RdpGuard Command Line Interface
Starting from version 9.7.1, RdpGuard has a command line interface (CLI) that allows you to manage
all RdpGuard settings from the command line.
To start the CLI, open a command prompt and run the following command:
cd %programfiles(x86)%\RdpGuard
rdpguard-cli
The following output will be displayed:
Usage:
rdpguard-cli /<object> <command> [parameters]
Available objects:
options
blocking
ipcloud
geoip
ui
proxy
log
whitelist
blacklist
ip
diagnostics
license
smtp-servers
custom-actions
pcap
rdp
ftp
http
imap
pop3
smtp
mysql
mssql
sip
webforms
rdweb
msvpn
To get detailed help for an each object please use:
rdpguard-cli /<object>
Options Object
The options object allows you to manage RdpGuard settings.
To get detailed help for the options object, run the following command:
rdpguard-cli /options
The following output will be displayed:
Available commands:
new-version-check
To get detailed help for an each command please use:
rdpguard-cli /options <command>
new-version-check
The new-version-check command allows you to enable or disable automatic new version check.
To get detailed help for the new-version-check command, run the following command:
rdpguard-cli /options new-version-check
The following output will be displayed:
To set the new version check:
rdpguard-cli /options new-version-check set <on|off>
<on|off> - on to enable new version check and off otherwise
To get the new version check:
rdpguard-cli /options new-version-check get
For example, to enable new version check, run the following command:
rdpguard-cli /options new-version-check set on
Blocking Object
The blocking object allows you to manage IP blocking settings.
To get detailed help for the blocking object, run the following command:
rdpguard-cli /blocking
The following output will be displayed:
Available commands:
max-failed-logins
failed-logins-ttl
duration
ports
get
set
To get detailed help for an each command please use:
rdpguard-cli /blocking <command>
max-failed-logins
The max-failed-logins command allows you to set the maximum number of failed login attempts per IP address.
To get detailed help for the max-failed-logins command, run the following command:
rdpguard-cli /blocking max-failed-logins
The following output will be displayed:
To set the max failed login attempts per IP address:
rdpguard-cli /blocking max-failed-logins set <attempts>
<attempts> - the number of faied login attempts allowed
To get the max failed login attempts:
rdpguard-cli /blocking max-failed-logins get
For example, to set the maximum number of failed login attempts per IP address to 5, run the following command:
rdpguard-cli /blocking max-failed-logins set 5
failed-logins-ttl
The failed-logins-ttl command allows you to set the time period during which failed login attempts information is stored.
To get detailed help for the failed-logins-ttl command, run the following command:
rdpguard-cli /blocking failed-logins-ttl
The following output will be displayed:
To set how long failed login attempts information stored:
rdpguard-cli /blocking failed-logins-ttl set <hours>
<hours> - the number of hours information stored
To get how long failed login attempts information stored:
rdpguard-cli /blocking failed-logins-ttl get
For example, to set the time period during which failed login attempts information is stored to 24 hours, run the following command:
rdpguard-cli /blocking failed-logins-ttl set 24
duration
The duration command allows you to set the time period during which an IP address remains blocked.
To get detailed help for the duration command, run the following command:
rdpguard-cli /blocking duration
The following output will be displayed:
To set how long IP address remains blocked:
rdpguard-cli /blocking duration set <hours>
<hours> - the number of hours IP address remains blocked
To get how long IP address remains blocked:
rdpguard-cli /blocking duration get
For example, to set the time period during which an IP address remains blocked to 24 hours, run the following command:
rdpguard-cli /blocking duration set 24
ports
The ports command allows you to set the ports that are denied for blocked IP addresses.
To get detailed help for the ports command, run the following command:
rdpguard-cli /blocking ports
The following output will be displayed:
To set which ports are denied for blocked IP:
rdpguard-cli /blocking ports set <ports>
<ports> - comma separated list of ports, * mean all ports (recommended)
To get which ports are denied for blocked IP:
rdpguard-cli /blocking ports get
All IP addresses are unblocked if you change this option
For example, to set all ports as denied for blocked IP addresses, run the following command:
rdpguard-cli /blocking ports set *
Please note that all IP addresses are unblocked if you change this option.
get
The get command allows you to get the current blocking settings.
To get all blocking settings, run the following command:
rdpguard-cli /blocking get
The following output will be displayed:
max-failed-logins: 3
failed-logins-ttl: 24
duration : 24
ports : *
set
The set command allows you to set multiple blocking settings at once.
To set multiple blocking settings at once, run the following command:
rdpguard-cli /blocking set <setting=value>,<setting=value>,...
For example, to set the maximum number of failed login attempts per IP address to 5
and the ports that are denied for blocked IP addresses to all ports, run the following command:
rdpguard-cli /blocking set max-failed-logins=5,ports=*
Please note that setting=value pairs are separated by comma and there are no spaces between them.
IP Cloud Object
The ipcloud object allows you to manage IP Cloud settings.
To get detailed help for the ipcloud object, run the following command:
rdpguard-cli /ipcloud
The following output will be displayed:
Available commands:
enabled
To get detailed help for an each command please use:
rdpguard-cli /ipcloud <command>
enabled
The enabled command allows you to enable or disable IP Cloud.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /ipcloud enabled
The following output will be displayed:
To set the IP Cloud enabled status:
rdpguard-cli /ipcloud enabled set <on|off>
<on|off> - on to enable IP Cloud and off otherwise
To get the IP Cloud enabled status:
rdpguard-cli /ipcloud enabled get
For example, to enable IP Cloud, run the following command:
rdpguard-cli /ipcloud enabled set on
GeoIP Object
The geoip object allows you to manage Geo-IP settings.
To get detailed help for the geoip object, run the following command:
rdpguard-cli /geoip
The following output will be displayed:
Available commands:
enabled
mode
db-version
countries
dry-run
allow-loopback
allow-local
exclude-vpn-and-tor
exclude-datacenters
get
set
To get detailed help for an each command please use:
rdpguard-cli /geoip <command>
enabled
The enabled command allows you to enable or disable Geo-IP.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /geoip enabled
The following output will be displayed:
To set the Geo-IP enabled status:
rdpguard-cli /geoip enabled set <on|off>
<on|off> - on to enable Geo-IP and off otherwise
To get the Geo-IP enabled status:
rdpguard-cli /geoip enabled get
For example, to enable Geo-IP, run the following command:
rdpguard-cli /geoip enabled set on
mode
The mode command allows you to set the Geo-IP mode.
To get detailed help for the mode command, run the following command:
rdpguard-cli /geoip mode
The following output will be displayed:
To set the Geo-IP mode:
rdpguard-cli /geoip mode set <mode>
<mode> - the Geo-IP mode:
deny - deny specific countries (all others are allowed)
allow - allow specific countries (all others are denied)
To get the Geo-IP mode:
rdpguard-cli /geoip mode get
For example, to set the Geo-IP mode to block, run the following command:
rdpguard-cli /geoip mode set block
db-version
The db-version command allows you to set the Geo-IP database version.
To get detailed help for the db-version command, run the following command:
rdpguard-cli /geoip db-version
The following output will be displayed:
To set the Geo-IP database version:
rdpguard-cli /geoip db-version set <db-version>
<db-version> - the Geo-IP database version:
lite - fewer entries, lower impact on OS performance, less accurate
max - more entries, higher impact on OS performance, more accurate
To get the Geo-IP database version:
rdpguard-cli /geoip db-version get
For example, to set the Geo-IP database version to max, run the following command:
rdpguard-cli /geoip db-version set max
countries
The countries command allows you to set the Geo-IP countries.
To get detailed help for the countries command, run the following command:
rdpguard-cli /geoip countries
The following output will be displayed:
To set the Geo-IP countries:
rdpguard-cli /geoip countries set <country-codes>
<country-codes> - comma-separated list of country codes
To get the Geo-IP countries:
rdpguard-cli /geoip countries get
For example, to set the Geo-IP countries to US, run the following command:
rdpguard-cli /geoip countries set us
dry-run
The dry-run command allows you to enable or disable Geo-IP Test Mode.
To get detailed help for the dry-run command, run the following command:
rdpguard-cli /geoip dry-run
The following output will be displayed:
To set the Geo-IP Test Mode flag:
rdpguard-cli /geoip dry-run set <on|off>
<on|off> - on to enable Test Mode and off otherwise
To get the Geo-IP Test Mode flag:
rdpguard-cli /geoip dry-run get
For example, to enable Geo-IP Test Mode, run the following command:
rdpguard-cli /geoip dry-run set on
allow-loopback
The allow-loopback command allows you to enable or disable Geo-IP Allow Loopback flag.
To get detailed help for the allow-loopback command, run the following command:
rdpguard-cli /geoip allow-loopback
The following output will be displayed:
To set the Geo-IP Allow Loopback flag:
rdpguard-cli /geoip allow-loopback set <on|off>
<on|off> - on to allow loopback connections and off otherwise
To get the Geo-IP Allow Loopback flag:
rdpguard-cli /geoip allow-loopback get
For example, to enable Geo-IP Allow Loopback flag, run the following command:
rdpguard-cli /geoip allow-loopback set on
allow-local
The allow-local command allows you to enable or disable Geo-IP Allow Local flag.
To get detailed help for the allow-local command, run the following command:
rdpguard-cli /geoip allow-local
The following output will be displayed:
To set the Geo-IP Allow Local flag:
rdpguard-cli /geoip allow-local set <on|off>
<on|off> - on to allow local connections and off otherwise
To get the Geo-IP Allow Local flag:
rdpguard-cli /geoip allow-local get
For example, to enable Geo-IP Allow Local flag, run the following command:
rdpguard-cli /geoip allow-local set on
exclude-vpn-and-tor
The exclude-vpn-and-tor command allows you to enable or disable Geo-IP Exclude VPN and Tor flag.
To get detailed help for the geoip-exclude-vpn-and-tor command, run the following command:
rdpguard-cli /geoip geoip-exclude-vpn-and-tor
The following output will be displayed:
To set the Geo-IP Exclude VPN and Tor flag:
rdpguard-cli /geoip geoip-exclude-vpn-and-tor set <on|off>
<on|off> - on to exclude known VPN networks and Tor exit nodes from the allowed IPs
To get the Geo-IP Exclude VPN and Tor flag:
rdpguard-cli /geoip geoip-exclude-vpn-and-tor get
For example, to enable Geo-IP Exclude VPN and Tor flag, run the following command:
rdpguard-cli /geoip geoip-exclude-vpn-and-tor set on
The exclude-datacenters command allows you to enable or disable Geo-IP Exclude Datacenters flag.
To get detailed help for the exclude-datacenters command, run the following command:
rdpguard-cli /geoip exclude-datacenters
The following output will be displayed:
To set the Geo-IP Exclude Datacenters flag:
rdpguard-cli /geoip exclude-datacenters set <on|off>
<on|off> - on to exclude known datacenters from the allowed IPs
To get the Geo-IP Exclude Datacenters flag:
rdpguard-cli /geoip exclude-datacenters get
For example, to enable Geo-IP Exclude Datacenters flag, run the following command:
rdpguard-cli /geoip exclude-datacenters set on
get
The get command allows you to get the current Geo-IP settings.
To get all Geo-IP settings, run the following command:
rdpguard-cli /geoip get
The following output will be displayed:
enabled : on
mode : allow
db-version : max
countries : us
dry-run : off
allow-loopback : on
allow-local : on
exclude-vpn-and-tor: off
exclude-datacenters: off
set
The set command allows you to set multiple Geo-IP settings at once.
To set multiple Geo-IP settings at once, run the following command:
rdpguard-cli /geoip set <setting=value>,<setting=value>,...
For example, to set the Geo-IP mode to block and the Geo-IP countries to XX, run the following command:
rdpguard-cli /geoip set mode=block,countries=xx
Please note that setting=value pairs are separated by comma and there are no spaces between them.
UI Object
The ui object allows you to manage RdpGuard UI settings.
To get detailed help for the ui object, run the following command:
rdpguard-cli /ui
The following output will be displayed:
Available commands:
icon-in-tray
minimize-to-tray
close-to-tray
status-bar
event-log
entries-per-page
color-theme
get
set
To get detailed help for an each command please use:
rdpguard-cli /ui <command>
icon-in-tray
The icon-in-tray command allows you to set the icon in system tray status.
To get detailed help for the icon-in-tray command, run the following command:
rdpguard-cli /ui icon-in-tray
The following output will be displayed:
To set the icon in system tray status:
rdpguard-cli /ui icon-in-tray set <on|off>
<on|off> - on to show icon in system tray and off otherwise
To get the icon in system tray status:
rdpguard-cli /ui icon-in-tray get
For example, to set the icon in system tray status to on, run the following command:
rdpguard-cli /ui icon-in-tray set on
minimize-to-tray
The minimize-to-tray command allows you to set the minimize to system tray status.
To get detailed help for the minimize-to-tray command, run the following command:
rdpguard-cli /ui minimize-to-tray
The following output will be displayed:
To set the minimize to system tray status:
rdpguard-cli /ui minimize-to-tray set <on|off>
<on|off> - on to minimize to system tray and off otherwise
To get the minimize to system tray status:
rdpguard-cli /ui minimize-to-tray get
For example, to set the minimize to system tray status to on, run the following command:
rdpguard-cli /ui minimize-to-tray set on
close-to-tray
The close-to-tray command allows you to set the close to system tray status.
To get detailed help for the close-to-tray command, run the following command:
rdpguard-cli /ui close-to-tray
The following output will be displayed:
To set the close to system tray status:
rdpguard-cli /ui close-to-tray set <on|off>
<on|off> - on to close to system tray and off otherwise
To get the close to system tray status:
rdpguard-cli /ui close-to-tray get
For example, to set the close to system tray status to on, run the following command:
rdpguard-cli /ui close-to-tray set on
status-bar
The status-bar command allows you to set the show status bar status.
To get detailed help for the status-bar command, run the following command:
rdpguard-cli /ui status-bar
The following output will be displayed:
To set the show status bar status:
rdpguard-cli /ui status-bar set <on|off>
<on|off> - on to show status bar and off otherwise
To get the show status bar status:
rdpguard-cli /ui status-bar get
For example, to set the show status bar status to on, run the following command:
rdpguard-cli /ui status-bar set on
event-log
The event-log command allows you to set the show event log status.
To get detailed help for the event-log command, run the following command:
rdpguard-cli /ui event-log
The following output will be displayed:
To set the show event log status:
rdpguard-cli /ui event-log set <on|off>
<on|off> - on to show event log and off otherwise
To get the show event log status:
rdpguard-cli /ui event-log get
For example, to set the show event log status to on, run the following command:
rdpguard-cli /ui event-log set on
entries-per-page
The entries-per-page command allows you to set the IP addresses per page.
To get detailed help for the entries-per-page command, run the following command:
rdpguard-cli /ui entries-per-page
The following output will be displayed:
To set the IP addresses per page:
rdpguard-cli /ui entries-per-page set <count>
<count> - number of IP addresses per page
To get the IP addresses per page:
rdpguard-cli /ui entries-per-page get
For example, to set the IP addresses per page to 100, run the following command:
rdpguard-cli /ui entries-per-page set 100
color-theme
The color-theme command allows you to set the color theme.
To get detailed help for the color-theme command, run the following command:
rdpguard-cli /ui color-theme
The following output will be displayed:
To set color theme:
rdpguard-cli /ui color-theme set <theme>
<theme> - the color theme to use: light, dark, system
To get color theme:
rdpguard-cli /ui color-theme get
For example, to set the color theme to dark, run the following command:
rdpguard-cli /ui color-theme set dark
get
The get command allows you to get the current UI settings.
To get all UI settings, run the following command:
rdpguard-cli /ui get
The following output will be displayed:
icon-in-tray : on
minimize-to-tray : off
close-to-tray : off
status-bar : on
event-log : on
entries-per-page : 100
color-theme : System
set
The set command allows you to set multiple UI settings at once.
To set multiple UI settings at once, run the following command:
rdpguard-cli /ui set <setting=value>,<setting=value>,...
For example, to set the icon in system tray status to on and the show status bar status to off, run the following command:
rdpguard-cli /ui set icon-in-tray=on,status-bar=off
Please note that setting=value pairs are separated by comma and there are no spaces between them.
Proxy Object
The proxy object allows you to manage Proxy settings.
To get detailed help for the proxy object, run the following command:
rdpguard-cli /proxy
The following output will be displayed:
Available commands:
mode
address
port
authentication
username
password
domain
get
set
To get detailed help for an each command please use:
rdpguard-cli /proxy <command>
mode
The mode command allows you to set the proxy mode.
To get detailed help for the mode command, run the following command:
rdpguard-cli /proxy mode
The following output will be displayed:
To set the proxy mode:
rdpguard-cli /proxy mode set disabled|auto|manual
disabled - disable proxy
auto - use system proxy settings
manual - use manual proxy settings
To get the proxy mode:
rdpguard-cli /proxy mode get
For example, to set the proxy mode to manual, run the following command:
rdpguard-cli /proxy mode set manual
address
The address command allows you to set the proxy address.
To get detailed help for the address command, run the following command:
rdpguard-cli /proxy address
The following output will be displayed:
To set the proxy address:
rdpguard-cli /proxy address set <address>
<address> - the proxy address
To get the proxy address:
rdpguard-cli /proxy address get
For example, to set the proxy address to 192.168.2.200, run the following command:
rdpguard-cli /proxy address set 192.168.2.200
port
The port command allows you to set the proxy port.
To get detailed help for the port command, run the following command:
rdpguard-cli /proxy port
The following output will be displayed:
To set the proxy port:
rdpguard-cli /proxy port set <port>
<port> - the proxy port
To get the proxy port:
rdpguard-cli /proxy port get
For example, to set the proxy port to 8080, run the following command:
rdpguard-cli /proxy port set 8080
authentication
The authentication command allows you to set the proxy authentication.
To get detailed help for the authentication command, run the following command:
rdpguard-cli /proxy authentication
The following output will be displayed:
To set the proxy authentication:
rdpguard-cli /proxy authentication set <on|off>
<on|off> - on to enable proxy authentication and off otherwise
To get the proxy authentication:
rdpguard-cli /proxy authentication get
For example, to enable proxy authentication, run the following command:
rdpguard-cli /proxy authentication set on
username
The username command allows you to set the proxy username.
To get detailed help for the username command, run the following command:
rdpguard-cli /proxy username
The following output will be displayed:
To set the proxy username:
rdpguard-cli /proxy username set <username>
<username> - the proxy username
To get the proxy username:
rdpguard-cli /proxy username get
For example, to set the proxy username to user1, run the following command:
rdpguard-cli /proxy username set user1
password
The password command allows you to set the proxy password.
To get detailed help for the password command, run the following command:
rdpguard-cli /proxy password
The following output will be displayed:
To set the proxy password:
rdpguard-cli /proxy password set <password>
<password> - the proxy password
To get the proxy password:
rdpguard-cli /proxy password get
For example, to set the proxy password to uK&8pNUKK%QW$ih!f94n, run the following command:
rdpguard-cli /proxy password set "uK&8pNUKK%QW$ih!f94n"
Please note that the password should be enclosed in double quotes as it may contain special characters.
domain
The domain command allows you to set the proxy domain.
To get detailed help for the domain command, run the following command:
rdpguard-cli /proxy domain
The following output will be displayed:
To set the proxy domain:
rdpguard-cli /proxy domain set <domain>
<domain> - the proxy domain
To get the proxy domain:
rdpguard-cli /proxy domain get
For example, to set the proxy domain to domain1, run the following command:
rdpguard-cli /proxy domain set domain1
get
The get command allows you to get the current Proxy settings.
To get all Proxy settings, run the following command:
rdpguard-cli /proxy get
The following output will be displayed:
mode : disabled
address : 192.168.2.200
port : 8080
authentication: on
username : user1
password : uK&8pNUKK%QW$ih!f94n
domain :
set
The set command allows you to set multiple Proxy settings at once.
To set multiple Proxy settings at once, run the following command:
rdpguard-cli /proxy set <setting=value>,<setting=value>,...
For example, to set the proxy mode to manual and the proxy address to 192.168.3.100 run the following command:
rdpguard-cli /proxy set mode=manual,address=192.168.3.100
Please note that setting=value pairs are separated by comma and there are no spaces between them.
Log Object
The log object allows you to manage RdpGuard log settings.
To get detailed help for the log object, run the following command:
rdpguard-cli /log
The following output will be displayed:
Available commands:
verbosity
save-to-file
get
set
To get detailed help for an each command please use:
rdpguard-cli /log <command>
verbosity
The verbosity command allows you to set the log verbosity level.
To get detailed help for the verbosity command, run the following command:
rdpguard-cli /log verbosity
The following output will be displayed:
To set the log verbosity level:
rdpguard-cli /log verbosity set <verbosity>
<verbosity> - log verbosity level - verbose, brief, warningsanderrors
To get the log verbosity level:
rdpguard-cli /log verbosity get
For example, to set the log verbosity level to brief, run the following command:
rdpguard-cli /log verbosity set brief
save-to-file
The save-to-file command allows you to set the save log to file flag.
To get detailed help for the save-to-file command, run the following command:
rdpguard-cli /log save-to-file
The following output will be displayed:
To set the save log to file flag:
rdpguard-cli /log save-to-file set <on|off>
<on|off> - on to save log to file and off otherwise
To get the save log to file flag:
rdpguard-cli /log save-to-file get
For example, to enable save log to file flag, run the following command:
rdpguard-cli /log save-to-file set on
get
The get command allows you to get the current log settings.
To get all log settings, run the following command:
rdpguard-cli /log get
The following output will be displayed:
verbosity : brief
save-to-file : on
set
The set command allows you to set multiple log settings at once.
To set multiple log settings at once, run the following command:
rdpguard-cli /log set <setting=value>,<setting=value>,...
For example, to set the log verbosity level to verbose and the save log to file flag to off, run the following command:
rdpguard-cli /log set verbosity=verbose,save-to-file=off
Please note that setting=value pairs are separated by comma and there are no spaces between them.
Whitelist Object
The whitelist object allows you to manage RdpGuard Whitelist.
To get detailed help for the whitelist object, run the following command:
rdpguard-cli /whitelist
The following output will be displayed:
Available commands:
show
add
delete
import
export
To get detailed help for an each command please use:
rdpguard-cli /whitelist <command>
show
The show command allows you to show the Whitelist entries.
To get the Whitelist entries, run the following command:
rdpguard-cli /whitelist show
For example, the following output will be displayed:
IP Comment
192.168.0.0-192.168.0.255 local subnet
add
The add command allows you to add new Whitelist entries.
To get detailed help for the add command, run the following command:
rdpguard-cli /whitelist add
The following output will be displayed:
To add new entries:
rdpguard-cli /whitelist add <entries> [comment]
<entries> - IP address, range, or CIDR. Use comma to add multiple entries.
[comment] - an optional commen regarding the entry.
For example, to add the 192.168.0.0/24 subnet to the Whitelist with the comment "local subnet", run the following command:
rdpguard-cli /whitelist add 192.168.0.0/24 "local subnet"
delete
The delete command allows you to delete Whitelist entries.
To get detailed help for the delete command, run the following command:
rdpguard-cli /whitelist delete
The following output will be displayed:
To delete entries:
rdpguard-cli /whitelist delete <entries>
<entries> - IP address, range, or CIDR. Use comma to delete multiple entries.
For example, to delete the 1.2.3.4 IP address from the Whitelist, run the following command:
rdpguard-cli /whitelist delete 1.2.3.4
import
The import command allows you to import Whitelist entries.
To get detailed help for the import command, run the following command:
rdpguard-cli /whitelist import
The following output will be displayed:
To import entries:
rdpguard-cli /whitelist import <format> <file>
<format> - the format to import the entries from: json, xml, csv.
<file> - the file to import the entries from.
Please note that the existing entries will be replaced with the imported entries..
For example, to import the Whitelist entries from the whitelist.json file, run the following command:
rdpguard-cli /whitelist import json whitelist.json
export
The export command allows you to export Whitelist entries.
To get detailed help for the export command, run the following command:
rdpguard-cli /whitelist export
The following output will be displayed:
To export entries:
rdpguard-cli /whitelist export <format> <file>
<format> - the format to export the entries to: json, xml, csv.
<file> - the file to export the entries to.
For example, to export the Whitelist entries to the whitelist.json file, run the following command:
rdpguard-cli /whitelist export json whitelist.json
Blacklist Object
The blacklist object allows you to manage RdpGuard Blacklist.
To get detailed help for the blacklist object, run the following command:
rdpguard-cli /blacklist
The following output will be displayed:
Available commands:
show
add
delete
import
export
To get detailed help for an each command please use:
rdpguard-cli /blacklist <command>
show
The show command allows you to show the Blacklist entries.
To get the Blacklist entries, run the following command:
rdpguard-cli /blacklist show
For example, the following output will be displayed:
IP Comment
1.2.3.0-1.2.3.255 test subnet
add
The add command allows you to add new Blacklist entries.
To get detailed help for the add command, run the following command:
rdpguard-cli /blacklist add
The following output will be displayed:
To add new entries:
rdpguard-cli /blacklist add <entries> [comment]
<entries> - IP address, range, or CIDR. Use comma to add multiple entries.
[comment] - an optional commen regarding the entry.
For example, to add the 1.2.3.0/24 subnet to the Blacklist with the comment "test subnet", run the following command:
rdpguard-cli /blacklist add 1.2.3.0/24 "test subnet"
delete
The delete command allows you to delete Blacklist entries.
To get detailed help for the delete command, run the following command:
rdpguard-cli /blacklist delete
The following output will be displayed:
To delete entries:
rdpguard-cli /blacklist delete <entries>
<entries> - IP address, range, or CIDR. Use comma to delete multiple entries.
For example, to delete the 1.2.3.4 IP address from the Blacklist, run the following command:
rdpguard-cli /blacklist delete 1.2.3.4
import
The import command allows you to import Blacklist entries.
To get detailed help for the import command, run the following command:
rdpguard-cli /blacklist import
The following output will be displayed:
To import entries:
rdpguard-cli /blacklist import <format> <file>
<format> - the format to import the entries from: json, xml, csv.
<file> - the file to import the entries from.
For example, to import the Blacklist entries from the blacklist.json file, run the following command:
rdpguard-cli /blacklist import json blacklist.json
export
The export command allows you to export Blacklist entries.
To get detailed help for the export command, run the following command:
rdpguard-cli /blacklist export
The following output will be displayed:
To export entries:
rdpguard-cli /blacklist export <format> <file>
<format> - the format to export the entries to: json, xml, csv.
<file> - the file to export the entries to.
For example, to export the Blacklist entries to the blacklist.json file, run the following command:
rdpguard-cli /blacklist export json blacklist.json
IP Object
The ip object allows you to manage blocked IP addresses.
To get detailed help for the ip object, run the following command:
rdpguard-cli /ip
The following output will be displayed:
Available commands:
show
report
block
unblock
export
To get detailed help for an each command please use:
rdpguard-cli /ip <command>
show
The show command shows the blocked IP addresses.
To get the blocked IP addresses, run the following command:
rdpguard-cli /ip show
For example, the following output will be displayed:
2 blocked IP addresses found
[Address] [Block Date] [Unblock Date] [Protocol] [User]
1.2.3.4 6/5/2024 4:33:06 PM 6/6/2024 4:33:06 PM Test [Unknown]
5.6.7.8 6/5/2024 4:22:18 PM 6/6/2024 4:22:18 PM Test [Unknown]
report
The report command allows you to report one or more IP addresses.
To get detailed help for the report command, run the following command:
rdpguard-cli /ip report
The following output will be displayed:
To report an IP address:
rdpguard-cli /ip report <ip> <protocol> [user]
<ip> - IP address to report (comma separated addresses allowed)
<protocol> - protocol
[user] - optional user name
For example, to report the 10.11.12.13 IP address with the RDP protocol and the user name "testuser", run the following command:
rdpguard-cli /ip report 10.11.12.13 RDP testuser
block
The block command allows you to block one or more IP addresses.
To get detailed help for the block command, run the following command:
rdpguard-cli /ip block
The following output will be displayed:
To block an IP address:
rdpguard-cli /ip block <ip> <protocol> [user]
<ip> - IP address to block (comma separated addresses allowed)
<protocol> - protocol
[user] - optional user name
For example, to block the 10.10.10.10 IP address with the RDP protocol and the user name "testuser", run the following command:
rdpguard-cli /ip block 10.10.10.10 RDP testuser
unblock
The unblock command allows you to unblock one or more IP addresses.
To get detailed help for the unblock command, run the following command:
rdpguard-cli /ip unblock
The following output will be displayed:
To unblock an IP address:
rdpguard-cli /ip unblock <ip>
<ip> - IP address to unblock (comma separated addresses allowed),
use * to unblock all IP addresses
For example, to unblock the 10.10.10.10 IP address, run the following command:
rdpguard-cli /ip unblock 10.10.10.10
export
The export command allows you to export blocked IP addresses.
To get detailed help for the export command, run the following command:
rdpguard-cli /ip export
The following output will be displayed:
To export entries:
rdpguard-cli /ip export <format> <file>
<format> - the format to export the entries to: json, xml, csv.
<file> - the file to export the entries to.
For example, to export the blocked IP addresses to the blocked_ips.json file, run the following command:
rdpguard-cli /ip export json blocked_ips.json
Diagnostics Object
The diagnostics object allows you to get diagnostic information and send it to the RdpGuard support team.
To get detailed help for the diagnostics object, run the following command:
rdpguard-cli /diagnostics
The following output will be displayed:
Available commands:
get
send
version
To get detailed help for an each command please use:
rdpguard-cli /diagnostics <command>
get
The get command allows you to get diagnostic information.
To get diagnostic information, run the following command:
rdpguard-cli /diagnostics get
For example, the following output will be displayed:
System Information:
OS: Microsoft Windows 10 Pro (6.2.9200,,x64)
Framework Version: 4.0.30319.42000
Process Information:
BasePriority: 8
HasExited: False
Handle: 1036
HandleCount: 593
Id: 20456
MachineName: .
MainWindowHandle: 0
MainModule: rdpguard-svc.exe (9.6.8)
<skipped..>
The send command allows you to send diagnostic information to the RdpGuard support team.
To get detailed help for the send command, run the following command:
rdpguard-cli /diagnostics send
The following output will be displayed:
To send diagnostic report:
rdpguard-cli /diagnostics send <name> <email> <comment>
<name> - your name
<email> - your email address
<comment> - your comment
version
The version command allows you to get the RdpGuard version.
To get the RdpGuard version, run the following command:
rdpguard-cli /diagnostics version
For example, the following output will be displayed:
9.6.8
License Object
The license object allows you to manage RdpGuard license.
To get detailed help for the license object, run the following command:
rdpguard-cli /license
The following output will be displayed:
Available commands:
show
activate
deactivate
hwid
id
maintenance
To get detailed help for an each command please use:
rdgpguard-cli /license <command>
show
The show command allows you to show the license information.
To get the license information, run the following command:
rdpguard-cli /license show
For example, the following output will be displayed:
Registered version
Maintenance: 35 days remain
activate
The activate command allows you to activate your license key.
To get detailed help for the activate command, run the following command:
rdpguard-cli /license activate
The following output will be displayed:
To activate your license key:
rdgpguard-cli /license activate <license>
<license> - your license key (activation key)
For example, to activate your license key AAAA-BBBB-CCCC-DDDD-EEEE, run the following command:
rdpguard-cli /license activate AAAA-BBBB-CCCC-DDDD-EEEE
deactivate
The deactivate command allows you to deactivate your license key.
To get detailed help for the deactivate command, run the following command:
rdpguard-cli /license deactivate
The following output will be displayed:
Please wait, connecting activation server..
Your license has been successfully deactivated.
hwid
The hwid command allows you to get the hardware ID.
To get the hardware ID, run the following command:
rdpguard-cli /license hwid
For example, the following output will be displayed:
7c46f5ab67c86a44bf028aa31d608d66
id
The id command allows you to get the license ID.
To get the license ID, run the following command:
rdpguard-cli /license id
For example, the following output will be displayed:
45d077a221dcfcae9df52941d92c7048
maintenance
The maintenance command allows you to get the maintenance days.
To get the maintenance days, run the following command:
rdpguard-cli /license maintenance
For example, the following output will be displayed:
35
SMTP Servers Object
The smtp-servers object allows you to manage SMTP servers.
Smtp servers are used to send email notifications in Custom Actions
To get detailed help for the smtp-servers object, run the following command:
rdpguard-cli /smtp-servers
The following output will be displayed:
Available commands:
show
add
edit
delete
import
export
To get detailed help for an each command please use:
rdpguard-cli /smtp-servers <command>
show
The show command allows you to show the SMTP servers.
To get detailed help for the show command, run the following command:
rdpguard-cli /smtp-servers show
The following output will be displayed:
To show smtp servers:
rdpguard-cli /smtp-servers show <id>
<id> - smtp server id (* to show all)
For example, to show all SMTP servers, run the following command:
rdpguard-cli /smtp-servers show *
The following output will be displayed:
ID: 374598b8
Host: localhost
Port: 25
TLS: off
Username: test
Password: test
ID: 4cec9b6f
Host: email-smtp.us-east-1.amazonaws.com
Port: 587
TLS: on
Username: AKIAIOSFODNN7EXAMPLE
Password: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
add
The add command allows you to add a new SMTP server.
To get detailed help for the add command, run the following command:
rdpguard-cli /smtp-servers add
The following output will be displayed:
To add a new SMTP server:
rdgpguard-cli /smtp-servers add <host> <port> <tls> <username> <password>
<host> - SMTP server host
<port> - SMTP server port
<tls> - TLS enabled (on/off)
<username> - SMTP server username
<password> - SMTP server password
For example, to add the localhost SMTP server with the port 25, the TLS disabled, the username "test", and the password "test", run the following command:
rdpguard-cli /smtp-servers add localhost 25 off test test
edit
The edit command allows you to edit an existing SMTP server.
To get detailed help for the edit command, run the following command:
rdpguard-cli /smtp-servers edit
The following output will be displayed:
To edit an existing SMTP server:
rdpguard-cli /smtp-servers edit <id> <property>=<value>,<property>=<value>..
<id> - SMTP server id
<property> - SMTP server property to edit (host, port, tls, username, password)
For example, to edit the localhost SMTP server with the id 374598b8 and change the port to 2525, run the following command:
rdpguard-cli /smtp-servers edit 374598b8 port=2525
delete
The delete command allows you to delete an existing SMTP server.
To get detailed help for the delete command, run the following command:
rdpguard-cli /smtp-servers delete
The following output will be displayed:
To delete an existing SMTP server:
rdpguard-cli /smtp-servers delete <id>
<id> - SMTP server id (* to delete all servers)
For example, to delete the localhost SMTP server with the id 374598b8, run the following command:
rdpguard-cli /smtp-servers delete 374598b8
import
The import command allows you to import SMTP servers.
To get detailed help for the import command, run the following command:
rdpguard-cli /smtp-servers import
The following output will be displayed:
To import entries:
rdpguard-cli /smtp-servers import <format> <file>
<format> - the format to import the entries from: json, xml, csv.
<file> - the file to import the entries from.
Please note that the existing entries will be replaced with the imported entries.
For example, to import the SMTP servers from the smtp_servers.json file, run the following command:
rdpguard-cli /smtp-servers import json smtp_servers.json
export
The export command allows you to export SMTP servers.
To get detailed help for the export command, run the following command:
rdpguard-cli /smtp-servers export
The following output will be displayed:
To export entries:
rdpguard-cli /smtp-servers export <format> <file>
<format> - the format to export the entries to: json, xml, csv.
<file> - the file to export the entries to.
For example, to export the SMTP servers to the smtp_servers.json file, run the following command:
rdpguard-cli /smtp-servers export json smtp_servers.json
Custom Actions Object
The custom-actions object allows you to manage Custom Actions.
Custom actions are used to perform specific tasks when certain events occur in RdpGuard.
To get detailed help for the custom-actions object, run the following command:
rdpguard-cli /custom-actions
The following output will be displayed:
Available commands:
show
add
edit
delete
import
export
To get detailed help for an each command please use:
rdpguard-cli /custom-actions <command>
show
The show command shows the custom actions.
To get detailed help for the show command, run the following command:
rdpguard-cli /custom-actions show
The following output will be displayed:
To show custom actions:
rdpguard-cli /custom-actions show <id>
<id> - custom action id (* to show all)
For example, to show all custom actions, run the following command:
rdpguard-cli /custom-actions show *
The following output will be displayed:
ID: e40bcdba
Enabled: True
Event:
Type: IPBlocked
Settings:
Task:
Type: SendMailTask
ServerId: 4cec9b6f
From: noreply@mydomain.com
To: example@mydomain.com
Subject: RdpGuard blocked %IP%
Body: IP: %IP%
User: %USER%
Block Date: %BLOCK_DATE%
Unblock Date: %UNBLOCK_DATE%
Protocol: %PROTOCOL%
Host: %HOSTNAME%
Total IP addresses currently blocked: %TOTAL_IP_BLOCKED%
ID: 83fb8dad
Enabled: False
Event:
Type: NewVersionAvailable
Settings:
Task:
Type: HttpPostTask
Endpoint: https://mydomain.com/rdpguard-notifications-endpoint.aspx
BasicAuth: False
Username:
Password:
Body: {
"NewVersionAvailable": {
"Version": "%NEW_VERSION_NUMBER%",
"Link": "%NEW_VERSION_LINK%",
"Host": "%HOSTNAME%"
}
}
add
The add command allows you to add a new custom action.
To get detailed help for the add command, run the following command:
rdpguard-cli /custom-actions add
The following output will be displayed:
To add a new custom action:
rdpguard-cli /custom-actions add <event> <task> <details>
<event> - IPBlocked, IPUnblocked, UserLoggedIn, NewVersionAvailable,
MaintenanceIsAboutToExpire, MaintenanceExpired
<task> - SendMailTask, HttpPostTask, ProgramExecuteTask,
AbuseIPDBReportTask, SendTelegramTask
<details> - task-specific details as comma-separated key=value pairs:
Common properties for all tasks - enabled, event, task
SendMailTask - server-id, from, to, subject, body
HttpPostTask - endpoint, basic-auth, username, password, body
ProgramExecuteTask - path, args
AbuseIPDBReportTask - api-key
SendTelegramTask - bot-token, chat-id, message
For example, to add a new custom action that sends an email notification when an IP address is blocked, run the following command:
rdpguard-cli /custom-actions add IPBlocked SendMailTask "server-id=4cec9b6f,from=test@domain.com,to=me@domain.com,subject=%IP% Blocked,body=IP: %IP%\r\nUser: %USER%"
Please note that details must be enclosed in double quotes if they contain spaces.
edit
The edit command allows you to edit an existing custom action.
To get detailed help for the edit command, run the following command:
rdpguard-cli /custom-actions edit
The following output will be displayed:
To edit an existing custom action:
rdpguard-cli /custom-actions edit <id> <details>
<id> - custom action id
<details> - task-specific details as comma-separated key=value pairs:
Common properties for all tasks - enabled, event, task
SendMailTask - server-id, from, to, subject, body
HttpPostTask - endpoint, basic-auth, username, password, body
ProgramExecuteTask - path, args
AbuseIPDBReportTask - api-key
SendTelegramTask - bot-token, chat-id, message
For example, to edit the custom action with the id e40bcdba and change the email subject, run the following command:
rdpguard-cli /custom-actions edit e40bcdba subject="RdpGuard blocked %IP% on %HOSTNAME%"
delete
The delete command allows you to delete an existing custom action.
To get detailed help for the delete command, run the following command:
rdpguard-cli /custom-actions delete
The following output will be displayed:
To delete an existing custom action:
rdpguard-cli /custom-actions delete <id>
<id> - custom action id (* to delete all actions)
For example, to delete the custom action with the id e40bcdba, run the following command:
rdpguard-cli /custom-actions delete e40bcdba
import
The import command allows you to import custom actions.
To get detailed help for the import command, run the following command:
rdpguard-cli /custom-actions import
The following output will be displayed:
To import entries:
rdpguard-cli /custom-actions import <format> <file>
<format> - the format to import the entries from: json, xml.
<file> - the file to import the entries from.
Please note that the existing entries will be replaced with the imported entries.
For example, to import the custom actions from the custom_actions.json file, run the following command:
rdpguard-cli /custom-actions import json custom_actions.json
export
The export command allows you to export custom actions.
To get detailed help for the export command, run the following command:
rdpguard-cli /custom-actions export
The following output will be displayed:
To export entries:
rdpguard-cli /custom-actions export <format> <file>
<format> - the format to export the entries to: json, xml.
<file> - the file to export the entries to.
For example, to export the custom actions to the custom_actions.json file, run the following command:
rdpguard-cli /custom-actions export json custom_actions.json
Pcap Object
The pcap object allows you to manage network adapters for packet capturing.
To get detailed help for the pcap object, run the following command:
rdpguard-cli /pcap
The following output will be displayed:
Available commands:
status
adapters
adapters-all
To get detailed help for an each command please use:
rdpguard-cli /pcap <command>
status
The status command allows you to get the pcap status.
To get the pcap status, run the following command:
rdpguard-cli /pcap status
For example, the following output will be displayed:
installed
adapters
The adapters command allows you to get the pcap network adapters.
The command returns the network adapters that are most likely to be used for packet capturing,
i.e. the adapters that are not loopback and are up, running, and connected.
To get the pcap network adapters, run the following command:
rdpguard-cli /pcap adapters
For example, the following output will be displayed:
Id: rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}
Name: Network adapter 'OpenVPN Data Channel Offload' on local host
Attributes: up, running, connected
Id: rpcap://\Device\NPF_{fb296561-b160-4977-9520-50122bb8cfa3}
Name: Network adapter 'Realtek PCIe GBE Family Controller' on local host
Attributes: up, running, connected
Id: rpcap://\Device\NPF_{a3c5d9fa-16a7-4f9e-a95f-a27b84e2931f}
Name: Network adapter 'sing-tun Tunnel' on local host
Attributes: up, running, connected
adapters-all
The adapters-all command allows you to get all pcap network adapters.
To get all pcap network adapters, run the following command:
rdpguard-cli /pcap adapters-all
For example, the following output will be displayed:
Id: rpcap://\Device\NPF_{a00eb421-ed32-4791-b3ca-ffba833127d8}
Name: Network adapter 'WAN Miniport (Network Monitor)' on local host
Attributes: up, running, connected
Id: rpcap://\Device\NPF_{cb4e717d-d8a1-4392-bd7d-007e7ce5cd2b}
Name: Network adapter 'WAN Miniport (IPv6)' on local host
Attributes: up, running, connected
Id: rpcap://\Device\NPF_{cb55bd7f-ca82-4e82-b9cf-8cb7cb1db0a9}
Name: Network adapter 'WAN Miniport (IP)' on local host
Attributes: up, running, connected
Id: rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}
Name: Network adapter 'OpenVPN Data Channel Offload' on local host
Attributes: up, running, connected
Id: rpcap://\Device\NPF_{f5b8a8af-4770-4d45-991c-1802d0431c1b}
Name: Network adapter 'VirtualBox Host-Only Ethernet Adapter' on local host
Attributes: up, running, connected
Id: rpcap://\Device\NPF_{fb296561-b160-4977-9520-50122bb8cfa3}
Name: Network adapter 'Realtek PCIe GBE Family Controller' on local host
Attributes: up, running, connected
Id: rpcap://\Device\NPF_{a3c5d9fa-16a7-4f9e-a95f-a27b84e2931f}
Name: Network adapter 'sing-tun Tunnel' on local host
Attributes: up, running, connected
Id: rpcap://\Device\NPF_Loopback
Name: Network adapter 'Adapter for loopback traffic capture' on local host
Attributes: loopback, up, running, connected, disconnected, not applicable
Id: rpcap://\Device\NPF_{f591d1c3-893d-4d83-8c7c-e7ad2adde977}
Name: Network adapter 'TAP-Windows Adapter V9' on local host
Attributes: up, running, disconnected
Rdp Object
The rdp object allows you to manage RDP protection settings.
To get detailed help for the rdp object, run the following command:
rdpguard-cli /rdp
The following output will be displayed:
Available commands:
enabled
traffic-monitoring
traffic-monitoring-method
raw-sockets-addresses
pcap-adapter
ports
exclusions
get
set
To get detailed help for an each command please use:
rdpguard-cli /rdp <command>
enabled
The enabled command allows you to enable or disable the RDP protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /rdp enabled
The following output will be displayed:
To set the engine Enabled status:
rdpguard-cli /rdp enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status:
rdpguard-cli /rdp enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the RDP protection engine, run the following command:
rdpguard-cli /rdp enabled set on
traffic-monitoring
The traffic-monitoring command allows you to enable or disable RDP traffic monitoring.
To get detailed help for the traffic-monitoring command, run the following command:
rdpguard-cli /rdp traffic-monitoring
The following output will be displayed:
To set the engine traffic monitoring:
rdpguard-cli /rdp traffic-monitoring set <on|off>
<on|off> - on to enable traffic monitoring and off otherwise
RDP TRAFFIC MONITORING IS USUALLY NOT NEEDED ON WINDOWS SERVER 2012 AND HIGHER
To get the engine traffic monitoring:
rdpguard-cli /rdp traffic-monitoring get
RdpGuard Service restart is required for these changes to take effect
For example, to enable RDP traffic monitoring, run the following command:
rdpguard-cli /rdp traffic-monitoring set on
traffic-monitoring-method
The traffic-monitoring-method command allows you to set the RDP traffic monitoring method.
To get detailed help for the traffic-monitoring-method command, run the following command:
rdpguard-cli /rdp traffic-monitoring-method
The following output will be displayed:
To set the engine traffic monitoring method:
rdpguard-cli /rdp traffic-monitoring-method set <method>
<method> - engine traffic monitoring method: winpcap, rawsockets
To get the engine traffic monitoring method:
rdpguard-cli /rdp traffic-monitoring-method get
RdpGuard Service restart is required for these changes to take effect
For example, to set the RDP traffic monitoring method to WinPcap, run the following command:
rdpguard-cli /rdp traffic-monitoring-method set winpcap
raw-sockets-addresses
The raw-sockets-addresses command allows you to set the monitored raw sockets addresses.
To get detailed help for the raw-sockets-addresses command, run the following command:
rdpguard-cli /rdp raw-sockets-addresses
The following output will be displayed:
To set the monitored raw sockets addresses:
rdpguard-cli /rdp raw-sockets-addresses set <addresses>
<addresses> - comma-separated list of addresses (* - all addresses)
To get the monitored raw sockets addresses:
rdpguard-cli /rdp raw-sockets-addresses get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored raw sockets addresses to 192.168.1.37 and 127.0.0.1, run the following command:
rdpguard-cli /rdp raw-sockets-addresses set 192.168.1.37,127.0.0.1
pcap-adapter
The pcap-adapter command allows you to set the WinPcap adapter for monitoring.
To get detailed help for the pcap-adapter command, run the following command:
rdpguard-cli /rdp pcap-adapter
The following output will be displayed:
To set the winpcap adapter for monitoring:
rdpguard-cli /rdp pcap-adapter set <adapter-id>
<adapter-id> - winpcap adapter id (use the /pcap adapters to get one)
To get the winpcap adapter for monitoring:
rdpguard-cli /rdp pcap-adapter get
RdpGuard Service restart is required for these changes to take effect
For example, to set the WinPcap adapter for monitoring to rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}, run the following command:
rdpguard-cli /rdp pcap-adapter set rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}
ports
The ports command allows you to set the monitored ports.
To get detailed help for the ports command, run the following command:
rdpguard-cli /rdp ports
The following output will be displayed:
To set the monitored ports:
rdpguard-cli /rdp ports set <ports>
<ports> - one or multiple ports, comma-separated
To get the monitored ports:
rdpguard-cli /rdp ports get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored ports to 3389, run the following command:
rdpguard-cli /rdp ports set 3389
exclusions
The exclusions command allows you to set the RDP engine exclusions.
To get detailed help for the exclusions command, run the following command:
rdpguard-cli /rdp exclusions
The following output will be displayed:
To set the engine exclusions:
rdpguard-cli /rdp exclusions set <exclusions>
<exclusions> - exclusion rules for the engine, check the documentation for the format
To get the engine exclusions:
rdpguard-cli /rdp exclusions get
RdpGuard Service restart is required for these changes to take effect
For example, to set the RDP engine exclusions to exclude logon attempts with the LogonType 4
and the TargetUserName starting with test, run the following command:
rdpguard-cli /rdp exclusions set "LogonType=4 OR TargetUserName=test*"
Please note that exclusions must be enclosed in double quotes if they contain spaces.
get
The get command allows you to get the RDP protection settings.
To get the RDP protection settings, run the following command:
rdpguard-cli /rdp get
For example, the following output will be displayed:
enabled : on
traffic-monitoring : off
traffic-monitoring-method: winpcap
raw-sockets-addresses : *
pcap-adapter : rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}
ports : 3389
exclusions : LogonType=4 OR TargetUserName=test*
set
The set command allows you to set the RDP protection settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /rdp set
The following output will be displayed:
To set engine settings in bulk:
rdpguard-cli /rdp set <setting=value>,<setting=value>,..
For example, to set the RDP protection settings in bulk, run the following command:
rdpguard-cli /rdp set enabled=on,traffic-monitoring=off
Ftp Object
The ftp object allows you to manage FTP protection settings.
To get detailed help for the ftp object, run the following command:
rdpguard-cli /ftp
The following output will be displayed:
Available commands:
enabled
monitoring-method
server
logs
traffic-monitoring-method
raw-sockets-addresses
pcap-adapter
ports
get
set
To get detailed help for an each command please use:
rdpguard-cli /ftp <command>
enabled
The enabled command allows you to enable or disable the FTP protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /ftp enabled
The following output will be displayed:
To set the engine Enabled status:
rdpguard-cli /ftp enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status:
rdpguard-cli /ftp enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the FTP protection engine, run the following command:
rdpguard-cli /ftp enabled set on
monitoring-method
The monitoring-method command allows you to set the engine monitoring method.
To get detailed help for the monitoring-method command, run the following command:
rdpguard-cli /ftp monitoring-method
The following output will be displayed:
To set the engine monitoring method:
rdpguard-cli /ftp monitoring-method set <method>
<method> - engine monitoring method: logs, traffic
To get the engine monitoring method:
rdpguard-cli /ftp monitoring-method get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine monitoring method to logs, run the following command:
rdpguard-cli /ftp monitoring-method set logs
server
The server command allows you to set the FTP server type.
The server must be set if you want to use the logs monitoring method.
To get detailed help for the server command, run the following command:
rdpguard-cli /ftp server
The following output will be displayed:
To set the FTP server type:
rdpguard-cli /ftp server set <server-type>
<server-type> - FTP server type:
iis : Microsoft IIS
filezilla : FileZilla
axigen : Axigen Mail Server (FTP-BACKUP)
solarwinds: SolarWinds SFTP/SCP
serv-u : Serv-U
To get the FTP server type:
rdpguard-cli /ftp server get
RdpGuard Service restart is required for these changes to take effect
For example, to set the FTP server type to Microsoft IIS, run the following command:
rdpguard-cli /ftp server set iis
logs
The logs command allows you to set the the engine monitored logs.
The logs must be set if you want to use the logs monitoring method.
To get detailed help for the logs command, run the following command:
rdpguard-cli /ftp logs
The following output will be displayed:
To set the the engine monitored logs:
rdpguard-cli /ftp logs set <location>
<location> - one or more comma-separated log locations
To get the engine monitored logs:
rdpguard-cli /ftp logs get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine monitored logs to C:\Temp\iis\ftp-1 and C:\Temp\iis\ftp-2, run the following command:
rdpguard-cli /ftp logs set C:\Temp\iis\ftp-1,C:\Temp\iis\ftp-2
traffic-monitoring-method
The traffic-monitoring-method command allows you to set the engine traffic monitoring method.
To get detailed help for the traffic-monitoring-method command, run the following command:
rdpguard-cli /ftp traffic-monitoring-method
The following output will be displayed:
To set the engine traffic monitoring method:
rdpguard-cli /ftp traffic-monitoring-method set <method>
<method> - engine traffic monitoring method: winpcap, rawsockets
To get the engine traffic monitoring method:
rdpguard-cli /ftp traffic-monitoring-method get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine traffic monitoring method to WinPcap, run the following command:
rdpguard-cli /ftp traffic-monitoring-method set winpcap
raw-sockets-addresses
The raw-sockets-addresses command allows you to set the monitored raw sockets addresses.
The raw sockets addresses must be set if you want to use the raw sockets traffic monitoring method.
To get detailed help for the raw-sockets-addresses command, run the following command:
rdpguard-cli /ftp raw-sockets-addresses
The following output will be displayed:
To set the monitored raw sockets addresses:
rdpguard-cli /ftp raw-sockets-addresses set <addresses>
<addresses> - comma-separated list of addresses (* - all addresses)
To get the monitored raw sockets addresses:
rdpguard-cli /ftp raw-sockets-addresses get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored raw sockets addresses to all addresses, run the following command:
rdpguard-cli /ftp raw-sockets-addresses set *
pcap-adapter
The pcap-adapter command allows you to set the WinPcap adapter for monitoring.
Pcap adapter must be set if you want to use the WinPcap traffic monitoring method.
To get detailed help for the pcap-adapter command, run the following command:
rdpguard-cli /ftp pcap-adapter
The following output will be displayed:
To set the WinPcap adapter for monitoring:
rdpguard-cli /ftp pcap-adapter set <adapter-id>
<adapter-id> - WinPcap adapter id (use the /pcap adapters to get one)
To get the WinPcap adapter for monitoring:
rdpguard-cli /ftp pcap-adapter get
RdpGuard Service restart is required for these changes to take effect
For example, to set the WinPcap adapter for monitoring
to rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}, run the following command:
rdpguard-cli /ftp pcap-adapter set rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}
ports
The ports command allows you to set the monitored ports.
To get detailed help for the ports command, run the following command:
rdpguard-cli /ftp ports
The following output will be displayed:
To set the monitored ports:
rdpguard-cli /ftp ports set <ports>
<ports> - one or multiple ports, comma-separated
To get the monitored ports:
rdpguard-cli /ftp ports get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored ports to 21, run the following command:
rdpguard-cli /ftp ports set 21
get
The get command allows you to get the current FTP protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /ftp get
The following output will be displayed:
enabled : on
monitoring-method : logs
server : Microsoft IIS
logs : C:\Temp\iis\ftp-1,C:\Temp\iis\ftp-2
traffic-monitoring-method: rawsockets
raw-sockets-addresses : *
pcap-adapter : rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}
ports : 21
set
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /ftp set
The following output will be displayed:
To set engine settings in bulk:
rdpguard-cli /ftp set <setting=value>,<setting=value>,..
HTTP Object
The http object allows you to manage HTTP protection settings.
To get detailed help for the http object, run the following command:
rdpguard-cli /http
The following output will be displayed:
Available commands:
enabled
logs
rules
use-x-forwarded-for-field
get
set
To get detailed help for an each command please use:
rdpguard-cli /http <command>
enabled
The enabled command allows you to enable or disable the
HTTP protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /http enabled
The following output will be displayed:
To set the engine Enabled status:
rdpguard-cli /http enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status:
rdpguard-cli /http enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the HTTP protection engine, run the following command:
rdpguard-cli /http enabled set on
logs
The logs command allows you to set the engine monitored logs.
To get detailed help for the logs command, run the following command:
rdpguard-cli /http logs
The following output will be displayed:
To set the engine monitored logs:
rdpguard-cli /http logs set <location>
<location> - one or more comma-separated log locations
To get the engine monitored logs:
rdpguard-cli /http logs get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine monitored logs to C:\inetpub\logs\LogFiles\W3SVC1
and C:\inetpub\logs\LogFiles\W3SVC2, run the following command:
rdpguard-cli /http logs set C:\inetpub\logs\LogFiles\W3SVC1,C:\inetpub\logs\LogFiles\W3SVC2
rules
The rules command allows you to set the detection rules for the HTTP protection engine.
To get detailed help for the rules command, run the following command:
rdpguard-cli /http rules
The following output will be displayed:
To set the detection rules:
rdpguard-cli /http rules set <rules>
<rules> - HTTP detection rules
To get the detection rules:
rdpguard-cli /http rules get
RdpGuard Service restart is required for these changes to take effect
For example, to set detection rules, run the following command:
rdpguard-cli /http rules set "Status=404,Threshold=15\r\nUri=*/.aws*\r\nUri=*/.env*\r\nUri=*/.git*\r\nUri=*/.hg/*\r\nUri=*/.svn*\r\nUri=*/.vscode*"
use-x-forwarded-for-field
The use-x-forwarded-for-field command allows you to set the Use X-Forwarded-For Field flag.
To get detailed help for the use-x-forwarded-for-field command, run the following command:
rdpguard-cli /rdweb use-x-forwarded-for-field
The following output will be displayed:
To set the Use X-Forwarded-For Field flag status:
rdpguard-cli /http use-x-forwarded-for-field set <on|off>
<on|off> - on to use the X-Forwarded-For header to read client IP address and off otherwise
DO NOT ENABLE THIS OPTION UNLESS YOU ARE HOSTING YOUR WEBSITE BEHIND A PROXY
To get the Use X-Forwarded-For Field flag status:
rdpguard-cli /http use-x-forwarded-for-field get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the Use X-Forwarded-For Field flag, run the following command:
rdpguard-cli /http use-x-forwarded-for-field set on
get
The get command allows you to get the current HTTP protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /http get
The following output will be displayed:
enabled: off
logs : C:\inetpub\logs\LogFiles\W3SVC1,C:\inetpub\logs\LogFiles\W3SVC2
rules :
# This is comment, it starts with the # symbol
# Treat each 15 requests with HTTP status 404 as scan attempt
Status=404,Threshold=15
# secrets, environment variables, repository metadata scan
Uri=*/.aws*
Uri=*/.env*
Uri=*/.git*
Uri=*/.hg/*
Uri=*/.svn*
Uri=*/.vscode*
# scan for backups, uncomment if you do not host these archive types
#Uri=/*.bz2
#Uri=/*.tar.gz
#Uri=/*.tgz
#Uri=/*.7z
#Uri=/*.zip, Uri!=/download/*
#Uri=/*.rar
# scan for wordpress files, uncomment if necessary
#Uri=*/wp-content/*
#Uri=*/wp-admin/*
#Uri=*/wp-includes/*
#Uri=*/wp-json/*
#Uri=*/wp-config*
#Uri=*/wp-login.php*
use-x-forwarded-for-field : off
set
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /http set
The following output will be displayed:
To set engine settings in bulk:
rdpguard-cli /http set <setting=value>,<setting=value>,..
IMAP Object
The imap object allows you to manage IMAP protection settings.
To get detailed help for the imap object, run the following command:
rdpguard-cli /imap
The following output will be displayed:
Available commands:
enabled
monitoring-method
server
logs
traffic-monitoring-method
raw-sockets-addresses
pcap-adapter
ports
get
set
To get detailed help for an each command please use:
rdpguard-cli /imap <command>
enabled
The enabled command allows you to enable or disable the IMAP protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /imap enabled
The following output will be displayed:
To set the engine Enabled status:
rdpguard-cli /imap enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status:
rdpguard-cli /imap enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the IMAP protection engine, run the following command:
rdpguard-cli /imap enabled set on
monitoring-method
The monitoring-method command allows you to set the engine monitoring method.
To get detailed help for the monitoring-method command, run the following command:
rdpguard-cli /imap monitoring-method
The following output will be displayed:
To set the engine monitoring method:
rdpguard-cli /imap monitoring-method set <method>
<method> - engine monitoring method: logs, traffic
To get the engine monitoring method:
rdpguard-cli /imap monitoring-method get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine monitoring method to logs (recommended), run the following command:
rdpguard-cli /imap monitoring-method set logs
server
The server command allows you to set the IMAP server type.
The server must be set if you want to use the logs monitoring method.
To get detailed help for the server command, run the following command:
rdpguard-cli /imap server
The following output will be displayed:
To set the IMAP server type:
rdpguard-cli /imap server set <server-type>
<server-type> - IMAP server type:
mailenable : MailEnable
kerio : Kerio Connect
hmailserver: hMailServer
exchange : MS Exchange
axigen : Axigen Mail Server
mdaemon : MDaemon Email Server
smartermail: SmarterMail
To get the IMAP server type:
rdpguard-cli /imap server get
RdpGuard Service restart is required for these changes to take effect
For example, to set the IMAP server type to SmarterMail, run the following command:
rdpguard-cli /imap server set smartermail
logs
The logs command allows you to set the engine monitored logs.
The logs must be set if you want to use the logs monitoring method.
To get detailed help for the logs command, run the following command:
rdpguard-cli /imap logs
The following output will be displayed:
To set the the engine monitored logs:
rdpguard-cli /imap logs set <location>
<location> - one or more comma-separated log locations
To get the engine monitored logs:
rdpguard-cli /imap logs get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine monitored logs to C:\Temp\smartermail, run the following command:
rdpguard-cli /imap logs set C:\Temp\smartermail
traffic-monitoring-method
The traffic-monitoring-method command allows you to set the engine traffic monitoring method.
To get detailed help for the traffic-monitoring-method command, run the following command:
rdpguard-cli /imap traffic-monitoring-method
The following output will be displayed:
To set the engine traffic monitoring method:
rdpguard-cli
/imap traffic-monitoring-method set <method>
<method> - engine traffic monitoring method: winpcap, rawsockets
To get the engine traffic monitoring method:
rdpguard-cli /imap traffic-monitoring-method get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine traffic monitoring method to WinPcap, run the following command:
rdpguard-cli /imap traffic-monitoring-method set winpcap
raw-sockets-addresses
The raw-sockets-addresses command allows you to set the monitored raw sockets addresses.
The raw sockets addresses must be set if you want to use the raw sockets traffic monitoring method.
To get detailed help for the raw-sockets-addresses command, run the following command:
rdpguard-cli /imap raw-sockets-addresses
The following output will be displayed:
To set the monitored raw sockets addresses:
rdpguard-cli /imap raw-sockets-addresses set <addresses>
<addresses> - comma-separated list of addresses (* - all addresses)
To get the monitored raw sockets addresses:
rdpguard-cli /imap raw-sockets-addresses get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored raw sockets addresses to all addresses, run the following command:
rdpguard-cli /imap raw-sockets-addresses set *
pcap-adapter
The pcap-adapter command allows you to set the WinPcap adapter for monitoring.
Pcap adapter must be set if you want to use the WinPcap traffic monitoring method.
To get detailed help for the pcap-adapter command, run the following command:
rdpguard-cli /imap pcap-adapter
The following output will be displayed:
To set the WinPcap adapter for monitoring:
rdpguard-cli /imap pcap-adapter set <adapter-id>
<adapter-id> - WinPcap adapter id (use the /pcap adapters to get one)
To get the WinPcap adapter for monitoring:
rdpguard-cli /imap pcap-adapter get
RdpGuard Service restart is required for these changes to take effect
For example, to set the WinPcap adapter for monitoring
to rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}, run the following command:
rdpguard-cli /imap pcap-adapter set rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}
ports
The ports command allows you to set the monitored ports.
To get detailed help for the ports command, run the following command:
rdpguard-cli /imap ports
The following output will be displayed:
To set the monitored ports:
rdpguard-cli /imap ports set <ports>
<ports> - one or multiple ports, comma-separated
To get the monitored ports:
rdpguard-cli /imap ports get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored ports to 143, run the following command:
rdpguard-cli /imap ports set 143
get
The get command allows you to get the current IMAP protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /imap get
The following output will be displayed:
enabled : off
monitoring-method : logs
server : SmarterMail
logs : C:\Temp\smartermail
traffic-monitoring-method: rawsockets
raw-sockets-addresses : *
pcap-adapter : rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}
ports : 143
set
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /imap set
The following output will be displayed:
To set engine settings in bulk:
rdpguard-cli /imap set <setting=value>,<setting=value>,..
POP3 Object
The pop3 object allows you to manage POP3 protection settings.
To get detailed help for the pop3 object, run the following command:
rdpguard-cli /pop3
The following output will be displayed:
Available commands:
enabled
monitoring-method
server
logs
traffic-monitoring-method
raw-sockets-addresses
pcap-adapter
ports
get
set
To get detailed help for an each command please use:
rdpguard-cli /pop3 <command>
enabled
The enabled command allows you to enable or disable the POP3 protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /pop3 enabled
The following output will be displayed:
To set the engine Enabled status:
rdpguard-cli /pop3 enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status:
rdpguard-cli /pop3 enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the POP3 protection engine, run the following command:
rdpguard-cli /pop3 enabled set on
monitoring-method
The monitoring-method command allows you to set the engine monitoring method.
To get detailed help for the monitoring-method command, run the following command:
rdpguard-cli /pop3 monitoring-method
The following output will be displayed:
To set the engine monitoring method:
rdpguard-cli /pop3 monitoring-method set <method>
<method> - engine monitoring method: logs, traffic
To get the engine monitoring method:
rdpguard-cli /pop3 monitoring-method get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine monitoring method to logs (recommended), run the following command:
rdpguard-cli /pop3 monitoring-method set logs
server
The server command allows you to set the POP3 server type.
The server must be set if you want to use the logs monitoring method.
To get detailed help for the server command, run the following command:
rdpguard-cli /pop3 server
The following output will be displayed:
To set the POP3 server type:
rdpguard-cli /pop3 server set <server-type>
<server-type> - POP3 server type:
mailenable : MailEnable
kerio : Kerio Connect
hmailserver: hMailServer
exchange : MS Exchange
axigen : Axigen Mail Server
mdaemon : MDaemon Email Server
smartermail: SmarterMail
unknown : Unknown
To get the POP3 server type:
rdpguard-cli /pop3 server get
RdpGuard Service restart is required for these changes to take effect
For example, to set the POP3 server type to hMailServer, run the following command:
rdpguard-cli /pop3 server set hmailserver
logs
The logs command allows you to set the engine monitored logs.
The logs must be set if you want to use the logs monitoring method.
To get detailed help for the logs command, run the following command:
rdpguard-cli /pop3 logs
The following output will be displayed:
To set the the engine monitored logs:
rdpguard-cli /pop3 logs set <location>
<location> - one or more comma-separated log locations
To get the engine monitored logs:
rdpguard-cli /pop3 logs get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine monitored logs to C:\Temp\hmailserver, run the following command:
rdpguard-cli /pop3 logs set C:\Temp\hmailserver
traffic-monitoring-method
The traffic-monitoring-method command allows you to set the engine traffic monitoring method.
To
get detailed help for the traffic-monitoring-method command, run the following command:
rdpguard-cli /pop3 traffic-monitoring-method
The following output will be displayed:
To set the engine traffic monitoring method:
rdpguard-cli /pop3 traffic-monitoring-method set <method>
<method> - engine traffic monitoring method: winpcap, rawsockets
To get the engine traffic monitoring method:
rdpguard-cli /pop3 traffic-monitoring-method get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine traffic monitoring method to WinPcap, run the following command:
rdpguard-cli /pop3 traffic-monitoring-method set winpcap
raw-sockets-addresses
The raw-sockets-addresses command allows you to set the monitored raw sockets addresses.
The raw sockets addresses must be set if you want to use the raw sockets traffic monitoring method.
To get detailed help for the raw-sockets-addresses command, run the following command:
rdpguard-cli /pop3 raw-sockets-addresses
The following output will be displayed:
To set the monitored raw sockets addresses:
rdpguard-cli /pop3 raw-sockets-addresses set <addresses>
<addresses> - comma-separated list of addresses (* - all addresses)
To get the monitored raw sockets addresses:
rdpguard-cli /pop3 raw-sockets-addresses get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored raw sockets addresses to all addresses, run the following command:
rdpguard-cli /pop3 raw-sockets-addresses set *
pcap-adapter
The pcap-adapter command allows you to set the WinPcap adapter for monitoring.
Pcap adapter must be set if you want to use the WinPcap traffic monitoring method.
To get detailed help for the pcap-adapter command, run the following command:
rdpguard-cli /pop3 pcap-adapter
The following output will be displayed:
To set the WinPcap adapter for monitoring:
rdpguard-cli /pop3 pcap-adapter set <adapter-id>
<adapter-id> - WinPcap adapter id (use the /pcap adapters to get one)
To get the WinPcap adapter for monitoring:
rdpguard-cli /pop3 pcap-adapter get
RdpGuard Service restart is required for these changes to take effect
For example, to set the WinPcap adapter for monitoring
to rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}, run the following command:
rdpguard-cli /pop3 pcap-adapter set rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}
ports
The ports command allows you to set the monitored ports.
To get detailed help for the ports command, run the following command:
rdpguard-cli /pop3 ports
The following output will be displayed:
To set the monitored ports:
rdpguard-cli /pop3 ports set <ports>
<ports> - one or multiple ports, comma-separated
To get the monitored ports:
rdpguard-cli /pop3 ports get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored ports to 110, run the following command:
rdpguard-cli /pop3 ports set 110
get
The get command allows you to get the current POP3 protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /pop3 get
The following output will be displayed:
enabled : off
monitoring-method : logs
server : hMailServer
logs : c:\Temp\hmailserver
traffic-monitoring-method: rawsockets
raw-sockets-addresses : *
pcap-adapter :
ports : 110
set
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /pop3 set
The following output will be displayed:
To set engine settings in bulk:
rdpguard-cli /pop3 set <setting=value>,<setting=value>,..
SMTP Object
The smtp object allows you to manage SMTP protection settings.
To get detailed help for the smtp object, run the following command:
rdpguard-cli /smtp
The following output will be displayed:
Available commands:
enabled
monitoring-method
server
logs
traffic-monitoring-method
raw-sockets-addresses
pcap-adapter
ports
get
set
advanced-settings
To get detailed help for an each command please use:
rdpguard-cli /smtp <command>
enabled
The enabled command allows you to enable or disable the SMTP protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /smtp enabled
The following output will be displayed:
To set the engine Enabled status:
rdpguard-cli /smtp enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status:
rdpguard-cli /smtp enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the SMTP protection engine, run the following command:
rdpguard-cli /smtp enabled set on
monitoring-method
The monitoring-method command allows you to set the engine monitoring method.
To get detailed help for the monitoring-method command, run the following command:
rdpguard-cli /smtp monitoring-method
The following output will be displayed:
To set the engine monitoring method:
rdpguard-cli /smtp monitoring-method set <method>
<method> - engine monitoring method: logs, traffic
To get the engine monitoring method:
rdpguard-cli /smtp monitoring-method get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine monitoring method to logs (recommended), run the following command:
rdpguard-cli /smtp monitoring-method set logs
server
The server command allows you to set the SMTP server type.
The server must be set if you want to use the logs monitoring method.
To get detailed help for the server command, run the following command:
rdpguard-cli /smtp server
The following output will be displayed:
To set the SMTP server type:
rdpguard-cli /smtp server set <server-type>
<server-type> - SMTP server type:
mailenable : MailEnable
kerio : Kerio Connect
hmailserver: hMailServer
exchange : MS Exchange
domino : IBM Domino
axigen : Axigen Mail Server
mdaemon : MDaemon Email Server
smartermail: SmarterMail
To get the SMTP server type:
rdpguard-cli /smtp server get
RdpGuard Service restart is required for these changes to take effect
For example, to set the SMTP server type to hMailServer, run the following command:
rdpguard-cli /smtp server set hmailserver
logs
The logs command allows you to set the engine monitored logs.
The logs must be set if you want to use the logs monitoring method.
To get detailed help for the logs command, run the following command:
rdpguard-cli /smtp logs
The following output will be displayed:
To set the the engine monitored logs:
rdpguard-cli /smtp logs set <location>
<location> - one or more comma-separated log locations
To get the engine monitored logs:
rdpguard-cli /smtp logs get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine monitored logs to C:\Temp\hmailserver, run the following command:
rdpguard-cli /smtp logs set C:\Temp\hmailserver
traffic-monitoring-method
The traffic-monitoring-method command allows you to set the engine traffic monitoring method.
To get detailed help for the traffic-monitoring-method command, run the following command:
rdpguard-cli /smtp traffic-monitoring-method
The following output will be displayed:
To set the engine traffic monitoring method:
rdpguard-cli /smtp traffic-monitoring-method set <method>
<method> - engine traffic monitoring method: winpcap, rawsockets
To get the engine traffic monitoring method:
rdpguard-cli /smtp traffic-monitoring-method get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine traffic monitoring method to WinPcap, run the following command:
rdpguard-cli /smtp traffic-monitoring-method set winpcap
raw-sockets-addresses
The raw-sockets-addresses command allows you to set the monitored raw sockets addresses.
The raw sockets addresses must be set if you want to use the raw sockets traffic monitoring method.
To get detailed help for the raw-sockets-addresses command, run the following command:
rdpguard-cli /smtp raw-sockets-addresses
The following output will be displayed:
To set the monitored raw sockets addresses:
rdpguard-cli /smtp raw-sockets-addresses set <addresses>
<addresses> - comma-separated list of addresses (* - all addresses)
To get the monitored raw sockets addresses:
rdpguard-cli /smtp raw-sockets-addresses get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored raw sockets addresses to all addresses, run the following command:
rdpguard-cli /smtp raw-sockets-addresses set *
pcap-adapter
The pcap-adapter command allows you to set the WinPcap adapter for monitoring.
Pcap adapter must be set if you want to use the WinPcap traffic monitoring method.
To get detailed help for the pcap-adapter command, run the following command:
rdpguard-cli /smtp pcap-adapter
The following output will be displayed:
To set the WinPcap adapter for monitoring:
rdpguard-cli /smtp pcap-adapter set <adapter-id>
<adapter-id> - WinPcap adapter id (use the /pcap adapters to get one)
To get the WinPcap adapter for monitoring:
rdpguard-cli /smtp pcap-adapter get
RdpGuard Service restart is required for these changes to take effect
For example, to set the WinPcap adapter for monitoring
to rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}, run the following command:
rdpguard-cli /smtp pcap-adapter set rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}
ports
The ports command allows you to set the monitored ports.
To get detailed help for the ports command, run the following command:
rdpguard-cli /smtp ports
The following output will be displayed:
To set the monitored ports:
rdpguard-cli /smtp ports set <ports>
<ports> - one or multiple ports, comma-separated
To get the monitored ports:
rdpguard-cli /smtp ports get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored ports to 25, run the following command:
rdpguard-cli /smtp ports set 25
get
The get command allows you to get the current SMTP protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /smtp get
The following output will be displayed:
enabled : on
monitoring-method : logs
server : hMailServer
logs : C:\Temp\hmailserver
traffic-monitoring-method: rawsockets
raw-sockets-addresses : *
pcap-adapter :
ports : 25
advanced-settings : failed-web-admin,failed-web-mail,username-enum,relay-attempts,spam-attacks,dns-blacklisted,no-reverse-dns
set
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /smtp set
The following output will be displayed:
To set engine settings in bulk:
rdpguard-cli /smtp set <setting=value>,<setting=value>,..
advanced-settings
The advanced-settings command allows you to set advanced SMTP protection settings.
To get detailed help for the advanced-settings command, run the following command:
rdpguard-cli /smtp advanced-settings
The following output will be displayed:
To set advanced SMTP protection settings:
rdpguard-cli /smtp advanced-settings set <settings>
<settings> - comma-separated list of advanced settings:
failed-web-admin : Failed web admin logins
failed-web-mail : Failed web mail logins
username-enum : Username enumeration attempts
relay-attempts : Relay attempts
spam-attacks : Spam attacks
dns-blacklisted : DNS blacklisted IPs
no-reverse-dns : No reverse DNS entries
To get the advanced SMTP protection settings:
rdpguard-cli /smtp advanced-settings get
RdpGuard Service restart is required for these changes to take effect
For example, to set the advanced settings to monitor failed web admin logins and spam attacks, run the following command:
rdpguard-cli /smtp advanced-settings set failed-web-admin,spam-attacks
MySQL Object
The mysql object allows you to manage MySQL protection settings.
To get detailed help for the mysql object, run the following command:
rdpguard-cli /mysql
The following output will be displayed:
Available commands:
enabled
log-type
config-location
general-log-location
get
set
To get detailed help for an each command please use:
rdpguard-cli /mysql <command>
enabled
The enabled command allows you to enable or disable the MySQL protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /mysql enabled
The following output will be displayed:
To set the engine Enabled status:
rdpguard-cli /mysql enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status:
rdpguard-cli /mysql enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the MySQL protection engine, run the following command:
rdpguard-cli /mysql enabled set on
log-type
The log-type command allows you to set the MySQL log type.
To get detailed help for the log-type command, run the following command:
rdpguard-cli /mysql log-type
The following output will be displayed:
To set the MySQL log type:
rdpguard-cli /mysql log-type set <log-type>
<log-type> - application, general
To get the MySQL log type:
rdpguard-cli /mysql log-type get
RdpGuard Service restart is required for these changes to take effect
For example, to set the MySQL log type to application, run the following command:
rdpguard-cli /mysql log-type set application
config-location
The config-location command allows you to set the MySQL config location.
To get detailed help for the config-location command, run the following command:
rdpguard-cli /mysql config-location
The following output will be displayed:
To set the MySQL config location:
rdpguard-cli /mysql config-location set <location>
<location> - the location of MySQL configuration file
specify "auto" to automatically detect the location
To get the MySQL config location:
rdpguard-cli /mysql config-location get
RdpGuard Service restart is required for these changes to take effect
For example, to set the MySQL config location to C:\MySql, run the following command:
rdpguard-cli /mysql config-location set C:\MySql
general-log-location
The general-log-location command allows you to set the MySQL general log file location.
To get detailed help for the general-log-location command, run the following command:
rdpguard-cli /mysql general-log-location
The following output will be displayed:
To set the MySQL general log file location:
rdpguard-cli /mysql general-log-location set <location>
<location> - the location of MySQL general log file
specify "auto" to automatically detect the location
To get the MySQL general log file location:
rdpguard-cli /mysql general-log-location get
RdpGuard Service restart is required for these changes to take effect
For example, to set the MySQL general log file location to auto, run the following command:
rdpguard-cli /mysql general-log-location set auto
get
The get command allows you to get the current MySQL protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /mysql get
The following output will be displayed:
enabled : off
log-type : Application
config-location : C:\Temp
general-log-location: auto
set
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /mysql set
The following output will be displayed:
To set engine settings in bulk:
rdpguard-cli /mysql set <setting=value>,<setting=value>,..
MSSQL Object
The mssql object allows you to manage MSSQL protection settings.
To get detailed help for the mssql object, run the following command:
rdpguard-cli /mssql
The following output will be displayed:
Available commands:
enabled
events
18456-exclusions
get
set
To get detailed help for an each command please use:
rdpguard-cli /mssql <command>
enabled
The enabled command allows you to enable or disable the MSSQL protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /mssql enabled
The following output will be displayed:
To set the engine Enabled status:
rdpguard-cli /mssql enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status:
rdpguard-cli /mssql enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the MSSQL protection engine, run the following command:
rdpguard-cli /mssql enabled set on
events
The events command allows you to set the events to monitor.
To get detailed help for the events command, run the following command:
rdpguard-cli /mssql events
The following output will be displayed:
To set the events to monitor:
rdpguard-cli /mssql events set <ids>
<ids> - comma-separated list of event IDs to monitor
supported IDs are: 18456, 17832, 17836
To get the events to monitor:
rdpguard-cli /mssql events get
RdpGuard Service restart is required for these changes to take effect
For example, to set the events to monitor to 18456, 17832, and 17836, run the following command:
rdpguard-cli /mssql events set 18456,17832,17836
18456-exclusions
The 18456-exclusions command allows you to set the exclusions for event ID 18456.
To get detailed help for the 18456-exclusions command, run the following command:
rdpguard-cli /mssql 18456-exclusions
The following output will be displayed:
To set the exclusions for event ID 18456:
rdpguard-cli /mssql 18456-exclusions set <exclusions>
<exclusions> - comma-separated list of exclusions for event ID 18456
event is skipped if the Reason field contains any of the exclusion patterns
To get the exclusions for event ID 18456:
rdpguard-cli /mssql 18456-exclusions get
RdpGuard Service restart is required for these changes to take effect
For example, to set the exclusions for event ID 18456, run the following command:
rdpguard-cli /mssql 18456-exclusions set exclusion1,exclusion2
get
The get command allows you to get the current MSSQL protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /mssql get
The following output will be displayed:
enabled : off
events : 18456,17832,17836
18456-exclusions:
set
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /mssql set
The following output will be displayed:
To set engine settings in bulk:
rdpguard-cli /mssql set <setting=value>,<setting=value>,..
SIP Object
The sip object allows you to manage SIP protection settings.
To get detailed help for the sip object, run the following command:
rdpguard-cli /sip
The following output will be displayed:
Available commands:
enabled
traffic-monitoring-method
raw-sockets-addresses
pcap-adapter
ports
get
set
To get detailed help for an each command please use:
rdpguard-cli /sip <command>
enabled
The enabled command allows you to enable or disable the
SIP protection
engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /sip enabled
The following output will be displayed:
To set the engine Enabled status:
rdpguard-cli /sip enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status:
rdpguard-cli /sip enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the SIP protection engine, run the following command:
rdpguard-cli /sip enabled set on
traffic-monitoring-method
The traffic-monitoring-method command allows you to set the engine traffic monitoring method.
To get detailed help for the traffic-monitoring-method command, run the following command:
rdpguard-cli /sip traffic-monitoring-method
The following output will be displayed:
To set the engine traffic monitoring method:
rdpguard-cli /sip traffic-monitoring-method set <method>
<method> - engine traffic monitoring method: winpcap, rawsockets
To get the engine traffic monitoring method:
rdpguard-cli /sip traffic-monitoring-method get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine traffic monitoring method to WinPcap, run the following command:
rdpguard-cli /sip traffic-monitoring-method set winpcap
raw-sockets-addresses
The raw-sockets-addresses command allows you to set the monitored raw sockets addresses.
The raw sockets addresses must be set if you want to use the raw sockets traffic monitoring method.
To get detailed help for the raw-sockets-addresses command, run the following command:
rdpguard-cli /sip raw-sockets-addresses
The following output will be displayed:
To set the monitored raw sockets addresses:
rdpguard-cli /sip raw-sockets-addresses set <addresses>
<addresses> - comma-separated list of addresses (* - all addresses)
To get the monitored raw sockets addresses:
rdpguard-cli /sip raw-sockets-addresses get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored raw sockets addresses to all addresses, run the following command:
rdpguard-cli /sip raw-sockets-addresses set *
pcap-adapter
The pcap-adapter command allows you to set the WinPcap adapter for monitoring.
Pcap adapter must be set if you want to use the WinPcap traffic monitoring method.
To get detailed help for the pcap-adapter command, run the following command:
rdpguard-cli /sip pcap-adapter
The following output will be displayed:
To set the WinPcap adapter for monitoring:
rdpguard-cli /sip pcap-adapter set <adapter-id>
<adapter-id> - WinPcap adapter id (use the /pcap adapters to get one)
To get the WinPcap adapter for monitoring:
rdpguard-cli /sip pcap-adapter get
RdpGuard Service restart is required for these changes to take effect
For example, to set the WinPcap adapter for monitoring
to rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}, run the following command:
rdpguard-cli /sip pcap-adapter set rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}
ports
The ports command allows you to set the monitored ports.
To get detailed help for the ports command, run the following command:
rdpguard-cli /sip ports
The following output will be displayed:
To set the monitored ports:
rdpguard-cli /sip ports set <ports>
<ports> - one or multiple ports, comma-separated
To get the monitored ports:
rdpguard-cli /sip ports get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored ports to 5060, run the following command:
rdpguard-cli /sip ports set 5060
get
The get command allows you to get the current SIP protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /sip get
The following output will be displayed:
enabled : off
traffic-monitoring-method: winpcap
raw-sockets-addresses : *
pcap-adapter : rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}
ports : 5060
set
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /sip set
The following output will be displayed:
To set engine settings in bulk:
rdpguard-cli /sip set <setting=value>,<setting=value>,..
The webforms object allows you to manage ASP.NET web forms protection settings.
To get detailed help for the webforms object, run the following command:
rdpguard-cli /webforms
The following output will be displayed:
Available commands:
enabled
rules
get
set
To get detailed help for an each command please use:
rdpguard-cli /webforms <command>
The enabled command allows you to enable or disable the ASP.NET web forms protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /webforms enabled
The following output will be displayed:
To set the engine Enabled status:
rdpguard-cli /webforms enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status:
rdpguard-cli /webforms enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the WebForms protection engine, run the following command:
rdpguard-cli /webforms enabled set on
The rules command allows you to set the detection rules.
To get detailed help for the rules command, run the following command:
rdpguard-cli /webforms rules
The following output will be displayed:
To set the detection rules:
rdpguard-cli /webforms rules set <rules>
<rules> - webforms detection rules
To get the detection rules:
rdpguard-cli /webforms rules get
RdpGuard Service restart is required for these changes to take effect
For example, to set the detection rules, run the following command:
rdpguard-cli /webforms rules set EventData1=3003,EventData18=HttpRequestValidationException\r\nEventData1=3005,EventData18=HttpException,EventData19=*ValidateInputIfRequiredByConfig*
Please note, new line characters \r\n are used to separate the rules.
The get command allows you to get the current WebForms protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /webforms get
The following output will be displayed:
enabled: off
rules :
EventData1=3003,EventData18=HttpRequestValidationException
EventData1=3005,EventData18=HttpException,EventData19=*ValidateInputIfRequiredByConfig*
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /webforms set
The following output will be displayed:
To set engine settings in bulk:
rdpguard-cli /webforms set <setting=value>,<setting=value>,..
RDWeb Object
The rdweb object allows you to manage RDWeb protection settings.
To get detailed help for the rdweb object, run the following command:
rdpguard-cli /rdweb
The following output will be displayed:
Available commands:
enabled
log-location
use-x-forwarded-for-field
get
set
To get detailed help for an each command please use:
rdpguard-cli /rdweb <command>
enabled
The enabled command allows you to enable or disable the RDWeb protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /rdweb enabled
The following output will be displayed:
To set the engine Enabled status:
rdpguard-cli /rdweb enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status:
rdpguard-cli /rdweb enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the RDWeb protection engine, run the following command:
rdpguard-cli /rdweb enabled set on
log-location
The log-location command allows you to set the IIS log files location for RDWeb.
To get detailed help for the log-location command, run the following command:
rdpguard-cli /rdweb log-location
The following output will be displayed:
To set the IIS log files location:
rdpguard-cli /rdweb log-location set <location>
<location> - the location of RD Web Access website log files
use 'auto' to automatically discover the log files location
To get the IIS log files location:
rdpguard-cli /rdweb log-location get
RdpGuard Service restart is required for these changes to take effect
For example, to set the log files location to 'auto', run the following command:
rdpguard-cli /rdweb log-location set auto
use-x-forwarded-for-field
The use-x-forwarded-for-field command allows you to set the Use X-Forwarded-For Field flag.
To get detailed help for the use-x-forwarded-for-field command, run the following command:
rdpguard-cli /rdweb use-x-forwarded-for-field
The following output will be displayed:
To set the Use X-Forwarded-For Field flag:
rdpguard-cli /rdweb use-x-forwarded-for-field set <on|off>
<on|off> - on to use the X-Forwarded-For Field to read client IP address and off otherwise
DO NOT ENABLE THIS OPTION UNLESS YOU ARE HOSTING YOUR RD-WEB ACCESS WEBSITE BEHIND A PROXY
To get the Use X-Forwarded-For Field flag status:
rdpguard-cli /rdweb use-x-forwarded-for-field get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the Use X-Forwarded-For Field feature, please run the following command:
rdpguard-cli /rdweb use-x-forwarded-for-field set on
get
The get command allows you to get the current RDWeb protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /rdweb get
The following output will be displayed:
enabled : on
log-location : auto
use-x-forwarded-for-field : off
set
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /rdweb set
The following output will be displayed:
To set engine settings in bulk:
rdpguard-cli /rdweb set <setting=value>,<setting=value>,..
MSVPN Object
The msvpn object allows you to manage MSVPN protection settings.
To get detailed help for the msvpn object, run the following command:
rdpguard-cli /msvpn
The following output will be displayed:
Available commands:
enabled
get
set
To get detailed help for an each command please use:
rdpguard-cli /msvpn <command>
enabled
The enabled command allows you to enable or disable the
MSVPN protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /msvpn enabled
The following output will be displayed:
To set the engine Enabled status:
rdpguard-cli /msvpn enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status:
rdpguard-cli /msvpn enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the MSVPN protection engine, run the following command:
rdpguard-cli /msvpn enabled set on
get
The get command allows you to get the current MSVPN protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /msvpn get
The following output will be displayed:
enabled: off
set
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /msvpn set
The following output will be displayed:
To set engine settings in bulk:
rdpguard-cli /msvpn set <setting=value>,<setting=value>,..
|
