               "enable" : {
2464                                  "description" : "Enable or disable the firewall cluster wide.",
2465                                  "minimum" : 0,
2466                                  "optional" : 1,
2467                                  "type" : "integer"
2468                               },
2469                               "log_ratelimit" : {
2470                                  "description" : "Log ratelimiting settings",
2471                                  "format" : {
2472                                     "burst" : {
2473                                        "default" : 5,
2474                                        "description" : "Inital burst of packages which will get logged",
2475                                        "minimum" : 0,
2476                                        "optional" : 1,
2477                                        "type" : "integer"
2478                                     },
2479                                     "enable" : {
2480                                        "default" : "1",
2481                                        "default_key" : 1,
2482                                        "description" : "Enable or disable log rate limiting",
2483                                        "type" : "boolean"
2484                                     },
2485                                     "rate" : {
2486                                        "default" : "1/second",
2487                                        "description" : "Frequency with which the burst bucket gets refilled",
2488                                        "format_description" : "rate",
2489                                        "optional" : 1,
2490                                        "pattern" : "[1-9][0-9]*\\/(second|minute|hour|day)",
2491                                        "type" : "string"
2492                                     }
2493                                  },
2494                                  "optional" : 1,
2495                                  "type" : "string"
2496                               },
2497                               "policy_in" : {
2498                                  "description" : "Input policy.",
2499                                  "enum" : [
2500                                     "ACCEPT",
2501                                     "REJECT",
2502                                     "DROP"
2503                                  ],
2504                                  "optional" : 1,
2505                                  "type" : "string"
2506                               },
2507                               "policy_out" : {
2508                                  "description" : "Output policy.",
2509                                  "enum" : [
2510                                     "ACCEPT",
2511                                     "REJECT",
2512                                     "DROP"
2513                                  ],
2514                                  "optional" : 1,
2515                                  "type" : "string"
2516                               }
2517                            },
2518                            "type" : "object"
2519                         }
2520                      },
2521                      "PUT" : {
2522                         "description" : "Set Firewall options.",
2523                         "method" : "PUT",
2524                         "name" : "set_options",
2525                         "parameters" : {
2526                            "additionalProperties" : 0,
2527                            "properties" : {
2528                               "delete" : {
2529                                  "description" : "A list of settings you want to delete.",
2530                                  "format" : "pve-configid-list",
2531                                  "optional" : 1,
2532                                  "type" : "string",
2533                                  "typetext" : "<string>"
2534                               },
2535                               "digest" : {
2536                                  "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
2537                                  "maxLength" : 40,
2538                                  "optional" : 1,
2539                                  "type" : "string",
2540                                  "typetext" : "<string>"
2541                               },
2542                               "ebtables" : {
2543                                  "default" : 1,
2544                                  "description" : "Enable ebtables rules cluster wide.",
2545                                  "optional" : 1,
2546                                  "type" : "boolean",
2547                                  "typetext" : "<boolean>"
2548                               },
2549                               "enable" : {
2550                                  "description" : "Enable or disable the firewall cluster wide.",
2551                                  "minimum" : 0,
2552                                  "optional" : 1,
2553                                  "type" : "integer",
2554                                  "typetext" : "<integer> (0 - N)"
2555                               },
2556                               "log_ratelimit" : {
2557                                  "description" : "Log ratelimiting settings",
2558                                  "format" : {
2559                                     "burst" : {
2560                                        "default" : 5,
2561                                        "description" : "Inital burst of packages which will get logged",
2562                                        "minimum" : 0,
2563                                        "optional" : 1,
2564                                        "type" : "integer"
2565                                     },
2566                                     "enable" : {
2567                                        "default" : "1",
2568                                        "default_key" : 1,
2569                                        "description" : "Enable or disable log rate limiting",
2570                                        "type" : "boolean"
2571                                     },
2572                                     "rate" : {
2573                                        "default" : "1/second",
2574                                        "description" : "Frequency with which the burst bucket gets refilled",
2575                                        "format_description" : "rate",
2576                                        "optional" : 1,
2577                                        "pattern" : "[1-9][0-9]*\\/(second|minute|hour|day)",
2578                                        "type" : "string"
2579                                     }
2580                                  },
2581                                  "optional" : 1,
2582                                  "type" : "string",
2583                                  "typetext" : "[enable=]<1|0> [,burst=<integer>] [,rate=<rate>]"
2584                               },
2585                       &nbs