System Configuration
System component configuration is under the top level system
object in /etc/flockd/flockd.json
"system": {
"api": {}
}
The system
JSON object must exist, and the child api
object must exist but can be empty.
Netlink Receive API Configuration
The Netlink Receive API listens for Netlink events generated by the Linux Kernel. The API listens to NETLINK_ROUTE
events, which include:
- Interface add, update or delete
- IP address add or delete
- Kernel route add or delete
The Netlink Receive API is configured using the netlink_recv
JSON object. The netlink_recv
object is optional. If the object is not specified or if the object value is set to false
the Netlink Receive API will not be started.
"system": {
"api": {
"netlink_recv": true,
}
},
Operations REST API Configuration
The Operations REST API is used to view flockd internal state. It is a 'read only' API. By design state can be viewed but cannot be changed using this API.
The Operations REST API is configured using the rest_api
JSON object. The rest_api
object is optional. If the object is not specified the Operations REST API will not be started.
This configuration will bind to all local IPv6 addresses.
"system": {
"api": {
"rest": {
"bind_ip_addr": "::"
}
}
},
This configuration will bind to only the loopback IPv6 address. The Operations REST API will not be available from outside of the router.
"system": {
"api": {
"rest": {
"bind_ip_addr": "::1"
}
}
},
By default a Linux host will operate as an IPv4/IPv6 dual stack node, meaning IPv4 requests will be serviced. If you only want to service IPv6 requests please see Bind IPv6 Only
This configuration will bind to all local IPv4 addresses.
"system": {
"api": {
"rest": {
"bind_ip_addr": "0.0.0.0"
}
}
},
This configuration will bind to only the loopback IPv4 address. The Operations REST API will not be available from outside of the router.
"system": {
"api": {
"rest": {
"bind_ip_addr": "127.0.0.1"
}
}
},
Filtering interfaces in system component
System component receives interfaces from the Linux kernel. Interfaces not used by any routing component can be filtered out at the system component level by using intf_denylist
JSON object.
This configuration will ignore interface eth0
and all interfaces starting with en
:
"system": {
...
"intf_denylist": [
# Specify the entire interface name i.e. "eth0"
# or use ^ to match the start of interface names
# e.g. "^en" will match all interfaces that start with "en"
# Multiple interface names and patterns can be used
"eth0",
"^en"
]
},
The intf_denylist
object is optional. If it is not specified, all interfaces present in kernel will also be present in system component.
The filtered out interfaces will not be present in the flockc system -i
command output.