A REST API developed with FastAPI for managing network routes on a Linux machine using the ip command. It allows you to query active routes, create new routes, and delete existing routes, with token-based authentication and persistence of scheduled routes to ensure their availability even after service restarts.
- Features
- Prerequisites
- Installation
- Usage
- API Documentation
- Logging
- Security Considerations
- Contributing
- License
- Query Active Routes: Retrieve all active network routes on the Linux machine.
- Create Routes: Add new routes with options to schedule their creation and deletion.
- Delete Routes: Remove existing routes and unschedule their deletion.
- Authentication: Protect endpoints using a Bearer token for authentication.
- Persistence: Store scheduled routes in a SQLite database to ensure they are reloaded after service restarts.
- systemd Service: Integrate with systemd to run the API as a system service.
- Logging: Detailed logging of operations and errors for monitoring and debugging.
- OpenAPI Documentation: An
openapi.yamlfile describing the API specifications.
- Operating System: Linux
- Python: Version 3.7 or higher
- Permissions: Superuser permissions to manage network routes and configure systemd services.
Clone this repository to your local machine:
git https://github.com/6G-SANDBOX/route-manager-api
cd route-manager-apiIt's recommended to use a virtual environment to manage the project's dependencies.
python3 -m venv routemgr
source routemgr/bin/activateInstall all necessary dependencies using the requirements.txt file:
pip install -r requirements.txtContents of requirements.txt:
fastapi==0.112.2
uvicorn==0.30.6
pydantic==2.8.2
apscheduler==3.10.4
SQLAlchemy==2.0.32
The project uses SQLite to persist scheduled routes. The database is created automatically when you start the application. No additional configuration is required.
To run the API as a system service, create a systemd unit file.
Create a file named route-manager.service in /etc/systemd/system/:
sudo nano /etc/systemd/system/route-manager.serviceReplace /path/to/your/app with the directory where your main.py file is located:
[Unit]
Description=Route Manager Service
After=network.target
[Service]
Type=simple
User=root
Group=root
WorkingDirectory=/path/to/your/app
ExecStart=/usr/bin/python3 main.py
Restart=on-failure
RestartSec=10s
Environment=PYTHONUNBUFFERED=1
[Install]
WantedBy=multi-user.targetNote: Ensure that the user and group (root in this case) have the appropriate permissions for the application directory.
sudo systemctl daemon-reload
sudo systemctl enable route-manager.service
sudo systemctl start route-manager.servicesudo systemctl status route-manager.serviceYou should see that the service is active and running. If there are any errors, they will appear in the output of this command.
The API offers the following endpoints:
- GET /routes: Retrieve all active routes.
- POST /routes: Schedule the creation of a new route.
- DELETE /routes: Delete an existing route and remove its schedule.
curl -X GET "http://localhost:8172/routes" \
-H "Authorization: Bearer this_is_something_secret" \
-H "Accept: application/json"Successful Response:
{
"routes": [
"default via 192.168.1.1 dev eth0",
"192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.100"
]
}curl -X POST "http://localhost:8172/routes" \
-H "Authorization: Bearer this_is_something_secret" \
-H "Content-Type: application/json" \
-d '{
"destination": "192.168.20.0/24",
"gateway": "192.168.2.1",
"interface": "eth0",
"create_at": "2024-10-10T12:00:00",
"delete_at": "2024-10-10T18:00:00"
}'Successful Response:
{
"message": "Route scheduled successfully"
}curl -X DELETE "http://localhost:8172/routes" \
-H "Authorization: Bearer this_is_something_secret" \
-H "Content-Type: application/json" \
-d '{
"destination": "192.168.2.0/24",
"gateway": "192.168.2.1",
"interface": "eth0"
}'Successful Response:
{
"message": "Route deleted and removed from schedule"
}Response When Route Not Found:
{
"detail": "Route not found"
}FastAPI automatically generates interactive API documentation accessible at:
- Swagger UI: http://localhost:8172/docs
- Redoc: http://localhost:8172/redoc
Additionally, an openapi.yaml file is provided that describes the OpenAPI specification of the API.
Open your browser and visit http://localhost:8000/8172 to interact with the API through the Swagger UI interface.
The application logs detailed information about its operations and errors using Python's standard logging module. Logs include:
- Executed commands and their outputs.
- Route existence checks.
- Route creation and deletion operations.
- Database interactions.
- Authentication events.
By default, logs are displayed in the console where the service is running. To redirect logs to a file, modify the logging configuration in main.py:
logging.basicConfig(
filename='app.log',
level=logging.INFO,
format="%(asctime)s - %(levelname)s - %(message)s"
)- Authentication Token: The API uses a static token for Bearer authentication. Ensure you protect this token and change it to a secure value before deploying to production.
- Input Validation: While
pydanticis used for data validation, consider implementing additional security measures as needed for your environment.
This project is licensed under the MIT License. See the LICENSE file for more details.
Note: This project is designed for Linux environments with appropriate permissions to manage network routes. Ensure you understand the commands and configurations used before deploying to a production environment.