OX Abuse Shield (Wforce) (2.4.1)

Download OpenAPI specification:Download

License: GPL3

An API to the wforce daemon to prevent brute-force and abuse of mail systems

addBLEntry

post /?command=addBLEntry
http://doesnotexist.open-xchange.com/?command=addBLEntry

Add a blacklist entry for an IP and/or login. Note that netmask and ip parameters are mutually exclusive.

Request Body schema: application/json

Provide IP and/or login

expire_secs
integer
ip
string
login
string
netmask
string
reason
string

Responses

200

addBLEntry response

default

unexpected error

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "expire_secs": 3600,
  • "ip": "127.0.0.1",
  • "netmask": "2001:503:ba3e::/64",
  • "reason": "Is there ever a good reason"
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "status": "ok"
}

addSibling

post /?command=addSibling
http://doesnotexist.open-xchange.com/?command=addSibling

This is a request to add a new Sibling for replication purposes.

Request Body schema: application/json

Details about the Sibling to add

encryption_key
string
sibling_host
required
string
sibling_port
required
integer
sibling_protocol
string
Enum: "tcp" "udp"

Responses

200

addSibling response

default

unexpected error

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "encryption_key": "string",
  • "sibling_host": "string",
  • "sibling_port": 0,
  • "sibling_protocol": "tcp"
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "status": "ok"
}

addWLEntry

post /?command=addWLEntry
http://doesnotexist.open-xchange.com/?command=addWLEntry

Add a whitelist entry for an IP and/or login. Note that netmask and ip parameters are mutually exclusive.

Request Body schema: application/json

Provide IP and/or login

expire_secs
integer
ip
string
login
string
netmask
string
reason
string

Responses

200

addWLEntry response

default

unexpected error

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "expire_secs": 3600,
  • "ip": "127.0.0.1",
  • "netmask": "2001:503:ba3e::/64",
  • "reason": "Is there ever a good reason"
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "status": "ok"
}

allow

post /?command=allow
http://doesnotexist.open-xchange.com/?command=allow

Query whether a login should be allowed

Request Body schema: application/json

Login Tuple for allow command

attrs
object (LTAttrs)
device_id
string
login
required
string
protocol
string
Enum: "http" "imap" "pop" "smtp" "mobileapi"
pwhash
required
string
remote
required
string
tls
boolean

Responses

200

allow response

default

unexpected error

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "attrs":
    {
    },
  • "login": "joe.bloggs",
  • "protocol": "http",
  • "pwhash": "cc04",
  • "remote": "192.168.1.2",
  • "success": true,
  • "tls": true
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "msg": "string",
  • "r_attrs":
    {
    },
  • "status": 0
}

customEndpoint

post /?command=customEndpoint
http://doesnotexist.open-xchange.com/?command=customEndpoint

Extensible mechanism allows custom REST endpoints to be defined - this is an example

Request Body schema: application/json

Arguments to custom REST endpoint

attrs
required
object (LTAttrs)

Responses

200

custom endpoint response

default

unexpected error

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "attrs":
    {
    }
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "r_attrs":
    {
    },
  • "success": true
}

delBLEntry

post /?command=delBLEntry
http://doesnotexist.open-xchange.com/?command=delBLEntry

Delete a blacklist entry for an IP and/or login. Note that netmask and ip parameters are mutually exclusive.

Request Body schema: application/json

Provide IP and/or login

ip
string
login
string
netmask
string

Responses

200

delBLEntry response

default

unexpected error

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "ip": "127.0.0.1",
  • "netmask": "2001:503:ba3e/64"
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "status": "ok"
}

delWLEntry

post /?command=delWLEntry
http://doesnotexist.open-xchange.com/?command=delWLEntry

Delete a whitelist entry for an IP and/or login. Note that netmask and ip parameters are mutually exclusive.

Request Body schema: application/json

Provide IP and/or login

ip
string
login
string
netmask
string

Responses

200

delWLEntry response

default

unexpected error

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "ip": "127.0.0.1",
  • "netmask": "2001:503:ba3e/64"
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "status": "ok"
}

dumpEntries

post /?command=dumpEntries
http://doesnotexist.open-xchange.com/?command=dumpEntries

This is a request to dump StatsDB entries (consisting of the values of each of the time windows for each field) to a specified IP address and port over TCP.

Request Body schema: application/json

The ip and port to dump to

dump_host
required
string
dump_port
required
integer

Responses

200

dumpEntries response

default

unexpected error

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "dump_host": "string",
  • "dump_port": 0
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "status": "ok"
}

getBL

get /?command=getBL
http://doesnotexist.open-xchange.com/?command=getBL

Get the list of all blacklisted IPs and/or Logins

Responses

200

getBL response

default

unexpected error

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "bl_entries":
    [
    ]
}

getDBStats

post /?command=getDBStats
http://doesnotexist.open-xchange.com/?command=getDBStats

Get the db stats for an IP and/or login

Request Body schema: application/json

Provide IP and/or login

ip
string
login
string

Responses

200

getDBStats response

default

unexpected error

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "ip": "127.0.0.1"
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "bl_expire": "string",
  • "bl_reason": "string",
  • "blacklisted": true,
  • "key_name": "string",
  • "stats":
    {
    },
  • "whitelisted": true,
  • "wl_expire": "string",
  • "wl_reason": "string"
}

getWL

get /?command=getWL
http://doesnotexist.open-xchange.com/?command=getWL

Get the list of all whitelisted IPs and/or Logins

Responses

200

getWL response

default

unexpected error

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "bl_entries":
    [
    ]
}

ping

get /?command=ping
http://doesnotexist.open-xchange.com/?command=ping

Ping the server to ensure it is operational

Responses

200

ping response

default

unexpected error

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "status": "ok"
}

removeSibling

post /?command=removeSibling
http://doesnotexist.open-xchange.com/?command=removeSibling

This is a request to add remove a Sibling for replication purposes.

Request Body schema: application/json

Details about the Sibling to remove

sibling_host
required
string
sibling_port
required
integer

Responses

200

removeSibling response

default

unexpected error

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "sibling_host": "string",
  • "sibling_port": 0
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "status": "ok"
}

report

post /?command=report
http://doesnotexist.open-xchange.com/?command=report

Creates a new report about a login (successful or unsuccessful)

Request Body schema: application/json

Login Tuple for report command

attrs
object (LTAttrs)
device_id
string
login
required
string
policy_reject
boolean
protocol
string
Enum: "http" "imap" "pop3" "smtp" "mobileapi"
pwhash
required
string
remote
required
string
success
required
boolean
tls
boolean

Responses

200

report response

default

unexpected error

Request samples