NAT¶
With the nat API you control port forwarding on your network
NAT Errors¶
When attempting to access the LAN API, you may encounter the following errors:
| error_code | Description |
|---|---|
| noent | Invalid id |
| internal_error | Internal error |
| exist | Conflict with an existing redirection |
Dmz Config¶
Dmz config has the following attributes:
Dmz Config API¶
Get the current Dmz configuration¶
Update the current Dmz configuration¶
-
PUT/api/v4/fw/dmz/¶ Update the current
LanConfigExample request:
PUT /api/v4/lan/config/ HTTP/1.1 Host: mafreebox.freebox.fr { "enabled": true, "ip": "192.168.1.42" }
Example response:
HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8
{ "success": true, "result": { "enabled": true, "ip": "192.168.1.42" } }
Port Forwarding¶
Port Forwarding Config¶
Port forwarding config has the following attributes:
-
PortForwardingConfig¶ -
idint¶ forwarding id
-
enabledbool¶ is forwarding enabled
-
ip_protoenum¶ ip_proto Description tcp TCP udp UDP
-
wan_port_startstring¶ forwarding range start
-
wan_port_endint¶ forwarding range end
-
lan_ipstring¶ forwarding target on LAN
-
lan_portint¶ forwarding target start port on LAN, (last port is lan_port + wan_port_end - wan_port_start)
-
hostnamestring Read-only¶ forwarding target host name
-
src_ipstring¶ if src_ip == 0.0.0.0 this rule will apply to any src ip otherwise it will only apply to the specified ip address
-
commentstring¶ comment
-
Port Forwarding API¶
Getting the list of port forwarding¶
-
GET/api/v4/fw/redir/¶ Example request:
GET /api/v4/fw/redir/ HTTP/1.1 Host: mafreebox.freebox.fr
Example response:
HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8
{ "success": true, "result": [ { "enabled": true, "comment": "", "id": 1, "host": { [ ... ] }, "hostname": "android-c5fe44a2c27be1e2", "lan_port": 69, "wan_port_end": 69, "wan_port_start": 69, "lan_ip": "192.168.1.22", "ip_proto": "tcp", "src_ip": "8.8.8.8" }, { "enabled": true, "comment": "", "id": 2, "host": { [ ... ] }, "hostname": "android-c5fe44a2c27be1e2", "lan_port": 1337, "wan_port_end": 1340, "wan_port_start": 1337, "lan_ip": "192.168.1.22", "ip_proto": "udp", "src_ip": "0.0.0.0" } ] }
Getting a specific port forwarding¶
-
GET/api/v4/fw/redir/{redir_id}¶ Returns the requested
PortForwardingConfigpropertiesExample request:
GET /api/v4/fw/redir/1 HTTP/1.1 Host: mafreebox.freebox.fr
Example response:
HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8
{ "success": true, "result": { "enabled": true, "comment": "", "id": 1, "host": { [ ... ] }, "hostname": "android-c5fe44a2c27be1e2", "lan_port": 69, "wan_port_end": 69, "wan_port_start": 69, "lan_ip": "192.168.1.22", "ip_proto": "tcp", "src_ip": "0.0.0.0" } }
Updating a port forwarding¶
-
PUT/api/v4/fw/redir/{redir_id}¶ Update a
PortForwardingConfigpropertiesExample request:
PUT /api/v4/fw/redir/1 HTTP/1.1 Host: mafreebox.freebox.fr { "enabled": false }
Example response:
HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8
{ "success": true, "result": { "enabled": false, "comment": "", "id": 1, "host": { [ ... ] }, "hostname": "android-c5fe44a2c27be1e2", "lan_port": 69, "wan_port_end": 69, "wan_port_start": 69, "lan_ip": "192.168.1.22", "ip_proto": "tcp", "src_ip": "0.0.0.0" } }
Add a port forwarding¶
-
POST/api/v4/fw/redir/¶ Create a
PortForwardingConfigExample request:
POST /api/v4/fw/redir/ HTTP/1.1 Host: mafreebox.freebox.fr
{ "enabled": true, "comment": "test", "lan_port": 4242, "wan_port_end": 4242, "wan_port_start": 4242, "lan_ip": "192.168.1.42", "ip_proto": "tcp", "src_ip": "0.0.0.0" }
Example response:
HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8
{ "success": true, "result": { "enabled": true, "comment": "test", "id": 3, "host": { [ ... ] }, "hostname": "Mac-mini-de-Romain", "lan_port": 4242, "wan_port_end": 4242, "wan_port_start": 4242, "lan_ip": "192.168.1.42", "ip_proto": "tcp", "src_ip": "0.0.0.0" } }
Delete a port forwarding¶
-
DELETE/api/v4/fw/redir/{redir_id}¶ Delete a
PortForwardingConfigExample request:
DELETE /api/v4/fw/redir/3 HTTP/1.1 Host: mafreebox.freebox.fr
Example response:
HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8
{ "success": true }
Incoming port configuration¶
Some services hosted on the Freebox Server need to listen to public ip address port. Incoming port api allow to enable/disable incoming port binding, and select the bind port to prevent conflit with your own nat port forwarding rules.
NOTE: you can’t add or remove incoming ports, this ports are managed by Freebox services.
NOTE: in case of conflict with a nat port forwarding rule, this rule will have a higher priority and override the port forwarding rule.
Incoming port Config¶
Incoming port config has the following attributes:
-
IncomingPortConfig¶ -
idstring Read-only¶ incoming port id
id Description http http port for remote access to Freebox OS https https port for tls remote access to Freebox OS bittorrent-main main bittorrent port for Freebox downloader bittorrent-dht bittorrent port for DHT openvpn_routed routed openvpn port openvpn_bridge bridged openvpn port ipsec_ike ipsec ikev2 vpn port ipsec_nat ipsec nat vpn port pptp pptp vpn server port ftp ftp control port for FTP remote access ftp_pasv ftp data port for FTP remote access
-
enabledbool¶ is the port binding allowed
-
activebool Read-only¶ is the port binding currently active
-
typeenum Read-only¶ ip_proto Description tcp TCP udp UDP tcp_udp both TCP and UDP
-
in_portint¶ binding port
-
netnsstring Read-only¶ network namespace. The service may be running on a different namespace (for instance if the service uses the vpn client).
-
in_portint binding port
-
min_portint Read-only¶ This field indicate the minimum possible value for in_port (see
ConnectionStatusipv4_port_range)
-
max_portint Read-only¶ This field indicate the maximum possible value for in_port (see
ConnectionStatusipv4_port_range)
-
readonlybool Read-only¶ If set to true, the in_port field cannot be changed because of the underlying protocol does not allow it
-
Incoming port API¶
Getting the list of incoming ports¶
-
GET/api/v4/fw/incoming/¶ Example request:
GET /api/v4/fw/incoming/ HTTP/1.1 Host: mafreebox.freebox.fr
Example response:
HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8
{ "success": true, "result": [ { "enabled": false, "type": "tcp", "in_port": 80, "id": "http", "netns": "init", "max_port": 65535, "min_port": 0 }, { "enabled": true, "type": "tcp", "in_port": 17591, "id": "bittorrent-main", "netns": "vpn", "max_port": 65535, "min_port": 0 }, { "enabled": true, "type": "udp", "in_port": 28946, "id": "bittorrent-dht", "netns": "vpn", "max_port": 65535, "min_port": 0 } ] }
Getting a specific incoming port¶
-
GET/api/v4/fw/incoming/{port_id}¶ Returns the requested
IncomingPortConfigpropertiesExample request:
GET /api/v4/fw/incoming/bittorrent-main HTTP/1.1 Host: mafreebox.freebox.fr
Example response:
HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8
{ "success": true, "result": { "enabled": true, "type": "tcp", "in_port": 17591, "id": "bittorrent-main", "netns": "vpn", "max_port": 65535, "min_port": 0 } }
Updating an incoming port¶
-
PUT/api/v4/fw/incoming/{port_id}¶ Update a
IncomingPortConfigpropertiesExample request:
PUT /api/v4/lan/fw/incoming/bittorrent-main HTTP/1.1 Host: mafreebox.freebox.fr { "in_port": 3615 }
Example response:
HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8
{ "success": true, "result": { "enabled": true, "type": "tcp", "in_port": 3615, "id": "bittorrent-main", "netns": "vpn", "max_port": 65535, "min_port": 0 } }