List of WILI-S Keys
From wiliGear wiki
<index>::=1..N
AAA
aaa.status = [enabled|disabled] aaa.baserate = [LAN interface bandwidth in kbps], 3.55+ only. aaa.<index>.status = [enabled|disabled] aaa.<index>.name = [name] aaa.<index>.devname = [interface name] aaa.<index>.nas.<index>.status = [enabled|disabled] aaa.<index>.nas.<index>.profile = [NAS profile name] aaa.<index>.wan.<index>.devname = [interface name] aaa.auth.<index>.status = [enabled|disabled] aaa.auth.<index>.name = [name] aaa.auth.<index>.host = [host name|IP address] aaa.auth.<index>.port = [Port number] aaa.auth.<index>.timeout = [request timeout (in seconds)] aaa.auth.<index>.retry = [number of request retries] aaa.auth.<index>.secret = [Shared secret] aaa.auth.<index>.stripdomain = [enabled|disabled] aaa.auth.<index>.authtype = [PAP|CHAP|MSCHAP|MSCHAPV2] aaa.acct.<index>.status = [enabled|disabled] aaa.acct.<index>.name = [name] aaa.acct.<index>.host = [host name|IP address] aaa.acct.<index>.port = [Port number] aaa.acct.<index>.timeout = [request timeout (in seconds)] aaa.acct.<index>.retry = [number of request retries] aaa.acct.<index>.secret = [Shared secret] aaa.acct.<index>.stripdomain = [enabled|disabled] aaa.domain.<index>;.status = [enabled|disabled] aaa.domain.<index>.name = [name] aaa.domain.<index>.domain = [prefix/postfix] aaa.domain.<index>.auth.<index>.profile = [name] aaa.domain.<index>.acct.<index>.profile = [name] aaa.domain.<index>.acct.mode = [failover|backup] aaa.domain.<index>.default.sessiontimeout = [number] aaa.domain.<index>.default.idletimeout = [number] aaa.domain.<index>.default.maxrxbandwidth = [number] aaa.domain.<index>.default.minrxbandwidth = [number] aaa.domain.<index>.default.maxtxbandwidth = [number] aaa.domain.<index>.default.mintxbandwidth = [number] aaa.domain.<index>.default.interim_update = [number] (!) since 5.02+ aaa.uam.<index>.status = [enabled|disabled] aaa.uam.<index>.name = [name] aaa.uam.<index>.redirecturl = [URL] aaa.uam.<index>.loginurl = [URL] aaa.uam.<index>.statusurl = [URL] aaa.uam.<index>.logoffurl = [URL] aaa.uam.<index>.ipass.status = [enabled|disabled] aaa.uam.<index>.ipass.loginurl = [URL] aaa.uam.<index>.ipass.aborturl = [URL] aaa.uam.<index>.mac_auth.status = [enabled|disabled] (!) since 5.20+ aaa.uam.<index>.mac_auth.user_format = <format> (!) since 5.20+ aaa.uam.<index>.mac_auth.passwd_format = <format> (!) since 5.20+ aaa.uam.<index>.mac_auth.placeholder_case [upper|lower] (!) since 5.20+ aaa.uam.<index>.force_reauth = [enabled|disabled(default)], for WILI-S FW 3.55, 5.0 and up (except 4.0) aaa.radiusproxy.<index>.status = [enabled|disabled] aaa.radiusproxy.<index>.name = [name] aaa.radiusproxy.<index>.auth.port = [1-65536] aaa.radiusproxy.<index>.acct.port = [1-65536] aaa.radiusproxy.<index>.acct.timeout = [0-999999] aaa.security.wep.<index>.status = [enabled|disabled] aaa.security.wep.<index>.name = [name] aaa.security.wep.<index>.keylen.broadcast = [0|5|13] aaa.security.wep.<index>.keylen.unicast = [0|5|13] aaa.security.wep.<index>.rekey.period = [number] aaa.security.wpa.<index>.status = [enabled|disabled] aaa.security.wpa.<index>.name = [name] aaa.security.wpa.<index>.mode = [WPA|WPA2|ALL] aaa.security.wpa.<index>.psk = [hex string] aaa.security.wpa.<index>.passphrase = [ASCII passphrase (8..63 characters)] aaa.security.wpa.<index>.key.method = [PSK|EAP|ALL] aaa.security.wpa.<index>.key.cipher = [TKIP|CCMP|ALL] aaa.security.wpa.<index>.rekey.group.period = [number] aaa.security.wpa.<index>.rekey.gmk.period = [number] aaa.security.wpa.<index>.rsn.preauth.status = [enabled|disabled] aaa.security.wpa.<index>.rsn.preauth.<index>.status = [enabled|disabled] aaa.security.wpa.<index>.rsn.preauth.<index>.devname = [interface name] aaa.nas.<index>.status = [enabled|disabled] aaa.nas.<index>.verbose = [enabled|disabled] aaa.nas.<index>.name = [name] aaa.nas.<index>.identifier = [id] aaa.nas.<index>.devname = [interface name] aaa.nas.<index>.maxclients = [number] aaa.nas.<index>.auth.status = [enabled|disabled] aaa.nas.<index>.auth.<index>.status = [enabled|disabled] aaa.nas.<index>.auth.<index>.type = [ieee802.1x|uam|radiusproxy] aaa.nas.<index>.auth.<index>.reauth.status=[enabled(default)|disabled] (!) for 5.03, aaa.nas.<index>.auth.<index>.reauth.timeout=[reauthetication period in seconds] (!) for 5.03 aaa.nas.<index>.auth.<index>.profile = [name] aaa.nas.<index>.acct.status = [enabled|disabled] aaa.nas.<index>.domain.<index>.status = [enabled|disabled] aaa.nas.<index>.domain.<index>.profile = [name] aaa.nas.<index>.domain.default = [0|1|2|3|...] aaa.nas.<index>.security.type = [none|wep|wpa] aaa.nas.<index>.security.profile = [name] aaa.nas.<index>.properties.location.isocc = [ISO country code] aaa.nas.<index>.properties.location.cc = [E.164 country code] aaa.nas.<index>.properties.location.ac = [E.164 area code] aaa.nas.<index>.properties.location.network = [name] aaa.nas.<index>.properties.operator = [name] aaa.nas.<index>.properties.location = [name] aaa.nas.<index>.dynvlan.status = [enabled|disabled] aaa.nas.<index>.dynvlan.default = [interface name]
White/Black List
access.status = [enabled|disabled] access.verbose = [enabled|disabled] access.<index>.status = [enabled|disabled] access.<index>.devname = [interface name] access.<index>.update.period = [integer value] access.<index>.resolv.period = [integer value] access.<index>.whitelist.<index>.status = [enabled|disabled] access.<index>.whitelist.<index>.url = [URL] access.<index>.whitelist.<index>.descr = [optional description] access.<index>.whitelist.<index>.host = [host name or ip address] access.<index>.whitelist.<index>.mask = [optional netmask] access.<index>.whitelist.<index>.port.from = [TCP or UDP port] access.<index>.whitelist.<index>.port.to = [TCP or UDP port] access.<index>.whitelist.<index>.proto = [IP protocol number] access.<index>.whitelist.location.<index>.status = [enabled|disabled] access.<index>.whitelist.location.<index>.url = [optional ftp or http URL] access.<index>.blacklist.<index>.status = [enabled|disabled] access.<index>.blacklist.<index>.url = [URL] access.<index>.blacklist.<index>.descr = [optional description] access.<index>.blacklist.<index>.host = [host or ip address] access.<index>.blacklist.<index>.netmask = [optional netmask] access.<index>.blacklist.<index>.port.from = [TCP or UDP port] access.<index>.blacklist.<index>.port.to = [TCP or UDP port] access.<index>.blacklist.<index>.proto = [IP protocol number] access.<index>.blacklist.location.<index>.status = [enabled|disabled] access.<index>.blacklist.location.<index>.url = [optional ftp or http URL]
AutoLock WLAN
autolock.status = [enabled|disabled] autolock.interval = [integer value in seconds] autolock.retry_count = [integer value] autolock.verbose = [enabled|disabled] autolock.<index>.status = [enabled|disabled] autolock.<index>.server = [IP address] autolock.lock.action = [none|down|up|kick|reboot]. autolock.unlock.action = [none|down|up|kick|reboot]. autolock.control.X.status = [enabled|disabled]. autolock.control.X.devname = [interface name].
Bridge
bridge.status = [enabled|disabled] bridge.<index>.status = [enabled|disabled] bridge.<index>.devname = [bridge name] bridge.<index>.ageing = [0 - 65535] bridge.<index>.priority = [0 - 65535] bridge.<index>.fd = [0 - 65535] bridge.<index>.hello = [0 - 65535] bridge.<index>.maxage = [0 - 65535] bridge.<index>.stp.status = [enabled|disabled] bridge.<index>.port.<index>.status = [enabled|disabled] bridge.<index>.port.<index>.devname - [port name] bridge.<index>.port.<index>.path.cost - [0 - 65535] bridge.<index>.port.<index>.priority - [0 - 255] bridge.arptables=[enabled|disabled] bridge.iptables=[enabled|disabled] bridge.ip6tables=[enabled|disabled] bridge.vlan=[enabled|disabled]
Bandwidth Control
bandwidth.status=[enabled,disabled(default)] bandwidth.manual=[enabled|disabled(default)] - enable manual editing of configuration file. Sysconf do not overwrites configuration file on device reload. bandwidth.<index>.up.dev=[device for traffic upload] bandwidth.<index>.up.speed=[speed in kbps] bandwidth.<index>.down.dev=[device for traffic download] bandwidth.<index>.down.speed=[speed in kbps] bandwidth.<index>.devname=[device for traffic limitation] bandwidth.<index>.speed=[speed in kbps] bandwidth.<index>.ip=[IP address] bandwidth.<index>.pps=[packet per second [optional]]
Manual Clock Regulation
date.status = [enabled|disabled] date.manual = MMDDhhmmYYYY.SS date.lastknowntime.status = [enabled|disabled] date.timezone = [timezone]
Discovery
discoveryd.status = <enabled|disabled>
DHCP Relay
dhcp-fwd.status = [enabled|disabled] dhcp-fwd.server.<index>.status = [enabled|disabled] dhcp-fwd.server.<index>.devname = [interface] dhcp-fwd.server.<index>.ip = [ip address or bcast] dhcp-fwd.client.<index>.status = [enabled|disabled] dhcp-fwd.client.<index>.devname = [interface] dhcp-fwd.client.<index>.circuit_id = [identifier]
DHCP Client
dhcpc.status = [enabled|disabled] dhcpc.background = [enabled|disabled] dhcpc.<index>.status = [enabled|disabled] dhcpc.<index>.devname = [interface name]
DHCP Server
dhcpd.status = [enabled|disabled] dhcpd.<index>.status = [enabled|disabled] dhcpd.<index>.devname = [the interface to listen on, e.g. eth0] dhcpd.<index>.start = [starting address of the IP lease block] dhcpd.<index>.end = [ending address of the IP lease block] dhcpd.<index>.gateway = [router address] dhcpd.<index>.netmask = [subnet address] dhcpd.<index>.dns.<index>.status = [enabled|disabled] dhcpd.<index>.dns.<index>.server = [primary DNS server] dhcpd.<index>.lease_time = [lease time in seconds] dhcpd.<index>.wins = [WINS address] dhcpd.<index>.domain = [domain]
DNS
resolv.status = [enabled|disabled] resolv.nameserver.<index>.status = [enabled|disabled] resolv.nameserver.<index>.ip = [ip address] resolv.search.<index>.status = [enabled|disabled] resolv.search.<index>.domain = [domain to use] resolv.host.<index>.status = [enabled|disabled] resolv.host.<index>.ip = [ip address] resolv.host.<index>.name = [canonical hostname] resolv.host.<index>.alias.<index>.status = [enabled|disabled] resolv.host.<index>.alias.<index>.name = [aliases provide for name changes]
DNS Forwarder
dnsmasq.status = [enabled|disabled] dnsmasq.<index>.status = [enabled|disabled] dnsmasq.<index>.devname = [Input interface]
Dynamic DNS
inadyn.status = [enabled|disabled(default)] since 5.22 and up inadyn.username = [username, optional] inadyn.password = [password, optional] inadyn.alias.<index>.value = [host name alias, for example system.dyndns.org] inadyn.update_period = [update period in seconds, optional, max is 10 days = 10 * 24 * 3600, default ~60 sec.] inadyn.system= [DYNDNS service type, default is dyndns@dyndns.org, see PDD for more info]
Bridging Firewall (ebtables)
ebtables.status = [enabled|disabled] ebtables.chain.<index>.status = [enabled|disabled] ebtables.chain.<index>.name = [chain-name] ebtables.chain.<index>.table = [filter, nat, broute] ebtables.chain.<index>.parent = [parent chain name] ebtables.rule.<index>.status = [enabled|disabled] ebtables.rule.<index>.table = [table-name] ebtables.rule.<index>.chain = [chain-name] ebtables.rule.<index>.index = [rule index within chain] ebtables.rule.<index>.target = [ACCEPT, DROP, CONTINUE, RETURN, target extension] ebtables.rule.<index>.protocol = [hexadecimal number, name from /etc/ethertypes, LENGTH] ebtables.rule.<index>.protocol.inverse = [enabled|disabled] ebtables.rule.<index>.src = [MAC address[/mask], Unicast, Multicast, Broadcast, BGA] ebtables.rule.<index>.src.inverse = [enabled|disabled] ebtables.rule.<index>.dst = [MAC address[/mask], Unicast, Multicast, Broadcast, BGA] ebtables.rule.<index>.dst.inverse = [enabled|disabled] ebtables.rule.<index>.in = [interface name] ebtables.rule.<index>.in.inverse = [enabled|disabled] ebtables.rule.<index>.out = [interface name] ebtables.rule.<index>.out.inverse = [enabled|disabled] ebtables.rule.<index>.lin = [interface name] ebtables.rule.<index>.lin.inverse = [enabled|disabled] ebtables.rule.<index>.lout = [interface name] ebtables.rule.<index>.lout.inverse = [enabled|disabled] ebtables.rule.<index>.802_3.sap = [hexadecimal number] ebtables.rule.<index>.802_3.sap.inverse = [enabled|disabled] ebtables.rule.<index>.802_3.type = [hexadecimal number] ebtables.rule.<index>.802_3.type.inverse = [enabled|disabled] ebtables.rule.<index>.arp.opcode = [opcode] ebtables.rule.<index>.arp.htype = [hardware type] ebtables.rule.<index>.arp.ptype = [protocol type] ebtables.rule.<index>.arp.ip_src = [address[/mask]] ebtables.rule.<index>.arp.ip_dst = [address[/mask]] ebtables.rule.<index>.arp.mac_src = [address[/mask]] ebtables.rule.<index>.arp.mac_dst = [address[/mask]] ebtables.rule.<index>.ip.source = [address[/mask]] ebtables.rule.<index>.ip.destination = [address[/mask]] ebtables.rule.<index>.ip.tos = [tos] ebtables.rule.<index>.ip.protocol = [protocol] ebtables.rule.<index>.ip.source_port = port[:port] ebtables.rule.<index>.ip.destination_port = port[:port] ebtables.rule.<index>.mark = [value][/mask] ebtables.rule.<index>.mark.inverse = [enabled|disabled] ebtables.rule.<index>.pkttype = [type] ebtables.rule.<index>.pkttype.inverse = [enabled|disabled] ebtables.rule.<index>.stp.type = [type] ebtables.rule.<index>.stp.flags = [flag] ebtables.rule.<index>.stp.root_prio = [prio][:prio] ebtables.rule.<index>.stp.root_addr = [address][/mask] ebtables.rule.<index>.stp.root_cost = [cost][:cost] ebtables.rule.<index>.stp.sender_prio = [prio][:prio] ebtables.rule.<index>.stp.sender_addr = [address][/mask] ebtables.rule.<index>.stp.port = [port][:port] ebtables.rule.<index>.stp.msg_age = [age][:age] ebtables.rule.<index>.stp.max_age = [age][:age] ebtables.rule.<index>.stp.hello_time = [time][:time] ebtables.rule.<index>.stp.forward_delay = [delay][:delay] ebtables.rule.<index>.vlan.id = [vid] ebtables.rule.<index>.vlan.prio = [prio] ebtables.rule.<index>.vlan.encap = [type] ebtables.rule.<index>.log = [enabled|disabled] ebtables.rule.<index>.log.level = [level] ebtables.rule.<index>.log.prefix = [text] ebtables.rule.<index>.log.ip = [enabled|disabled] ebtables.rule.<index>.log.arp = [enabled|disabled] ebtables.rule.<index>.t.arpreply.mac = [mac address] ebtables.rule.<index>.t.arpreply.target = [target] ebtables.rule.<index>.t.to_destination = [address] ebtables.rule.<index>.t.dnat_target = [target] ebtables.rule.<index>.t.set_mark = [value] ebtables.rule.<index>.t.mark_target = [target] ebtables.rule.<index>.t.redirect_target = [target] ebtables.rule.<index>.t.to_source = [address] ebtables.rule.<index>.t.snat_target = [target] ebtables.rule.<index>.t.arpnat_target = [target] ebtables.< table-name>.<chain-name>.policy = [ACCEPT, DROP, RETURN] ebtables.arpnat.expiration = [seconds] Default: 25200 s ebtables.arpnat.debug = [enabled|disabled] Default: disabled ebtables.arpnat.bootpnat = [enabled|disabled|relay] Default: enabled ebtables.arpnat.pppoenat = [enabled|disabled] Default: enabled
IP Firewall (iptables)
firewall.status = [enabled|disabled] firewall.chain.<index>.status = [enabled|disabled] firewall.chain.<index>.name = [chain-name] firewall.chain.<index>.table = [nat, mangle, filter] firewall.chain.<index>.parent = [parent chain-name] firewall.rule.<index>.status = [enabled|disabled] firewall.rule.<index>.table = [table-name] firewall.rule.<index>.chain = [chain-name] firewall.rule.<index>.index = [rule index within chain] firewall.rule.<index>.protocol = [TCP, UDP, ICMP, ALL, name from /etc/protocols , integer value] firewall.rule.<index>.protocol.inverse = [enabled|disabled] firewall.rule.<index>.src = [ip address] firewall.rule.<index>.src.inverse = [enabled|disabled] firewall.rule.<index>.src = [ip address] firewall.rule.<index>.src.inverse = [enabled|disabled] firewall.rule.<index>.dst = [ip address] firewall.rule.<index>.dst.inverse = [enabled|disabled] firewall.rule.<index>.in = [interface name] firewall.rule.<index>.in.inverse = [enabled|disabled] firewall.rule.<index>.out = [interface name] firewall.rule.<index>.out.inverse = [enabled|disabled] firewall.rule.<index>.sport = [port or port range] firewall.rule.<index>.sport.inverse = [enabled|disabled] firewall.rule.<index>.dport = [port or port range] firewall.rule.<index>.dport.inverse = [enabled|disabled] firewall.rule.<index>.tcpflags = [SYN, ACK, FIN, RST, URG, PSH, ALL, NONE] [SYN, ACK, FIN, RST, URG, PSH, ALL, NONE] firewall.rule.<index>.tcpflags.inverse = [enabled|disabled] firewall.rule.<index>.tcpoption = [integer] firewall.rule.<index>.tcpoption.inverse = [enabled|disabled] firewall.rule.<index>.icmp.type = [ICMP type] firewall.rule.<index>.icmp.type.inverse = [enabled|disabled] firewall.rule.<index>.limit = [integer/[second, minute, hour, day]] firewall.rule.<index>.limit.burst = [integer/[second/minute/hour/day]] firewall.rule.<index>.mac = [mac address] firewall.rule.<index>.mac.inverse = [enabled|disabled] firewall.rule.<index>.mark = [unsigned integer] firewall.rule.<index>.multiport.sport = [comma separated ports list] firewall.rule.<index>.multiport.dport = [comma separated ports list] firewall.rule.<index>.multiport.port = [comma separated ports list] firewall.rule.<index>.uid.owner = [user ID] firewall.rule.<index>.gid.owner = [group ID] firewall.rule.<index>.pid.owner = [process ID] firewall.rule.<index>.sid.owner = [session ID] firewall.rule.<index>.state = [INVALID, ESTABLISHED, NEW, RELATED] firewall.rule.<index>.tos = [hex or numeric value] firewall.rule.<index>.ttl = [numeric value] firewall.rule.<index>.unclean = [enabled|disabled] firewall.rule.<index>.ipp2p.status=[enabled, disabled] firewall.rule.<index>.ipp2p=[enabled, disabled] firewall.rule.<index>.ipp2p.edk=[enabled, disabled] firewall.rule.<index>.ipp2p.dc=[enabled, disabled] firewall.rule.<index>.ipp2p.kazaa=[enabled, disabled] firewall.rule.<index>.ipp2p.gnu=[enabled, disabled] firewall.rule.<index>.ipp2p.bit=[enabled, disabled] firewall.rule.<index>.ipp2p.apple=[enabled, disabled] firewall.rule.<index>.ipp2p.winmx=[enabled, disabled] firewall.rule.<index>.ipp2p.soul=[enabled, disabled] firewall.rule.<index>.ipp2p.ares=[enabled, disabled] firewall.rule.<index>.acct.in = [interface name] firewall.rule.<index>.acct.in.inverse = [enabled|disabled] firewall.rule.<index>.acct.out = [interface name] firewall.rule.<index>.acct.out.inverse = [enabled|disabled] firewall.rule.<index>.auth = [auth (authenticated, default), not-auth (not authenticated)] firewall.rule.<index>.auth.in = [interface name] firewall.rule.<index>.auth.in.inverse = [enabled|disabled] firewall.rule.<index>.auth.out = [interface name] firewall.rule.<index>.auth.out.inverse = [enabled|disabled] firewall.rule.<index>.list = [white,black] firewall.rule.<index>.target = [chain-name] firewall.rule.<index>.t.dnat.dst = [IP address or IP address range] firewall.rule.<index>.t.dnat.Y.status = [enabled|disabled] firewall.rule.<index>.t.dnat.Y.dst = [IP address] firewall.rule.<index>.t.log.level = [emerg, alert, crit, err, warning, notice, info, debug] firewall.rule.<index>.t.log.prefix = [alphanumeric log prefix] firewall.rule.<index>.t.log.tcp.sequence = [enabled|disabled] firewall.rule.<index>.t.log.tcp.options = [enabled|disabled] firewall.rule.<index>.t.log.ip.options = [enabled|disabled] firewall.rule.<index>.t.mark = [integer] firewall.rule.<index>.t.masq.ports = [port or ports range] firewall.rule.<index>.t.redirect.port = [port or ports range] firewall.rule.<index>.t.reject.with = [icmp-net-unreachable, icmp-host-unreachable, icmp-port-unreachable, icmp-proto-unreachable, icmp-net-prohibited, icmp-host-prohibited] firewall.rule.<index>.t.snat.source = [IP address or IP address range] firewall.rule.<index>.t.tos = [hex or decimal value] firewall.rule.<index>.t.ttl.set = [TTL value, e.g. 64] firewall.rule.<index>.t.ttl.dec = [unsigned integer] firewall.rule.<index>.t.ttl.inc = [unsigned integer] firewall.rule.<index>.t.gg.nlgroup = [netlink group, unsigned integer] firewall.rule.<index>.t.ulog.prefix = [alphanumeric prefix] firewall.rule.<index>.t.ulog.cprange = [unsigned int, how many bytes of packet to send] firewall.rule.<index>.t.ulog.qthreshold = [unsigned integer, how many packets to queue before sending] firewall.rule.<index>.cmd = [iptables command parameters] firewall.< table-name>.<chain-name>.policy = [ACCEPT, DROP, RETURN]
Forker Daemon
forker.status = [enabled|disabled] forker.verbose = [enabled|disabled]
HTTP(S) Server
httpd.status = [enabled|disabled] httpd.port.http = [TCP port] httpd.port.https = [TCP port] httpd.port.admin = [TCP port] httpd.certificate.file = [path to the server certificate file required for HTTPS operation] httpd.certificate.key = [path to the key file for the server certificate required for HTTPS operation] httpd.certificate.key.password = [password for the key file encryption] httpd.servername = [host name] httpd.backlog = [maximum pending connections HTTP server accepts] httpd.max.request = [maximum size for POST requests] httpd.max.connections = [maximum requests to be served concurently] httpd.max.idletime = [max session idle time in seconds] httpd.verbose = [enabled|disabled] httpd.external.status = [enabled|disabled] httpd.external.secret = [secret] httpd.wili.configurator.url = [url]
IPSEC
ipsec.status = [enabled|disabled] ipsec.<index>.status = [enabled|disabled] ipsec.<index>.mode = [transport, tunnel] ipsec.<index>.point_src.ip = [ip address] ipsec.<index>.point_dst.ip = [ip address] ipsec.<index>.ah.<direction>.spi = [decimal number, 256-65535] ipsec.<index>.ah.algo = [authentication algorithm] ipsec.<index>.ah.secret = [secret] ipsec.<index>.esp.<direction>.spi = [decimal number, 256-65535] ipsec.<index>.esp.auth.algo = [authentication algorithm] ipsec.<index>.esp.auth.secret = [secret] ipsec.<index>.esp.enc.algo = [encryption algorithm] ipsec.<index>.esp.enc.secret = [secret] ipsec.<index>.ipcomp.<direction>.spi = [decimal number, 256-65535] ipsec.<index>.ipcomp.compression = [deflate, oui, lzs] ipsec.<index>.spd.<index>.status = [enabled|disabled] ipsec.<index>.spd.<index>.src.ip = [ip address] ipsec.<index>.spd.<index>.src.netmask = [netmask bitcount, optional] ipsec.<index>.spd.<index>.dst.ip = [ip address] ipsec.<index>.spd.<index>.dst.netmask = [netmask bitcount, optional] ipsec.<index>.spd.<index>.protocol.<index>.status = [enabled|disabled] ipsec.<index>.spd.<index>.protocol.<index>.name = [ah|esp|ipcomp] ipsec.<index>.spd.<index>.protocol.<index>.level = [require|use|default|unique]
IPSEC RACOON
racoon.status = [enabled|disabled] racoon.psk.<index>.status = [enabled|disabled] racoon.psk.<index>.identifier = [ip address] racoon.psk.<index>.secret = [secret]
Mesh
mesh.status = <enabled|disabled> mesh.ssid = <SSID> mesh.ssid.is_hex = <disabled|enabled> mesh.uplink.<index>.status = <enabled(default)|disabled> mesh.uplink.<index>.devname = <interface name> mesh.downlink.<index>.status = <enabled(default)|disabled> mesh.downlink.<index>.devname = <interface name> mesh.downlink.<index>.kill_delay = <delay, in seconds> , (!) since 5.21 release. mesh.pos_weight=[0-255]. mesh.min_rate_weight=[0-255]. mesh.max_tx_load_weight=[0-255]. mesh.min_hop_threshold =[1-100]
System Modules
modules.status=[enabled|disabled] modules.1.status=[enabled|disabled] modules.1.name=[module name] modules.1.arguments=[argument]
Network Interface
netconf.status = [enabled|disabled] netconf.<index>.status = [enabled|disabled] netconf.<index>.devname = [interface name] netconf.<index>.up = [enabled|disabled] netconf.<index>.ip = [IP] netconf.<index>.netmask = [MASK] netconf.<index>.broadcast = [IP] netconf.<index>.alias.status = [enabled|disabled(default)] netconf.<index>.alias.<index>.status = [enabled(default)|disabled] netconf.<index>.alias.<index>.ip = [IP address] netconf.<index>.alias.<index>.ip_range_end = [IP address describing ip range <ip>-<ip_range_end>] netconf.<index>.alias.<index>.netmask = [network mask (dotted)] netconf.<index>.alias.<index>.broadcast = [broadcast IP] netconf.<index>.mcast.status = [enabled|disabled(default)] since 5.22 netconf.<index>.mcast.<index>.lladdress = [multicast link layer address] since 5.22 netconf.<index>.mcast.<index>.address = [multicast IPv4 address, will be remapped by plugin to link layer] since 5.22 netconf.<index>.allmulti = [enabled|disabled(default)] since 5.22 netconf.<index>.mac = [MAC] netconf.<index>.promisc = [enabled|disabled] netconf.<index>.mtu = [MTU size in B] netconf.<index>.autoneg = [enabled(default)|disabled] netconf.<index>.advertise = mask (see pdd) netconf.<index>.speed = 10/100/1000 netconf.<index>.duplex = half/full
NTP Client
ntpd.status = [enabled|disabled] ntpd.<index>.status = [enabled|disabled] ntpd.<index>.server = [IP]
User Authentication
pam.status = [enabled|disabled] pam.<index>.status = [enabled|disabled] pam.<index>.name = [name of the service] pam.<index>.<auth|account|session|password>.<index>.status = [enabled|disabled] pam.<index>.<auth|account|session|password>.<index>.control = [required|requisite|sufficient|optional] pam.<index>.<auth|account|session|password>.<index>.module = [module name]
PPPoE
pppoe.status = [enabled|disabled] pppoe.<index>.status = [enabled|disabled] pppoe.<index>.name = [profile name] pppoe.<index>.devname = [interface name] pppoe.<index>.maxfail = [terminate after n consecutive failed connection attempts, default: 0 (no limit)] pppoe.<index>.user = [name used for authenticating the local system to the peer, optional] pppoe.<index>.password = [the password to use for authenticating to the peer, optional] pppoe.<index>.service_name = [the desired service name, optional] pppoe.<index>.ac_name = [the desired access concentrator name, optional] pppoe.<index>.mtu = [the MTU value, optional] pppoe.<index>.mru = [the MRU value, optional] pppoe.<index>.add_default_route = [enabled|disabled, default: enabled] pppoe.<index>.use_peer_dns = [enabled|disabled, default:enabled] pppoe.<index>.lcp_echo_failure = [number of LCP echo-requests to be sent without receiving a valid LCP echo-reply to presume the peer to be dead, optional] pppoe.<index>.lcp_echo_interval = [pppd will send an LCP echo-request frame to the peer every n seconds, optional] pppoe.<index>.persist=[enabled(default)|disabled] (!) since 5.21+ pppoe.<index>.holdoff=[time in seconds, optional] (!) since 5.21+ pppoe.<index>.debug = [enabled|disabled, default:disabled]
Routing
route.status = [enabled|disabled] route.ip_forward = [enabled|disabled] route.table.<index>.status = [enabled|disabled] route.table.<index>.id = [table-number] route.table.<index>.name = [table-name] route.rule.<index>.status = [enabled|disabled] route.rule.<index>.ip = [address] route.rule.<index>.netmask = [netmask] route.rule.<index>.table = [number] route.rule.<index>.prio = [number] route.rule.<index>.fwmark = [integer] (!) since 5.23 route.<index>.status = [enabled|disabled] route.<index>.devname = [interface name] route.<index>.gateway = [gateway ip address] route.<index>.ip = [ip address] route.<index>.netmask = [netmask length] route.<index>.table = [number|route-table-name] route.<index>.type = [unicast|local|broadcast|multicast|throw|unreachable|prohibit|blackhole]
Dynamic Routing
zebra.status - enable the Quagga daemon zebra [enabled/disabled]. Default: disabled. --> Since 5.21 ospfd.status - enable the OSPFv2 protocol daemon [enabled/disabled]. Default: disabled. --> Since 5.21 ripd.status - enable the RIP v1 and V2 protocol daemon [enabled/disabled]. Default: disabled. --> Since 5.21 bgpd.status - enable the BGPv4+ protocol daemon [enabled/disabled]. Default: disabled. --> Since 5.22
Physical Radio (Wireless) Devices
radio.status = [enabled|disabled(default)] radio.countrycode = [ISO 3166 country code (default 528 - NL)] radio.outdoor = [0 - indoor (default), 1 - outdoor] radio.xchanmode = [1 - enable extended channel mode (defaul), 0 - disable] radio.<index>.status = [enabled(default)|disabled] radio.<index>.devname = [wireless interface name] radio.<index>.parent = [hardware wireless interface name: wifi0, wifi1] radio.<index>.mode = [operating mode of the device: Ad-Hoc, Managed, Master(default)] radio.<index>.channel = [channel of the device] radio.<index>.turbo = [enabled|disabled(default)] radio.<index>.rate.max = [MAX bit-rate of the device, e.g. "11M"] radio.<index>.rate.auto = [auto rate selection: enabled(default)|disabled] radio.<index>.frag = [fragmentation threshold; e.g. "off"(default), fixed numeric 256-2346] radio.<index>.rts = [RTS threshold; e.g. "off"(default), fixed numeric 0-2347] radio.<index>.txpower = [transmit power in dBm, or off] radio.<index>.ieee_mode = [IEEE mode for radios, auto(default), A, B, G, PUREG, AST] radio.<index>.rx_antenna = [1(default), 2] radio.<index>.rx_antenna_diversity = [enabled(default), disabled] radio.<index>.tx_antenna = [1(default), 2] radio.<index>.tx_antenna_diversity = [enabled(default), disabled] radio.<index>.autochannel.status = [enabled, disabled(default)] radio.<index>.autochannel.<index>.status = [enabled(default), disabled] radio.<index>.autochannel.<index>.channel = [channel] radio.<index>.acktimeout = [ACK timing value, fixed numeric] radio.<index>.ctstimeout = [CTS timing value, fixed numeric] from WILI-S 5.0 radio.<index>.slottime = [Slot time value, fixed numeric] from WILI-S 5.0 radio.<index>.ani = [enabled(default)|disabled] from WILI-S 5.21 radio.<index>.chanattr.<index>.status = [enabled(default), disabled] from WILI-S 5.20 radio.<index>.chanattr.<index>.channel = [channel] from WILI-S 5.20 radio.<index>.chanattr.<index>.bw = [bandwidth for channel: full(default)|half|quarter] from WILI-S 5.20 radio.<index>.chanattr.<index>.freq = [frequency; e.g. 2412] from WILI-S 5.20
RCMS Client
rcms.status = [enabled|disabled] rcms.device.name = [device name] rcms.connection.persistent = [enabled|disabled] rcms.connection.timeout = [number] rcms.multicast.group = [IP multicast group address to listen] rcms.multicast.port = [port] rcms.multicast.devname = [interface name] rcms.path.sysconf = [full path to the sysconf tool] rcms.path.fwupdate = [full path to the fwupdate tool] rcms.heartbeat.url = [URL] rcms.heartbeat.interval = [number of seconds] rcms.heartbeat.optional.<index>.status = [enabled|disabled] rcms.heartbeat.optional.<index>.name = [name of optional XML tag] rcms.heartbeat.optional.<index>.oid = [SNMP OID of value for the optional XML tag] rcms.auth.certificate = [full path to PKCS12 certificate file] rcms.auth.cert_passwd = [password for decoding the PKCS12 file] rcms.auth.cert_uri = [URI to which to issue a GET request to have client certificate sent to server] rcms.auth.identifier = [unique identifier] rcms.statistics.interval = [number of seconds] rcms.heartbeat.network_usage = [enabled|disabled] rcms.heartbeat.mesh_statistics = [enabled|disabled(default)] (!) since 5.20+ rcms.verbose = [enabled|disabled]
SNMP Server
snmpd.status = [enabled|disabled] snmpd.name = [SNMP agent system name] snmpd.location = [SNMP agent system location] snmpd.contact = [SNMP agent system contact] snmpd.rocommunity = [read-only community that can be used to access the agent] snmpd.rouser = [SNMPv3 read-only user name] snmpd.ropassword = [SNMPv3 read-only user password, 8 characters or more] snmpd.traps.status=[enabled(default)|disabled] snmpd.auth.traps=[enabled|disabled(default)] snmpd.trap.community=[community string] snmpd.trapsink.<index>.host=[host IP address for SNMPv1 trap] snmpd.trapsink.<index>.community=[community string] snmpd.trapsink.<index>.port=[port number for SNMPv1 trap] snmpd.trap2sink.<index>.host=[host IP address for SNMPv2 trap] snmpd.trap2sink.<index>.community=[community string] snmpd.trap2sink.<index>.port=[port number for SNMPv2 trap] snmpd.informsink.<index>.host=[host IP address for inform requests] snmpd.informsink.<index>.community=[community string] snmpd.informsink.<index>.port=[port number for inform requests]
Network Usage Statistics
statsd.status = [enabled|disabled(default)] statsd.verbose = [enabled|disabled(default)]
Syslog
syslog.status = [enabled|disabled] syslog.file = [log file name with path] syslog.file.umask = [umask of output file] syslog.file.msg.level = [emerg, alert, crit, err, warning, notice, info, debug] syslog.fwd.status = [enabled|disabled] syslog.fwd.host.ip = [IP] syslog.fwd.host.port = [port] syslog.fwd.msg.level = [level] syslog.fwd.backup.<index>.status = [enabled|disabled] syslog.fwd.backup.<index>.host.ip = [IP] syslog.fwd.backup.<index>.host.port = [port] syslog.rotate.status = [enabled|disabled] syslog.rotate.at.size = [number] syslog.rcms.alarm.status = [enabled|disabled] syslog.rcms.alarm.level = [emerg, alert, crti, err, warning, notice, info]
Trace System
sysconf.trace = [enabled|disabled]
sysctl Plugin
sysctl.status = <enabled|disabled> sysctl.sys.xxx = <value>
Station Supervision
ssd.status = [enabled|disabled] ssd.<index>.status = [enabled|disabled] ssd.<index>.verbose = [enabled|disabled] (default: disabled) ssd.<index>.devname = [interface name] ssd.<index>.check.interval = [check interval. seconds] ssd.<index>.check.count = [check count - how many checks can be unresponded until timeout]
Skins
skin.active = skin name> May be only skin name or full path to skin archive. skin.version = <skin version> #[WILI-MESH skin] specific keys. If these keys are defined, then skin changes MESH role selection between radios. skin.mesh.uplink.status=enabled skin.mesh.uplink.devname = <interface name> skin.mesh.uplink.parent = <interface name> skin.mesh.downlink.status=enabled skin.mesh.downlink.devname = <interface name> skin.mesh.downlink.parent = <interface name> skin.mesh.serviceset.status=enabled skin.mesh.serviceset.devname = <interface name> skin.mesh.serviceset.parent = <interface name>
SSH Server
sshd.status = [enabled|disabled] sshd.port = [port]
GRE Tunnel
tunnel.gre.status = [enabled|disabled] tunnel.gre.<index>.devname = [device name] tunnel.gre.<index>.status = [enabled|disabled] tunnel.gre.<index>.local.ip = [ip address] tunnel.gre.<index>.remote.ip = [ip address] tunnel.gre.<index>.ttl = [0-255] tunnel.gre.<index>.parent = [parent device name] tunnel.gre.<index>.pmtudiscovery = [enabled|disabled]
VTun Tunnel
tunnel.vtun.status = [enabled/disabled]. Default - disabled. (!)since 5.22 and up tunnel.vtun.mode = operating mode [client/server]. Mandatory tunnel.vtun.timetout = [integer]. Default 60. tunnel.vtun.port = Port number to listen(server) or send (client). Default 5000. tunnel.vtun.<index>.passwd = password, string. tunnel.vtun.<index>.proto = [tcp/udp]. Protocol to operate. Client ignores it. Default udp. tunnel.vtun.<index>.compress = [enabled/disabled/zlib/lzo]. In case "enabled" will be used default compressor - zlib. Client ignores it. Default no. tunnel.vtun.<index>.encrypt = [yes|no]. Client ignores it. Default no. tunnel.vtun.<index>.remote.ip = ip address. Real ip of server for client to connect. Mandatory for client. tunnel.vtun.<index>.virtual_local.ip = ip address. Virtual ip of local machine in tunnel. Mandatory. tunnel.vtun.<index>.virtual_remote.ip = ip adress. Virtual ip of remote machine in tunnel. Mandatory. tunnel.vtun.<index>.mtu = maximum transfer unit. Default 1500. tunnel.vtun.<index>.session = name of session. Mandatory.
IP Logging
ulogd.status = [enabled|disabled] ulogd.loglevel = [debug|info|notice(default)|err|crit] (!) since 5.21+
System Users
users.status = [enabled|disabled] users.<index>.status = [enabled|disabled] users.<index>.name = [user name] users.<index>.password = [crypted password string 'as is'] users.<index>.shell = [string - shell executed for the user (i.e. "/bin/sh")], 3.54+ only. users.<index>.uid = [user's unique numeric ID], 3.57 only. users.<index>.gid = [user's group unique numeric ID], 3.57 only.
VLAN
vlan.status = [enabled|disabled] vlan.<index>.status = [enabled|disabled] vlan.<index>.parent = [parent interface name] vlan.<index>.id = [vlan-id, 2-4095] vlan.<index>.priority_in=[auto, manual(default)] vlan.<index>.priority_out=[auto, manual(default)] vlan.<index>.prio_in_map.<index>.vlan_qos=[0..7] vlan.<index>.prio_in_map.<index>.pkt_prio=[0..0x7fffffff] vlan.<index>.prio_out_map.<index>.vlan_qos=[0..7] vlan.<index>.prio_out_map.<index>.pkt_prio=[0..0x7fffffff]
VSSID (Virtuall SSID)
vssid.status = [enabled|disabled] vssid.<index>.status = [enabled|disabled] vssid.<index>.parent = [master_interface] vssid.<index>.devname = [vssid interface name] vssid.<index>.mode = [wireless mode: managed|master]
Wireless ACL
wacl.status = [enabled|disabled] wacl.<index>.status = [enabled(default)| disabled] wacl.<index>.devname = [wireless interface name] wacl.<index>.policy = [open(default)|allow|deny] wacl.<index>.acl.1.status = [enabled(default)|disabled] wacl.<index>.acl.1.mac = [mac address]
Wireless
wireless.status = [enabled|disabled] wireless.<index>.status = [enabled|disabled] wireless.<index>.devname = [wireless interface name] wireless.<index>.security = [wep64 or wep128 or none(default)] wireless.<index>.security.1.key = [restricted security key for the given index; up to 4 keys for a device] wireless.<index>.security.default_key = [default restricted security key index] wireless.<index>.ssid = [the ESSID] wireless.<index>.ssid_broadcast = [enabled(default), disabled] wireless.<index>.l2_isolation = [enabled, disabled(default)] wireless.<index>.security.mode = [restricted(default), open] wireless.<index>.max_clients = [0-2147483647, default is 64] wireless.<index>.authmode = [1|2|4(default); 1 - opensystem, 2 - shared key, 4 - auto] wireless.<index>.country_element = [enabled, disabled(default)] wireless.<index>.power_constrain = [enabled, disabled(default)] wireless.<index>.chanswitch = [enabled, disabled(default)] wireless.<index>.fastframes = [enabled, disabled(default)] wireless.<index>.frameburst = [enabled, disabled(default)] wireless.<index>.compression = [enabled, disabled(default)] wireless.<index>.wmm = [enabled, disabled(default)] wireless.<index>.tos2ac.<index>.status = [enabled(default), disabled] wireless.<index>.tos2ac.<index>.tos = [IP header TOS value, hex format can be used, internaly this value is masked with 0xfc, thus last 2 bits not used] wireless.<index>.tos2ac.<index>.ac = [queue in radio hw to select, values in 1..4, where 4 queue is highest priority.] wireless.<index>.tos2ac.<index>.drop = [drop probability, values in 0-2, 2 highest drop probability if queue getting full] wireless.<index>.ap = [MAC address] wireless.<index>.igmp_snooping = [enabled, disabled(default)]
WDS
wds.status = [enabled|disabled] wds.<index>.status = [enabled|disabled] wds.<index>.parent = [master_interface]
WPA/802.1x Supplicant
wpasupplicant.status = [enabled|disabled] wpasupplicant.wait_for_interface = [enabled|disabled] wpasupplicant.verbose = [0-4] wpasupplicant.keys = [enabled|disabled] wpasupplicant.timestamp = [enabled|disabled] wpasupplicant.device.<index>.status = [enabled|disabled] wpasupplicant.device.<index>.devname = [interface name] wpasupplicant.device.<index>.driver = [driver-name] wpasupplicant.device.<index>.profile = [name] wpasupplicant.profile.<index>.status = [enabled|disabled] wpasupplicant.profile.<index>.name = [name] wpasupplicant.profile.<index>.eapol_version - [1 or 2] wpasupplicant.profile.<index>.ap_scan = [enabled|disabled] wpasupplicant.profile.<index>.fast_reauth = [enabled|disabled] wpasupplicant.profile.<index>.blacklist_age = [time in seconds, default 3600s] wpasupplicant.profile.<index>.network.<index>.status = [enabled|disabled] wpasupplicant.profile.<index>.network.<index>.ssid = [SSID] wpasupplicant.profile.<index>.network.<index>.ssid.hex = [SSID in hex] wpasupplicant.profile.<index>.network.<index>.scan_ssid = [enabled|disabled] wpasupplicant.profile.<index>.network.<index>.bssid = [BSSID] wpasupplicant.profile.<index>.network.<index>.priority = [0-65535] wpasupplicant.profile.<index>.network.<index>.proto.<index>.status = [enabled|disabled] wpasupplicant.profile.<index>.network.<index>.proto.<index>.name = [WPA|RSN] wpasupplicant.profile.<index>.network.<index>.key_mgmt.<index>.status = [enabled|disabled] wpasupplicant.profile.<index>.network.<index>.key_mgmt.<index>.name = [WPA-PSK|WPA-EAP|IEEE8021X|NONE] wpasupplicant.profile.<index>.network.<index>.auth_alg.<index>.status = [enabled|disabled] wpasupplicant.profile.<index>.network.<index>.auth_alg.<index>.name = [OPEN|SHARED|LEAP] wpasupplicant.profile.<index>.network.<index>.pairwise.<index>.status = [enabled|disabled] wpasupplicant.profile.<index>.network.<index>.pairwise.<index>.name = [CCMP|TKIP|NONE] wpasupplicant.profile.<index>.network.<index>.group.<index>.status = [enabled|disabled] wpasupplicant.profile.<index>.network.<index>.group.<index>.name = [CCMP|TKIP|WEP104|WEP40] wpasupplicant.profile.<index>.network.<index>.psk = [256-bit pre-shared key passphrase] wpasupplicant.profile.<index>.network.<index>.psk.hex = [256-bit pre-shared key in hex] wpasupplicant.profile.<index>.network.<index>.eapol_flags = [0-3] wpasupplicant.profile.<index>.network.<index>.eap.<index>.status = [enabled|disabled] wpasupplicant.profile.<index>.network.<index>.eap.<index>.name = [MD5|MSCHAPV2|OTP|GTC|TLS|PEAP|TTLS] wpasupplicant.profile.<index>.network.<index>.wep_key0 = [static WEP key 0: ASCII passphrase] wpasupplicant.profile.<index>.network.<index>.wep_key0.hex = [static WEP key 0: 40-bit or 104-bit static key in hex] wpasupplicant.profile.<index>.network.<index>.wep_key1 = [static WEP key 1: ASCII passphrase] wpasupplicant.profile.<index>.network.<index>.wep_key1.hex = [static WEP key 1: 40-bit or 104-bit static key in hex] wpasupplicant.profile.<index>.network.<index>.wep_key2 = [static WEP key 2: ASCII passphrase] wpasupplicant.profile.<index>.network.<index>.wep_key2.hex = [static WEP key 2: 40-bit or 104-bit static key in hex] wpasupplicant.profile.<index>.network.<index>.wep_key3 = [static WEP key 3: ASCII passphrase] wpasupplicant.profile.<index>.network.<index>.wep_key3.hex = [static WEP key 3: 40-bit or 104-bit static key in hex] wpasupplicant.profile.<index>.network.<index>.wep_tx_keyidx = [static WEP key index(0-3). Default: 0] wpasupplicant.profile.<index>.network.<index>.identity = [Identity string for EAP] wpasupplicant.profile.<index>.network.<index>.anonymous_identity = [Anonymous identity string for EAP] wpasupplicant.profile.<index>.network.<index>.password = [Password string for EAP] wpasupplicant.profile.<index>.network.<index>.pin - [SIM pin code] wpasupplicant.profile.<index>.network.<index>.pcsc - [PCSC string, used for SIM auth. default to empty string if PIN is specified] wpasupplicant.profile.<index>.network.<index>.eappsk.hex = [32 hex digits (16-byte, 128-bit) EAP pre-shared key in hex format] wpasupplicant.profile.<index>.network.<index>.nai = [user NAI(The Network Access Identifier, RFC 2486)] wpasupplicant.profile.<index>.network.<index>.server_nai = [authentication server NAI(The Network Access Identifier, RFC 2486)] wpasupplicant.profile.<index>.network.<index>.ca_cert = [path to CA certificate file] wpasupplicant.profile.<index>.network.<index>.client_cert = [path to client certificate file (PEM/DER)] wpasupplicant.profile.<index>.network.<index>.private_key = [path to client private key file (PEM/DER/PFX)] wpasupplicant.profile.<index>.network.<index>.private_key_passwd = [Password for private key file] wpasupplicant.profile.<index>.network.<index>.dh_file = [path to DH/DSA parameters file (in PEM format)] wpasupplicant.profile.<index>.network.<index>.subject_match = [substring] wpasupplicant.profile.<index>.network.<index>.phase1.peapver = [0|1] wpasupplicant.profile.<index>.network.<index>.phase1.peaplabel = [enabled|disabled] wpasupplicant.profile.<index>.network.<index>.phase1.peap_outer_success = [0-2] wpasupplicant.profile.<index>.network.<index>.phase1.sim_min_num_chal = [2,3] wpasupplicant.profile.<index>.network.<index>.phase2.auth = [MSCHAPV2|MSCHAP|PAP|CHAP] wpasupplicant.profile.<index>.network.<index>.phase2.autheap.<index>.status = [enabled|disabled] wpasupplicant.profile.<index>.network.<index>.phase2.autheap.<index>.name = [MD5|TLS|MSCHAPV2|GTC|OTP|SIM|LEAP|PSK|AKA] wpasupplicant.profile.<index>.network.<index>.phase2.authpeap.<index>.status = [enabled|disabled] wpasupplicant.profile.<index>.network.<index>.phase2.authpeap.<index>.name = [MD5|TLS|MSCHAPV2|GTC|OTP|SIM|LEAP|PSK|AKA] wpasupplicant.profile.<index>.network.<index>.ca_cert2 = [path to CA certificate file] wpasupplicant.profile.<index>.network.<index>.client_cert2 = [path to client certificate file] wpasupplicant.profile.<index>.network.<index>.private_key2 = [path to client private key file] wpasupplicant.profile.<index>.network.<index>.private_key2_passwd = [password for private_key2 file] wpasupplicant.profile.<index>.network.<index>.dh_file2 = [path to DH/DSA parameters file (in PEM format)] wpasupplicant.profile.<index>.network.<index>.subject_match2 = [substring]
