RdpGuard Command Line Interface
Starting from version 9.7.1, RdpGuard has a command line interface (CLI) that allows you to manage
all RdpGuard settings from the command line.
To start the CLI, open a command prompt and run the following command:
cd %programfiles(x86)%\RdpGuard
rdpguard-cli
The following output will be displayed:
Usage:
rdpguard-cli /<object> <command> [parameters]
Available objects:
options
blocking
ipcloud
geoip
ui
proxy
log
whitelist
blacklist
ip
diagnostics
license
smtp-servers
custom-actions
pcap
rdp
ftp
http
imap
pop3
smtp
mysql
mssql
sip
webforms
rdweb
msvpn
To get detailed help for an each object please use:
rdpguard-cli /<object>
Options Object
The options object allows you to manage RdpGuard settings.
To get detailed help for the options object, run the following command:
rdpguard-cli /options
The following output will be displayed:
Available commands:
new-version-check
To get detailed help for an each command please use:
rdpguard-cli /options <command>
new-version-check
The new-version-check command allows you to enable or disable automatic new version check.
To get detailed help for the new-version-check command, run the following command:
rdpguard-cli /options new-version-check
The following output will be displayed:
To set the new version check, please use the following syntax:
rdpguard-cli /options new-version-check set on|off
on|off - on to enable new version check and off otherwise
To get the new version check, please use the following syntax:
rdpguard-cli /options new-version-check get
For example, to enable new version check, run the following command:
rdpguard-cli /options new-version-check set on
Blocking Object
The blocking object allows you to manage IP blocking settings.
To get detailed help for the blocking object, run the following command:
rdpguard-cli /blocking
The following output will be displayed:
Available commands:
max-failed-logins
failed-logins-ttl
duration
ports
get
set
To get detailed help for an each command please use:
rdpguard-cli /blocking <command>
max-failed-logins
The max-failed-logins command allows you to set the maximum number of failed login attempts per IP address.
To get detailed help for the max-failed-logins command, run the following command:
rdpguard-cli /blocking max-failed-logins
The following output will be displayed:
To set the max failed login attempts, please use the following syntax:
rdpguard-cli /blocking max-failed-logins set n
n - the number of failed login attempts per single IP address allowed
To get the max failed login attempts, please use the following syntax:
rdpguard-cli /blocking max-failed-logins get
For example, to set the maximum number of failed login attempts per IP address to 5, run the following command:
rdpguard-cli /blocking max-failed-logins set 5
failed-logins-ttl
The failed-logins-ttl command allows you to set the time period during which failed login attempts information is stored.
To get detailed help for the failed-logins-ttl command, run the following command:
rdpguard-cli /blocking failed-logins-ttl
The following output will be displayed:
To set the failed login attempts TTL, please use the following syntax:
rdpguard-cli /blocking failed-logins-ttl set n
n - the number of hours the failed login attempts information stored
To get the failed login attempts TTL, please use the following syntax:
rdpguard-cli /blocking failed-logins-ttl get
For example, to set the time period during which failed login attempts information is stored to 24 hours, run the following command:
rdpguard-cli /blocking failed-logins-ttl set 24
duration
The duration command allows you to set the time period during which an IP address remains blocked.
To get detailed help for the duration command, run the following command:
rdpguard-cli /blocking duration
The following output will be displayed:
To set the blocking duration, please use the following syntax:
rdpguard-cli /blocking duration set n
n - the number of hours the IP address remains blocked
To get the blocking duration, please use the following syntax:
rdpguard-cli /blocking duration get
For example, to set the time period during which an IP address remains blocked to 24 hours, run the following command:
rdpguard-cli /blocking duration set 24
ports
The ports command allows you to set the ports that are denied for blocked IP addresses.
To get detailed help for the ports command, run the following command:
rdpguard-cli /blocking ports
The following output will be displayed:
To set which ports are denied for blocked IP, please use the following syntax:
rdpguard-cli /blocking ports set p
p - comma separated list of ports, * mean all ports (recommended)
To get which ports are denied for blocked IP, please use the following syntax:
rdpguard-cli /blocking ports get
All IP addresses are unblocked if you change this option
For example, to set all ports as denied for blocked IP addresses, run the following command:
rdpguard-cli /blocking ports set *
Please note that all IP addresses are unblocked if you change this option.
get
The get command allows you to get the current blocking settings.
To get all blocking settings, run the following command:
rdpguard-cli /blocking get
The following output will be displayed:
max-failed-logins: 3
failed-logins-ttl: 24
duration : 24
ports : *
set
The set command allows you to set multiple blocking settings at once.
To set multiple blocking settings at once, run the following command:
rdpguard-cli /blocking set <setting=value>,<setting=value>,...
For example, to set the maximum number of failed login attempts per IP address to 5
and the ports that are denied for blocked IP addresses to all ports, run the following command:
rdpguard-cli /blocking set max-failed-logins=5,ports=*
Please note that setting=value pairs are separated by comma and there are no spaces between them.
IP Cloud Object
The ipcloud object allows you to manage IP Cloud settings.
To get detailed help for the ipcloud object, run the following command:
rdpguard-cli /ipcloud
The following output will be displayed:
Available commands:
enabled
To get detailed help for an each command please use:
rdpguard-cli /ipcloud <command>
enabled
The enabled command allows you to enable or disable IP Cloud.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /ipcloud enabled
The following output will be displayed:
To set the IP Cloud enabled status, please use the following syntax:
rdpguard-cli /ipcloud enabled set on|off
on|off - on to enable IP Cloud and off otherwise
To get the IP Cloud enabled status, please use the following syntax:
rdpguard-cli /ipcloud enabled get
For example, to enable IP Cloud, run the following command:
rdpguard-cli /ipcloud enabled set on
GeoIP Object
The geoip object allows you to manage Geo-IP settings.
To get detailed help for the geoip object, run the following command:
rdpguard-cli /geoip
The following output will be displayed:
Available commands:
enabled
mode
db-version
countries
dry-run
allow-loopback
allow-local
allow-whitelisted
get
set
To get detailed help for an each command please use:
rdpguard-cli /geoip <command>
enabled
The enabled command allows you to enable or disable Geo-IP.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /geoip enabled
The following output will be displayed:
To set the Geo-IP enabled status, please use the following syntax:
rdpguard-cli /geoip enabled set on|off
on|off - on to enable Geo-IP and off otherwise
To get the Geo-IP enabled status, please use the following syntax:
rdpguard-cli /geoip enabled get
For example, to enable Geo-IP, run the following command:
rdpguard-cli /geoip enabled set on
mode
The mode command allows you to set the Geo-IP mode.
To get detailed help for the mode command, run the following command:
rdpguard-cli /geoip mode
The following output will be displayed:
To set the Geo-IP mode, please use the following syntax:
rdpguard-cli /geoip mode set block|allow
block - block specific countries (all others are allowed)
allow - allow specific countries (all others are denied)
To get the Geo-IP mode, please use the following syntax:
rdpguard-cli /geoip mode get
For example, to set the Geo-IP mode to block, run the following command:
rdpguard-cli /geoip mode set block
db-version
The db-version command allows you to set the Geo-IP database version.
To get detailed help for the db-version command, run the following command:
rdpguard-cli /geoip db-version
The following output will be displayed:
To set the Geo-IP database version, please use the following syntax:
rdpguard-cli /geoip db-version set lite|max
lite - fewer entries, lower impact on OS performance, less accurate
max - more entries, higher impact on OS performance, more accurate
To get the Geo-IP database version, please use the following syntax:
rdpguard-cli /geoip db-version get
For example, to set the Geo-IP database version to max, run the following command:
rdpguard-cli /geoip db-version set max
countries
The countries command allows you to set the Geo-IP countries.
To get detailed help for the countries command, run the following command:
rdpguard-cli /geoip countries
The following output will be displayed:
To set the Geo-IP countries, please use the following syntax:
rdpguard-cli /geoip countries set list
list - comma-separated list of country codes
To get the Geo-IP countries, please use the following syntax:
rdpguard-cli /geoip countries get
For example, to set the Geo-IP countries to US, run the following command:
rdpguard-cli /geoip countries set us
dry-run
The dry-run command allows you to enable or disable Geo-IP Dry Run mode.
To get detailed help for the dry-run command, run the following command:
rdpguard-cli /geoip dry-run
The following output will be displayed:
To set the Geo-IP Dry Run flag, please use the following syntax:
rdpguard-cli /geoip dry-run set on|off
on|off - on to enable Dry Run mode and off otherwise
To get the Geo-IP Dry Run flag, please use the following syntax:
rdpguard-cli /geoip dry-run get
For example, to enable Geo-IP Dry Run mode, run the following command:
rdpguard-cli /geoip dry-run set on
allow-loopback
The allow-loopback command allows you to enable or disable Geo-IP Allow Loopback flag.
To get detailed help for the allow-loopback command, run the following command:
rdpguard-cli /geoip allow-loopback
The following output will be displayed:
To set the Geo-IP Allow Loopback flag, please use the following syntax:
rdpguard-cli /geoip allow-loopback set on|off
on|off - on to allow loopback connections and off otherwise
To get the Geo-IP Allow Loopback flag, please use the following syntax:
rdpguard-cli /geoip allow-loopback get
For example, to enable Geo-IP Allow Loopback flag, run the following command:
rdpguard-cli /geoip allow-loopback set on
allow-local
The allow-local command allows you to enable or disable Geo-IP Allow Local flag.
To get detailed help for the allow-local command, run the following command:
rdpguard-cli /geoip allow-local
The following output will be displayed:
To set the Geo-IP Allow Local flag, please use the following syntax:
rdpguard-cli /geoip allow-local set on|off
on|off - on to allow local connections and off otherwise
To get the Geo-IP Allow Local flag, please use the following syntax:
rdpguard-cli /geoip allow-local get
For example, to enable Geo-IP Allow Local flag, run the following command:
rdpguard-cli /geoip allow-local set on
allow-whitelisted
The allow-whitelisted command allows you to enable or disable Geo-IP Allow Whitelisted flag.
To get detailed help for the allow-whitelisted command, run the following command:
rdpguard-cli /geoip allow-whitelisted
The following output will be displayed:
To set the Geo-IP Allow Whitelisted flag, please use the following syntax:
rdpguard-cli /geoip allow-whitelisted set on|off
on|off - on to allow whitelisted connections and off otherwise
To get the Geo-IP Allow Whitelisted flag, please use the following syntax:
rdpguard-cli /geoip allow-whitelisted get
For example, to enable Geo-IP Allow Whitelisted flag, run the following command:
rdpguard-cli /geoip allow-whitelisted set on
get
The get command allows you to get the current Geo-IP settings.
To get all Geo-IP settings, run the following command:
rdpguard-cli /geoip get
The following output will be displayed:
enabled : on
mode : block
db-version : max
countries : us
dry-run : off
allow-loopback : on
allow-local : on
allow-whitelisted: on
set
The set command allows you to set multiple Geo-IP settings at once.
To set multiple Geo-IP settings at once, run the following command:
rdpguard-cli /geoip set <setting=value>,<setting=value>,...
For example, to set the Geo-IP mode to block and the Geo-IP countries to XX, run the following command:
rdpguard-cli /geoip set mode=block,countries=xx
Please note that setting=value pairs are separated by comma and there are no spaces between them.
UI Object
The ui object allows you to manage RdpGuard UI settings.
To get detailed help for the ui object, run the following command:
rdpguard-cli /ui
The following output will be displayed:
Available commands:
icon-in-tray
minimize-to-tray
close-to-tray
status-bar
event-log
entries-per-page
color-theme
get
set
To get detailed help for an each command please use:
rdpguard-cli /ui <command>
icon-in-tray
The icon-in-tray command allows you to set the icon in system tray status.
To get detailed help for the icon-in-tray command, run the following command:
rdpguard-cli /ui icon-in-tray
The following output will be displayed:
To set the icon in system tray status, please use the following syntax:
rdpguard-cli /ui icon-in-tray set on|off
on|off - on to show icon in system tray and off otherwise
To get the icon in system tray status, please use the following syntax:
rdpguard-cli /ui icon-in-tray get
For example, to set the icon in system tray status to on, run the following command:
rdpguard-cli /ui icon-in-tray set on
minimize-to-tray
The minimize-to-tray command allows you to set the minimize to system tray status.
To get detailed help for the minimize-to-tray command, run the following command:
rdpguard-cli /ui minimize-to-tray
The following output will be displayed:
To set the minimize to system tray status, please use the following syntax:
rdpguard-cli /ui minimize-to-tray set on|off
on|off - on to minimize to system tray and off otherwise
To get the minimize to system tray status, please use the following syntax:
rdpguard-cli /ui minimize-to-tray get
For example, to set the minimize to system tray status to on, run the following command:
rdpguard-cli /ui minimize-to-tray set on
close-to-tray
The close-to-tray command allows you to set the close to system tray status.
To get detailed help for the close-to-tray command, run the following command:
rdpguard-cli /ui close-to-tray
The following output will be displayed:
To set the close to system tray status, please use the following syntax:
rdpguard-cli /ui close-to-tray set on|off
on|off - on to close to system tray and off otherwise
To get the close to system tray status, please use the following syntax:
rdpguard-cli /ui close-to-tray get
For example, to set the close to system tray status to on, run the following command:
rdpguard-cli /ui close-to-tray set on
status-bar
The status-bar command allows you to set the show status bar status.
To get detailed help for the status-bar command, run the following command:
rdpguard-cli /ui status-bar
The following output will be displayed:
To set the show status bar status, please use the following syntax:
rdpguard-cli /ui status-bar set on|off
on|off - on to show status bar and off otherwise
To get the show status bar status, please use the following syntax:
rdpguard-cli /ui status-bar get
For example, to set the show status bar status to on, run the following command:
rdpguard-cli /ui status-bar set on
event-log
The event-log command allows you to set the show event log status.
To get detailed help for the event-log command, run the following command:
rdpguard-cli /ui event-log
The following output will be displayed:
To set the show event log status, please use the following syntax:
rdpguard-cli /ui event-log set on|off
on|off - on to show event log and off otherwise
To get the show event log status, please use the following syntax:
rdpguard-cli /ui event-log get
For example, to set the show event log status to on, run the following command:
rdpguard-cli /ui event-log set on
entries-per-page
The entries-per-page command allows you to set the IP addresses per page.
To get detailed help for the entries-per-page command, run the following command:
rdpguard-cli /ui entries-per-page
The following output will be displayed:
To set the IP addresses per page, please use the following syntax:
rdpguard-cli /ui entries-per-page set n
n - number of IP addresses per page
To get the IP addresses per page, please use the following syntax:
rdpguard-cli /ui entries-per-page get
For example, to set the IP addresses per page to 100, run the following command:
rdpguard-cli /ui entries-per-page set 100
color-theme
The color-theme command allows you to set the color theme.
To get detailed help for the color-theme command, run the following command:
rdpguard-cli /ui color-theme
The following output will be displayed:
To set color theme, please use the following syntax:
rdpguard-cli /ui color-theme set light|dark|system
light - light color theme
dark - dark color theme
system - system color theme
To get color theme, please use the following syntax:
rdpguard-cli /ui color-theme get
For example, to set the color theme to dark, run the following command:
rdpguard-cli /ui color-theme set dark
get
The get command allows you to get the current UI settings.
To get all UI settings, run the following command:
rdpguard-cli /ui get
The following output will be displayed:
icon-in-tray : on
minimize-to-tray : off
close-to-tray : off
status-bar : on
event-log : on
entries-per-page : 100
color-theme : System
set
The set command allows you to set multiple UI settings at once.
To set multiple UI settings at once, run the following command:
rdpguard-cli /ui set <setting=value>,<setting=value>,...
For example, to set the icon in system tray status to on and the show status bar status to off, run the following command:
rdpguard-cli /ui set icon-in-tray=on,status-bar=off
Please note that setting=value pairs are separated by comma and there are no spaces between them.
Proxy Object
The proxy object allows you to manage Proxy settings.
To get detailed help for the proxy object, run the following command:
rdpguard-cli /proxy
The following output will be displayed:
Available commands:
mode
address
port
authentication
username
password
domain
get
set
To get detailed help for an each command please use:
rdpguard-cli /proxy <command>
mode
The mode command allows you to set the proxy mode.
To get detailed help for the mode command, run the following command:
rdpguard-cli /proxy mode
The following output will be displayed:
To set the proxy mode, please use the following syntax:
rdpguard-cli /proxy mode set disabled|auto|manual
disabled - disable proxy
auto - use system proxy settings
manual - use manual proxy settings
To get the proxy mode, please use the following syntax:
rdpguard-cli /proxy mode get
For example, to set the proxy mode to manual, run the following command:
rdpguard-cli /proxy mode set manual
address
The address command allows you to set the proxy address.
To get detailed help for the address command, run the following command:
rdpguard-cli /proxy address
The following output will be displayed:
To set the proxy address, please use the following syntax:
rdpguard-cli /proxy address set <address>
<address> - the proxy address
To get the proxy address, please use the following syntax:
rdpguard-cli /proxy address get
For example, to set the proxy address to 192.168.2.200, run the following command:
rdpguard-cli /proxy address set 192.168.2.200
port
The port command allows you to set the proxy port.
To get detailed help for the port command, run the following command:
rdpguard-cli /proxy port
The following output will be displayed:
To set the proxy port, please use the following syntax:
rdpguard-cli /proxy port set <port>
<port> - the proxy port
To get the proxy port, please use the following syntax:
rdpguard-cli /proxy port get
For example, to set the proxy port to 8080, run the following command:
rdpguard-cli /proxy port set 8080
authentication
The authentication command allows you to set the proxy authentication.
To get detailed help for the authentication command, run the following command:
rdpguard-cli /proxy authentication
The following output will be displayed:
To set the proxy authentication, please use the following syntax:
rdpguard-cli /proxy authentication set on|off
on|off - on to enable proxy authentication and off otherwise
To get the proxy authentication, please use the following syntax:
rdpguard-cli /proxy authentication get
For example, to enable proxy authentication, run the following command:
rdpguard-cli /proxy authentication set on
username
The username command allows you to set the proxy username.
To get detailed help for the username command, run the following command:
rdpguard-cli /proxy username
The following output will be displayed:
To set the proxy username, please use the following syntax:
rdpguard-cli /proxy username set <username>
<username> - the proxy username
To get the proxy username, please use the following syntax:
rdpguard-cli /proxy username get
For example, to set the proxy username to user1, run the following command:
rdpguard-cli /proxy username set user1
password
The password command allows you to set the proxy password.
To get detailed help for the password command, run the following command:
rdpguard-cli /proxy password
The following output will be displayed:
To set the proxy password, please use the following syntax:
rdpguard-cli /proxy password set <password>
<password> - the proxy password
To get the proxy password, please use the following syntax:
rdpguard-cli /proxy password get
For example, to set the proxy password to uK&8pNUKK%QW$ih!f94n, run the following command:
rdpguard-cli /proxy password set "uK&8pNUKK%QW$ih!f94n"
Please note that the password should be enclosed in double quotes as it may contain special characters.
domain
The domain command allows you to set the proxy domain.
To get detailed help for the domain command, run the following command:
rdpguard-cli /proxy domain
The following output will be displayed:
To set the proxy domain, please use the following syntax:
rdpguard-cli /proxy domain set <domain>
<domain> - the proxy domain
To get the proxy domain, please use the following syntax:
rdpguard-cli /proxy domain get
For example, to set the proxy domain to domain1, run the following command:
rdpguard-cli /proxy domain set domain1
get
The get command allows you to get the current Proxy settings.
To get all Proxy settings, run the following command:
rdpguard-cli /proxy get
The following output will be displayed:
mode : disabled
address : 192.168.2.200
port : 8080
authentication: on
username : user1
password : uK&8pNUKK%QW$ih!f94n
domain :
set
The set command allows you to set multiple Proxy settings at once.
To set multiple Proxy settings at once, run the following command:
rdpguard-cli /proxy set <setting=value>,<setting=value>,...
For example, to set the proxy mode to manual and the proxy address to 192.168.3.100 run the following command:
rdpguard-cli /proxy set mode=manual,address=192.168.3.100
Please note that setting=value pairs are separated by comma and there are no spaces between them.
Log Object
The log object allows you to manage RdpGuard log settings.
To get detailed help for the log object, run the following command:
rdpguard-cli /log
The following output will be displayed:
Available commands:
verbosity
save-to-file
get
set
To get detailed help for an each command please use:
rdpguard-cli /log <command>
verbosity
The verbosity command allows you to set the log verbosity level.
To get detailed help for the verbosity command, run the following command:
rdpguard-cli /log verbosity
The following output will be displayed:
To set the log verbosity level, please use the following syntax:
rdpguard-cli /log verbosity set <verbosity>
<verbosity> - log verbosity level - verbose, brief, warningsanderrors
To get the log verbosity level, please use the following syntax:
rdpguard-cli /log verbosity get
For example, to set the log verbosity level to brief, run the following command:
rdpguard-cli /log verbosity set brief
save-to-file
The save-to-file command allows you to set the save log to file flag.
To get detailed help for the save-to-file command, run the following command:
rdpguard-cli /log save-to-file
The following output will be displayed:
To set the save log to file flag, please use the following syntax:
rdpguard-cli /log save-to-file set on|off
on|off - on to save log to file and off otherwise
To get the save log to file flag, please use the following syntax:
rdpguard-cli /log save-to-file get
For example, to enable save log to file flag, run the following command:
rdpguard-cli /log save-to-file set on
get
The get command allows you to get the current log settings.
To get all log settings, run the following command:
rdpguard-cli /log get
The following output will be displayed:
verbosity : brief
save-to-file : on
set
The set command allows you to set multiple log settings at once.
To set multiple log settings at once, run the following command:
rdpguard-cli /log set <setting=value>,<setting=value>,...
For example, to set the log verbosity level to verbose and the save log to file flag to off, run the following command:
rdpguard-cli /log set verbosity=verbose,save-to-file=off
Please note that setting=value pairs are separated by comma and there are no spaces between them.
Whitelist Object
The whitelist object allows you to manage RdpGuard Whitelist.
To get detailed help for the whitelist object, run the following command:
rdpguard-cli /whitelist
The following output will be displayed:
Available commands:
show
add
delete
import
export
To get detailed help for an each command please use:
rdpguard-cli /whitelist <command>
show
The show command allows you to show the Whitelist entries.
To get the Whitelist entries, run the following command:
rdpguard-cli /whitelist show
For example, the following output will be displayed:
IP Comment
192.168.0.0-192.168.0.255 local subnet
add
The add command allows you to add new Whitelist entries.
To get detailed help for the add command, run the following command:
rdpguard-cli /whitelist add
The following output will be displayed:
To add new entries, please use the following syntax:
rdpguard-cli /whitelist add <entries> [comment]
<entries> - IP address, range, or CIDR. Use comma to add multiple entries.
[comment] - an optional commen regarding the entry.
For example, to add the 192.168.0.0/24 subnet to the Whitelist with the comment "local subnet", run the following command:
rdpguard-cli /whitelist add 192.168.0.0/24 "local subnet"
delete
The delete command allows you to delete Whitelist entries.
To get detailed help for the delete command, run the following command:
rdpguard-cli /whitelist delete
The following output will be displayed:
To delete entries, please use the following syntax:
rdpguard-cli /whitelist delete <entries>
<entries> - IP address, range, or CIDR. Use comma to delete multiple entries.
For example, to delete the 1.2.3.4 IP address from the Whitelist, run the following command:
rdpguard-cli /whitelist delete 1.2.3.4
import
The import command allows you to import Whitelist entries.
To get detailed help for the import command, run the following command:
rdpguard-cli /whitelist import
The following output will be displayed:
To import entries, please use the following syntax:
rdpguard-cli /whitelist import <format> <file>
<format> - the format to import the entries from: json, xml, csv.
<file> - the file to import the entries from.
Please note that the existing entries will be replaced with the imported entries..
For example, to import the Whitelist entries from the whitelist.json file, run the following command:
rdpguard-cli /whitelist import json whitelist.json
export
The export command allows you to export Whitelist entries.
To get detailed help for the export command, run the following command:
rdpguard-cli /whitelist export
The following output will be displayed:
To export entries, please use the following syntax:
rdpguard-cli /whitelist export <format> <file>
<format> - the format to export the entries to: json, xml, csv.
<file> - the file to export the entries to.
For example, to export the Whitelist entries to the whitelist.json file, run the following command:
rdpguard-cli /whitelist export json whitelist.json
Blacklist Object
The blacklist object allows you to manage RdpGuard Blacklist.
To get detailed help for the blacklist object, run the following command:
rdpguard-cli /blacklist
The following output will be displayed:
Available commands:
show
add
delete
import
export
To get detailed help for an each command please use:
rdpguard-cli /blacklist <command>
show
The show command allows you to show the Blacklist entries.
To get the Blacklist entries, run the following command:
rdpguard-cli /blacklist show
For example, the following output will be displayed:
IP Comment
1.2.3.0-1.2.3.255 test subnet
add
The add command allows you to add new Blacklist entries.
To get detailed help for the add command, run the following command:
rdpguard-cli /blacklist add
The following output will be displayed:
To add new entries, please use the following syntax:
rdpguard-cli /blacklist add <entries> [comment]
<entries> - IP address, range, or CIDR. Use comma to add multiple entries.
[comment] - an optional commen regarding the entry.
For example, to add the 1.2.3.0/24 subnet to the Blacklist with the comment "test subnet", run the following command:
rdpguard-cli /blacklist add 1.2.3.0/24 "test subnet"
delete
The delete command allows you to delete Blacklist entries.
To get detailed help for the delete command, run the following command:
rdpguard-cli /blacklist delete
The following output will be displayed:
To delete entries, please use the following syntax:
rdpguard-cli /blacklist delete <entries>
<entries> - IP address, range, or CIDR. Use comma to delete multiple entries.
For example, to delete the 1.2.3.4 IP address from the Blacklist, run the following command:
rdpguard-cli /blacklist delete 1.2.3.4
import
The import command allows you to import Blacklist entries.
To get detailed help for the import command, run the following command:
rdpguard-cli /blacklist import
The following output will be displayed:
To import entries, please use the following syntax:
rdpguard-cli /blacklist import <format> <file>
<format> - the format to import the entries from: json, xml, csv.
<file> - the file to import the entries from.
For example, to import the Blacklist entries from the blacklist.json file, run the following command:
rdpguard-cli /blacklist import json blacklist.json
export
The export command allows you to export Blacklist entries.
To get detailed help for the export command, run the following command:
rdpguard-cli /blacklist export
The following output will be displayed:
To export entries, please use the following syntax:
rdpguard-cli /blacklist export <format> <file>
<format> - the format to export the entries to: json, xml, csv.
<file> - the file to export the entries to.
For example, to export the Blacklist entries to the blacklist.json file, run the following command:
rdpguard-cli /blacklist export json blacklist.json
IP Object
The ip object allows you to manage blocked IP addresses.
To get detailed help for the ip object, run the following command:
rdpguard-cli /ip
The following output will be displayed:
Available commands:
show
report
block
unblock
export
To get detailed help for an each command please use:
rdpguard-cli /ip <command>
show
The show command shows the blocked IP addresses.
To get the blocked IP addresses, run the following command:
rdpguard-cli /ip show
For example, the following output will be displayed:
2 blocked IP addresses found
[Address] [Block Date] [Unblock Date] [Protocol] [User]
1.2.3.4 6/5/2024 4:33:06 PM 6/6/2024 4:33:06 PM Test [Unknown]
5.6.7.8 6/5/2024 4:22:18 PM 6/6/2024 4:22:18 PM Test [Unknown]
report
The report command allows you to report one or more IP addresses.
To get detailed help for the report command, run the following command:
rdpguard-cli /ip report
The following output will be displayed:
To report an IP address, please use the following syntax:
rdpguard-cli /ip report <ip> <protocol> [user]
<ip> - IP address to report (comma separated addresses allowed)
<protocol> - protocol
[user] - optional user name
For example, to report the 10.11.12.13 IP address with the RDP protocol and the user name "testuser", run the following command:
rdpguard-cli /ip report 10.11.12.13 RDP testuser
block
The block command allows you to block one or more IP addresses.
To get detailed help for the block command, run the following command:
rdpguard-cli /ip block
The following output will be displayed:
To block an IP address, please use the following syntax:
rdpguard-cli /ip block <ip> <protocol> [user]
<ip> - IP address to block (comma separated addresses allowed)
<protocol> - protocol
[user] - optional user name
For example, to block the 10.10.10.10 IP address with the RDP protocol and the user name "testuser", run the following command:
rdpguard-cli /ip block 10.10.10.10 RDP testuser
unblock
The unblock command allows you to unblock one or more IP addresses.
To get detailed help for the unblock command, run the following command:
rdpguard-cli /ip unblock
The following output will be displayed:
To unblock an IP address, please use the following syntax:
rdpguard-cli /ip unblock <ip>
<ip> - IP address to unblock (comma separated addresses allowed),
use * to unblock all IP addresses
For example, to unblock the 10.10.10.10 IP address, run the following command:
rdpguard-cli /ip unblock 10.10.10.10
export
The export command allows you to export blocked IP addresses.
To get detailed help for the export command, run the following command:
rdpguard-cli /ip export
The following output will be displayed:
To export entries, please use the following syntax:
rdpguard-cli /ip export <format> <file>
<format> - the format to export the entries to: json, xml, csv.
<file> - the file to export the entries to.
For example, to export the blocked IP addresses to the blocked_ips.json file, run the following command:
rdpguard-cli /ip export json blocked_ips.json
Diagnostics Object
The diagnostics object allows you to get diagnostic information and send it to the RdpGuard support team.
To get detailed help for the diagnostics object, run the following command:
rdpguard-cli /diagnostics
The following output will be displayed:
Available commands:
get
send
version
To get detailed help for an each command please use:
rdpguard-cli /diagnostics <command>
get
The get command allows you to get diagnostic information.
To get diagnostic information, run the following command:
rdpguard-cli /diagnostics get
For example, the following output will be displayed:
System Information:
OS: Microsoft Windows 10 Pro (6.2.9200,,x64)
Framework Version: 4.0.30319.42000
Process Information:
BasePriority: 8
HasExited: False
Handle: 1036
HandleCount: 593
Id: 20456
MachineName: .
MainWindowHandle: 0
MainModule: rdpguard-svc.exe (9.6.8)
<skipped..>
The send command allows you to send diagnostic information to the RdpGuard support team.
To get detailed help for the send command, run the following command:
rdpguard-cli /diagnostics send
The following output will be displayed:
To send diagnostic report, please use the following syntax:
rdpguard-cli /diagnostics send <name> <email> <comment>
<name> - your name
<email> - your email address
<comment> - your comment
version
The version command allows you to get the RdpGuard version.
To get the RdpGuard version, run the following command:
rdpguard-cli /diagnostics version
For example, the following output will be displayed:
9.6.8
License Object
The license object allows you to manage RdpGuard license.
To get detailed help for the license object, run the following command:
rdpguard-cli /license
The following output will be displayed:
Available commands:
show
activate
deactivate
hwid
id
maintenance
To get detailed help for an each command please use:
rdgpguard-cli /license <command>
show
The show command allows you to show the license information.
To get the license information, run the following command:
rdpguard-cli /license show
For example, the following output will be displayed:
Registered version
Maintenance: 35 days remain
activate
The activate command allows you to activate your license key.
To get detailed help for the activate command, run the following command:
rdpguard-cli /license activate
The following output will be displayed:
To activate your license key, please use the following syntax:
rdgpguard-cli /license activate <license>
<license> - your license key (activation key)
For example, to activate your license key AAAA-BBBB-CCCC-DDDD-EEEE, run the following command:
rdpguard-cli /license activate AAAA-BBBB-CCCC-DDDD-EEEE
deactivate
The deactivate command allows you to deactivate your license key.
To get detailed help for the deactivate command, run the following command:
rdpguard-cli /license deactivate
The following output will be displayed:
Please wait, connecting activation server..
Your license has been successfully deactivated.
hwid
The hwid command allows you to get the hardware ID.
To get the hardware ID, run the following command:
rdpguard-cli /license hwid
For example, the following output will be displayed:
7c46f5ab67c86a44bf028aa31d608d66
id
The id command allows you to get the license ID.
To get the license ID, run the following command:
rdpguard-cli /license id
For example, the following output will be displayed:
45d077a221dcfcae9df52941d92c7048
maintenance
The maintenance command allows you to get the maintenance days.
To get the maintenance days, run the following command:
rdpguard-cli /license maintenance
For example, the following output will be displayed:
35
SMTP Servers Object
The smtp-servers object allows you to manage SMTP servers.
Smtp servers are used to send email notifications in Custom Actions
To get detailed help for the smtp-servers object, run the following command:
rdpguard-cli /smtp-servers
The following output will be displayed:
Available commands:
show
add
edit
delete
import
export
To get detailed help for an each command please use:
rdpguard-cli /smtp-servers <command>
show
The show command allows you to show the SMTP servers.
To get detailed help for the show command, run the following command:
rdpguard-cli /smtp-servers show
The following output will be displayed:
To show smtp servers, please use the following syntax:
rdpguard-cli /smtp-servers show <id>
<id> - smtp server id (* to show all)
For example, to show all SMTP servers, run the following command:
rdpguard-cli /smtp-servers show *
The following output will be displayed:
ID: 374598b8
Host: localhost
Port: 25
TLS: off
Username: test
Password: test
ID: 4cec9b6f
Host: email-smtp.us-east-1.amazonaws.com
Port: 587
TLS: on
Username: AKIAIOSFODNN7EXAMPLE
Password: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
add
The add command allows you to add a new SMTP server.
To get detailed help for the add command, run the following command:
rdpguard-cli /smtp-servers add
The following output will be displayed:
To add a new SMTP server, please use the following syntax:
rdgpguard-cli /smtp-servers add <host> <port> <tls> <username> <password>
<host> - SMTP server host
<port> - SMTP server port
<tls> - TLS enabled (on/off)
<username> - SMTP server username
<password> - SMTP server password
For example, to add the localhost SMTP server with the port 25, the TLS disabled, the username "test", and the password "test", run the following command:
rdpguard-cli /smtp-servers add localhost 25 off test test
edit
The edit command allows you to edit an existing SMTP server.
To get detailed help for the edit command, run the following command:
rdpguard-cli /smtp-servers edit
The following output will be displayed:
To edit an existing SMTP server, please use the following syntax:
rdpguard-cli /smtp-servers edit <id> <property>=<value>,<property>=<value>..
<id> - SMTP server id
<property> - SMTP server property to edit (host, port, tls, username, password)
For example, to edit the localhost SMTP server with the id 374598b8 and change the port to 2525, run the following command:
rdpguard-cli /smtp-servers edit 374598b8 port=2525
delete
The delete command allows you to delete an existing SMTP server.
To get detailed help for the delete command, run the following command:
rdpguard-cli /smtp-servers delete
The following output will be displayed:
To delete an existing SMTP server, please use the following syntax:
rdpguard-cli /smtp-servers delete <id>
<id> - SMTP server id (* to delete all servers)
For example, to delete the localhost SMTP server with the id 374598b8, run the following command:
rdpguard-cli /smtp-servers delete 374598b8
import
The import command allows you to import SMTP servers.
To get detailed help for the import command, run the following command:
rdpguard-cli /smtp-servers import
The following output will be displayed:
To import entries, please use the following syntax:
rdpguard-cli /smtp-servers import <format> <file>
<format> - the format to import the entries from: json, xml, csv.
<file> - the file to import the entries from.
Please note that the existing entries will be replaced with the imported entries.
For example, to import the SMTP servers from the smtp_servers.json file, run the following command:
rdpguard-cli /smtp-servers import json smtp_servers.json
export
The export command allows you to export SMTP servers.
To get detailed help for the export command, run the following command:
rdpguard-cli /smtp-servers export
The following output will be displayed:
To export entries, please use the following syntax:
rdpguard-cli /smtp-servers export <format> <file>
<format> - the format to export the entries to: json, xml, csv.
<file> - the file to export the entries to.
For example, to export the SMTP servers to the smtp_servers.json file, run the following command:
rdpguard-cli /smtp-servers export json smtp_servers.json
Custom Actions Object
The custom-actions object allows you to manage Custom Actions.
Custom actions are used to perform specific tasks when certain events occur in RdpGuard.
To get detailed help for the custom-actions object, run the following command:
rdpguard-cli /custom-actions
The following output will be displayed:
Available commands:
show
add
edit
delete
import
export
To get detailed help for an each command please use:
rdpguard-cli /custom-actions <command>
show
The show command shows the custom actions.
To get detailed help for the show command, run the following command:
rdpguard-cli /custom-actions show
The following output will be displayed:
To show custom actions, please use the following syntax:
rdpguard-cli /custom-actions show <id>
<id> - custom action id (* to show all)
For example, to show all custom actions, run the following command:
rdpguard-cli /custom-actions show *
The following output will be displayed:
ID: e40bcdba
Enabled: True
Event:
Type: IPBlocked
Settings:
Task:
Type: SendMailTask
ServerId: 4cec9b6f
From: noreply@mydomain.com
To: example@mydomain.com
Subject: RdpGuard blocked %IP%
Body: IP: %IP%
User: %USER%
Block Date: %BLOCK_DATE%
Unblock Date: %UNBLOCK_DATE%
Protocol: %PROTOCOL%
Host: %HOSTNAME%
Total IP addresses currently blocked: %TOTAL_IP_BLOCKED%
ID: 83fb8dad
Enabled: False
Event:
Type: NewVersionAvailable
Settings:
Task:
Type: HttpPostTask
Endpoint: https://mydomain.com/rdpguard-notifications-endpoint.aspx
BasicAuth: False
Username:
Password:
Body: {
"NewVersionAvailable": {
"Version": "%NEW_VERSION_NUMBER%",
"Link": "%NEW_VERSION_LINK%",
"Host": "%HOSTNAME%"
}
}
add
The add command allows you to add a new custom action.
To get detailed help for the add command, run the following command:
rdpguard-cli /custom-actions add
The following output will be displayed:
To add a new custom action, please use the following syntax:
rdpguard-cli /custom-actions add <event> <task> <details>
<event> - IPBlocked, IPUnblocked, UserLoggedIn, NewVersionAvailable,
MaintenanceIsAboutToExpire, MaintenanceExpired
<task> - SendMailTask, HttpPostTask, ProgramExecuteTask,
AbuseIPDBReportTask, SendTelegramTask
<details> - task-specific details as comma-separated key=value pairs:
Common properties for all tasks - enabled, event, task
SendMailTask - server-id, from, to, subject, body
HttpPostTask - endpoint, basic-auth, username, password, body
ProgramExecuteTask - path, args
AbuseIPDBReportTask - api-key
SendTelegramTask - bot-token, chat-id, message
For example, to add a new custom action that sends an email notification when an IP address is blocked, run the following command:
rdpguard-cli /custom-actions add IPBlocked SendMailTask "server-id=4cec9b6f,from=test@domain.com,to=me@domain.com,subject=%IP% Blocked,body=IP: %IP%\r\nUser: %USER%"
Please note that details must be enclosed in double quotes if they contain spaces.
edit
The edit command allows you to edit an existing custom action.
To get detailed help for the edit command, run the following command:
rdpguard-cli /custom-actions edit
The following output will be displayed:
To edit an existing custom action, please use the following syntax:
rdpguard-cli /custom-actions edit <id> <details>
<id> - custom action id
<details> - task-specific details as comma-separated key=value pairs:
Common properties for all tasks - enabled, event, task
SendMailTask - server-id, from, to, subject, body
HttpPostTask - endpoint, basic-auth, username, password, body
ProgramExecuteTask - path, args
AbuseIPDBReportTask - api-key
SendTelegramTask - bot-token, chat-id, message
For example, to edit the custom action with the id e40bcdba and change the email subject, run the following command:
rdpguard-cli /custom-actions edit e40bcdba subject="RdpGuard blocked %IP% on %HOSTNAME%"
delete
The delete command allows you to delete an existing custom action.
To get detailed help for the delete command, run the following command:
rdpguard-cli /custom-actions delete
The following output will be displayed:
To delete an existing custom action, please use the following syntax:
rdpguard-cli /custom-actions delete <id>
<id> - custom action id (* to delete all actions)
For example, to delete the custom action with the id e40bcdba, run the following command:
rdpguard-cli /custom-actions delete e40bcdba
import
The import command allows you to import custom actions.
To get detailed help for the import command, run the following command:
rdpguard-cli /custom-actions import
The following output will be displayed:
To import entries, please use the following syntax:
rdpguard-cli /custom-actions import <format> <file>
<format> - the format to import the entries from: json, xml.
<file> - the file to import the entries from.
Please note that the existing entries will be replaced with the imported entries.
For example, to import the custom actions from the custom_actions.json file, run the following command:
rdpguard-cli /custom-actions import json custom_actions.json
export
The export command allows you to export custom actions.
To get detailed help for the export command, run the following command:
rdpguard-cli /custom-actions export
The following output will be displayed:
To export entries, please use the following syntax:
rdpguard-cli /custom-actions export <format> <file>
<format> - the format to export the entries to: json, xml.
<file> - the file to export the entries to.
For example, to export the custom actions to the custom_actions.json file, run the following command:
rdpguard-cli /custom-actions export json custom_actions.json
Pcap Object
The pcap object allows you to manage network adapters for packet capturing.
To get detailed help for the pcap object, run the following command:
rdpguard-cli /pcap
The following output will be displayed:
Available commands:
status
adapters
adapters-all
To get detailed help for an each command please use:
rdpguard-cli /pcap <command>
status
The status command allows you to get the pcap status.
To get the pcap status, run the following command:
rdpguard-cli /pcap status
For example, the following output will be displayed:
installed
adapters
The adapters command allows you to get the pcap network adapters.
The command returns the network adapters that are most likely to be used for packet capturing,
i.e. the adapters that are not loopback and are up, running, and connected.
To get the pcap network adapters, run the following command:
rdpguard-cli /pcap adapters
For example, the following output will be displayed:
Id: rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}
Name: Network adapter 'OpenVPN Data Channel Offload' on local host
Attributes: up, running, connected
Id: rpcap://\Device\NPF_{fb296561-b160-4977-9520-50122bb8cfa3}
Name: Network adapter 'Realtek PCIe GBE Family Controller' on local host
Attributes: up, running, connected
Id: rpcap://\Device\NPF_{a3c5d9fa-16a7-4f9e-a95f-a27b84e2931f}
Name: Network adapter 'sing-tun Tunnel' on local host
Attributes: up, running, connected
adapters-all
The adapters-all command allows you to get all pcap network adapters.
To get all pcap network adapters, run the following command:
rdpguard-cli /pcap adapters-all
For example, the following output will be displayed:
Id: rpcap://\Device\NPF_{a00eb421-ed32-4791-b3ca-ffba833127d8}
Name: Network adapter 'WAN Miniport (Network Monitor)' on local host
Attributes: up, running, connected
Id: rpcap://\Device\NPF_{cb4e717d-d8a1-4392-bd7d-007e7ce5cd2b}
Name: Network adapter 'WAN Miniport (IPv6)' on local host
Attributes: up, running, connected
Id: rpcap://\Device\NPF_{cb55bd7f-ca82-4e82-b9cf-8cb7cb1db0a9}
Name: Network adapter 'WAN Miniport (IP)' on local host
Attributes: up, running, connected
Id: rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}
Name: Network adapter 'OpenVPN Data Channel Offload' on local host
Attributes: up, running, connected
Id: rpcap://\Device\NPF_{f5b8a8af-4770-4d45-991c-1802d0431c1b}
Name: Network adapter 'VirtualBox Host-Only Ethernet Adapter' on local host
Attributes: up, running, connected
Id: rpcap://\Device\NPF_{fb296561-b160-4977-9520-50122bb8cfa3}
Name: Network adapter 'Realtek PCIe GBE Family Controller' on local host
Attributes: up, running, connected
Id: rpcap://\Device\NPF_{a3c5d9fa-16a7-4f9e-a95f-a27b84e2931f}
Name: Network adapter 'sing-tun Tunnel' on local host
Attributes: up, running, connected
Id: rpcap://\Device\NPF_Loopback
Name: Network adapter 'Adapter for loopback traffic capture' on local host
Attributes: loopback, up, running, connected, disconnected, not applicable
Id: rpcap://\Device\NPF_{f591d1c3-893d-4d83-8c7c-e7ad2adde977}
Name: Network adapter 'TAP-Windows Adapter V9' on local host
Attributes: up, running, disconnected
Rdp Object
The rdp object allows you to manage RDP protection settings.
To get detailed help for the rdp object, run the following command:
rdpguard-cli /rdp
The following output will be displayed:
Available commands:
enabled
traffic-monitoring
traffic-monitoring-method
raw-sockets-addresses
pcap-adapter
ports
exclusions
get
set
To get detailed help for an each command please use:
rdpguard-cli /rdp <command>
enabled
The enabled command allows you to enable or disable the RDP protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /rdp enabled
The following output will be displayed:
To set the engine Enabled status, please use the following syntax:
rdpguard-cli /rdp enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status, please use the following syntax:
rdpguard-cli /rdp enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the RDP protection engine, run the following command:
rdpguard-cli /rdp enabled set on
traffic-monitoring
The traffic-monitoring command allows you to enable or disable RDP traffic monitoring.
To get detailed help for the traffic-monitoring command, run the following command:
rdpguard-cli /rdp traffic-monitoring
The following output will be displayed:
To set the engine traffic monitoring, please use the following syntax:
rdpguard-cli /rdp traffic-monitoring set <on|off>
<on|off> - on to enable traffic monitoring and off otherwise
RDP TRAFFIC MONITORING IS USUALLY NOT NEEDED ON WINDOWS SERVER 2012 AND HIGHER
To get the engine traffic monitoring, please use the following syntax:
rdpguard-cli /rdp traffic-monitoring get
RdpGuard Service restart is required for these changes to take effect
For example, to enable RDP traffic monitoring, run the following command:
rdpguard-cli /rdp traffic-monitoring set on
traffic-monitoring-method
The traffic-monitoring-method command allows you to set the RDP traffic monitoring method.
To get detailed help for the traffic-monitoring-method command, run the following command:
rdpguard-cli /rdp traffic-monitoring-method
The following output will be displayed:
To set the engine traffic monitoring method, please use the following syntax:
rdpguard-cli /rdp traffic-monitoring-method set <method>
<method> - engine traffic monitoring method: winpcap, rawsockets
To get the engine traffic monitoring method, please use the following syntax:
rdpguard-cli /rdp traffic-monitoring-method get
RdpGuard Service restart is required for these changes to take effect
For example, to set the RDP traffic monitoring method to WinPcap, run the following command:
rdpguard-cli /rdp traffic-monitoring-method set winpcap
raw-sockets-addresses
The raw-sockets-addresses command allows you to set the monitored raw sockets addresses.
To get detailed help for the raw-sockets-addresses command, run the following command:
rdpguard-cli /rdp raw-sockets-addresses
The following output will be displayed:
To set the monitored raw sockets addresses, please use the following syntax:
rdpguard-cli /rdp raw-sockets-addresses set <addresses>
<addresses> - comma-separated list of addresses (* - all addresses)
To get the monitored raw sockets addresses, please use the following syntax:
rdpguard-cli /rdp raw-sockets-addresses get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored raw sockets addresses to 192.168.1.37 and 127.0.0.1, run the following command:
rdpguard-cli /rdp raw-sockets-addresses set 192.168.1.37,127.0.0.1
pcap-adapter
The pcap-adapter command allows you to set the WinPcap adapter for monitoring.
To get detailed help for the pcap-adapter command, run the following command:
rdpguard-cli /rdp pcap-adapter
The following output will be displayed:
To set the winpcap adapter for monitoring, please use the following syntax:
rdpguard-cli /rdp pcap-adapter set <adapter-id>
<adapter-id> - winpcap adapter id (use the /pcap adapters to get one)
To get the winpcap adapter for monitoring, please use the following syntax:
rdpguard-cli /rdp pcap-adapter get
RdpGuard Service restart is required for these changes to take effect
For example, to set the WinPcap adapter for monitoring to rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}, run the following command:
rdpguard-cli /rdp pcap-adapter set rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}
ports
The ports command allows you to set the monitored ports.
To get detailed help for the ports command, run the following command:
rdpguard-cli /rdp ports
The following output will be displayed:
To set the monitored ports, please use the following syntax:
rdpguard-cli /rdp ports set <ports>
<ports> - one or multiple ports, comma-separated
To get the monitored ports, please use the following syntax:
rdpguard-cli /rdp ports get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored ports to 3389, run the following command:
rdpguard-cli /rdp ports set 3389
exclusions
The exclusions command allows you to set the RDP engine exclusions.
To get detailed help for the exclusions command, run the following command:
rdpguard-cli /rdp exclusions
The following output will be displayed:
To set the engine exclusions, please use the following syntax:
rdpguard-cli /rdp exclusions set <exclusions>
<exclusions> - comma separated list of IP addresses or CIDR ranges
To get the engine exclusions, please use the following syntax:
rdpguard-cli /rdp exclusions get
RdpGuard Service restart is required for these changes to take effect
For example, to set the RDP engine exclusions to exclude logon attempts with the LogonType 4
and the TargetUserName starting with test, run the following command:
rdpguard-cli /rdp exclusions set "LogonType=4 OR TargetUserName=test*"
Please note that exclusions must be enclosed in double quotes if they contain spaces.
get
The get command allows you to get the RDP protection settings.
To get the RDP protection settings, run the following command:
rdpguard-cli /rdp get
For example, the following output will be displayed:
enabled : on
traffic-monitoring : off
traffic-monitoring-method: winpcap
raw-sockets-addresses : *
pcap-adapter : rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}
ports : 3389
exclusions : LogonType=4 OR TargetUserName=test*
set
The set command allows you to set the RDP protection settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /rdp set
The following output will be displayed:
To set engine settings in bulk, please use the following syntax:
rdpguard-cli /rdp set <setting=value>,<setting=value>,..
For example, to set the RDP protection settings in bulk, run the following command:
rdpguard-cli /rdp set enabled=on,traffic-monitoring=off
Ftp Object
The ftp object allows you to manage FTP protection settings.
To get detailed help for the ftp object, run the following command:
rdpguard-cli /ftp
The following output will be displayed:
Available commands:
enabled
monitoring-method
server
logs
traffic-monitoring-method
raw-sockets-addresses
pcap-adapter
ports
get
set
To get detailed help for an each command please use:
rdpguard-cli /ftp <command>
enabled
The enabled command allows you to enable or disable the FTP protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /ftp enabled
The following output will be displayed:
To set the engine Enabled status, please use the following syntax:
rdpguard-cli /ftp enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status, please use the following syntax:
rdpguard-cli /ftp enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the FTP protection engine, run the following command:
rdpguard-cli /ftp enabled set on
monitoring-method
The monitoring-method command allows you to set the engine monitoring method.
To get detailed help for the monitoring-method command, run the following command:
rdpguard-cli /ftp monitoring-method
The following output will be displayed:
To set the engine monitoring method, please use the following syntax:
rdpguard-cli /ftp monitoring-method set <method>
<method> - engine monitoring method: logs, traffic
To get the engine monitoring method, please use the following syntax:
rdpguard-cli /ftp monitoring-method get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine monitoring method to logs, run the following command:
rdpguard-cli /ftp monitoring-method set logs
server
The server command allows you to set the FTP server type.
The server must be set if you want to use the logs monitoring method.
To get detailed help for the server command, run the following command:
rdpguard-cli /ftp server
The following output will be displayed:
To set the FTP server type, please use the following syntax:
rdpguard-cli /ftp server set <server-type>
<server-type> - FTP server type:
iis : Microsoft IIS
filezilla : FileZilla
axigen : Axigen Mail Server (FTP-BACKUP)
solarwinds: SolarWinds SFTP/SCP
serv-u : Serv-U
To get the FTP server type, please use the following syntax:
rdpguard-cli /ftp server get
RdpGuard Service restart is required for these changes to take effect
For example, to set the FTP server type to Microsoft IIS, run the following command:
rdpguard-cli /ftp server set iis
logs
The logs command allows you to set the the engine monitored logs.
The logs must be set if you want to use the logs monitoring method.
To get detailed help for the logs command, run the following command:
rdpguard-cli /ftp logs
The following output will be displayed:
To set the the engine monitored logs, please use the following syntax:
rdpguard-cli /ftp logs set <location>
<location> - one or more comma-separated log locations
To get the engine monitored logs, please use the following syntax:
rdpguard-cli /ftp logs get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine monitored logs to C:\Temp\iis\ftp-1 and C:\Temp\iis\ftp-2, run the following command:
rdpguard-cli /ftp logs set C:\Temp\iis\ftp-1,C:\Temp\iis\ftp-2
traffic-monitoring-method
The traffic-monitoring-method command allows you to set the engine traffic monitoring method.
To get detailed help for the traffic-monitoring-method command, run the following command:
rdpguard-cli /ftp traffic-monitoring-method
The following output will be displayed:
To set the engine traffic monitoring method, please use the following syntax:
rdpguard-cli /ftp traffic-monitoring-method set <method>
<method> - engine traffic monitoring method: winpcap, rawsockets
To get the engine traffic monitoring method, please use the following syntax:
rdpguard-cli /ftp traffic-monitoring-method get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine traffic monitoring method to WinPcap, run the following command:
rdpguard-cli /ftp traffic-monitoring-method set winpcap
raw-sockets-addresses
The raw-sockets-addresses command allows you to set the monitored raw sockets addresses.
The raw sockets addresses must be set if you want to use the raw sockets traffic monitoring method.
To get detailed help for the raw-sockets-addresses command, run the following command:
rdpguard-cli /ftp raw-sockets-addresses
The following output will be displayed:
To set the monitored raw sockets addresses, please use the following syntax:
rdpguard-cli /ftp raw-sockets-addresses set <addresses>
<addresses> - comma-separated list of addresses (* - all addresses)
To get the monitored raw sockets addresses, please use the following syntax:
rdpguard-cli /ftp raw-sockets-addresses get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored raw sockets addresses to all addresses, run the following command:
rdpguard-cli /ftp raw-sockets-addresses set *
pcap-adapter
The pcap-adapter command allows you to set the WinPcap adapter for monitoring.
Pcap adapter must be set if you want to use the WinPcap traffic monitoring method.
To get detailed help for the pcap-adapter command, run the following command:
rdpguard-cli /ftp pcap-adapter
The following output will be displayed:
To set the WinPcap adapter for monitoring, please use the following syntax:
rdpguard-cli /ftp pcap-adapter set <adapter-id>
<adapter-id> - WinPcap adapter id (use the /pcap adapters to get one)
To get the WinPcap adapter for monitoring, please use the following syntax:
rdpguard-cli /ftp pcap-adapter get
RdpGuard Service restart is required for these changes to take effect
For example, to set the WinPcap adapter for monitoring
to rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}, run the following command:
rdpguard-cli /ftp pcap-adapter set rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}
ports
The ports command allows you to set the monitored ports.
To get detailed help for the ports command, run the following command:
rdpguard-cli /ftp ports
The following output will be displayed:
To set the monitored ports, please use the following syntax:
rdpguard-cli /ftp ports set <ports>
<ports> - one or multiple ports, comma-separated
To get the monitored ports, please use the following syntax:
rdpguard-cli /ftp ports get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored ports to 21, run the following command:
rdpguard-cli /ftp ports set 21
get
The get command allows you to get the current FTP protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /ftp get
The following output will be displayed:
enabled : on
monitoring-method : logs
server : Microsoft IIS
logs : C:\Temp\iis\ftp-1,C:\Temp\iis\ftp-2
traffic-monitoring-method: rawsockets
raw-sockets-addresses : *
pcap-adapter : rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}
ports : 21
set
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /ftp set
The following output will be displayed:
To set engine settings in bulk, please use the following syntax:
rdpguard-cli /ftp set <setting=value>,<setting=value>,..
HTTP Object
The http object allows you to manage HTTP protection settings.
To get detailed help for the http object, run the following command:
rdpguard-cli /http
The following output will be displayed:
Available commands:
enabled
logs
rules
use-x-forwarded-for-field
get
set
To get detailed help for an each command please use:
rdpguard-cli /http <command>
enabled
The enabled command allows you to enable or disable the
HTTP protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /http enabled
The following output will be displayed:
To set the engine Enabled status, please use the following syntax:
rdpguard-cli /http enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status, please use the following syntax:
rdpguard-cli /http enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the HTTP protection engine, run the following command:
rdpguard-cli /http enabled set on
logs
The logs command allows you to set the engine monitored logs.
To get detailed help for the logs command, run the following command:
rdpguard-cli /http logs
The following output will be displayed:
To set the engine monitored logs, please use the following syntax:
rdpguard-cli /http logs set <location>
<location> - one or more comma-separated log locations
To get the engine monitored logs, please use the following syntax:
rdpguard-cli /http logs get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine monitored logs to C:\inetpub\logs\LogFiles\W3SVC1
and C:\inetpub\logs\LogFiles\W3SVC2, run the following command:
rdpguard-cli /http logs set C:\inetpub\logs\LogFiles\W3SVC1,C:\inetpub\logs\LogFiles\W3SVC2
rules
The rules command allows you to set the detection rules for the HTTP protection engine.
To get detailed help for the rules command, run the following command:
rdpguard-cli /http rules
The following output will be displayed:
To set the detection rules, please use the following syntax:
rdpguard-cli /http rules set <rules>
<rules> - HTTP detection rules
To get the detection rules, please use the following syntax:
rdpguard-cli /http rules get
RdpGuard Service restart is required for these changes to take effect
For example, to set detection rules, run the following command:
rdpguard-cli /http rules set "Status=404,Threshold=15\r\nUri=*/.aws*\r\nUri=*/.env*\r\nUri=*/.git*\r\nUri=*/.hg/*\r\nUri=*/.svn*\r\nUri=*/.vscode*"
use-x-forwarded-for-field
The use-x-forwarded-for-field command allows you to set the Use X-Forwarded-For Field flag.
To get detailed help for the use-x-forwarded-for-field command, run the following command:
rdpguard-cli /rdweb use-x-forwarded-for-field
The following output will be displayed:
To set the Use X-Forwarded-For Field flag status, please use the following syntax:
rdpguard-cli /http use-x-forwarded-for-field set <on|off>
<on|off> - on to use the X-Forwarded-For header to read client IP address and off otherwise
DO NOT ENABLE THIS OPTION UNLESS YOU ARE HOSTING YOUR WEBSITE BEHIND A PROXY
To get the Use X-Forwarded-For Field flag status, please use the following syntax:
rdpguard-cli /http use-x-forwarded-for-field get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the Use X-Forwarded-For Field flag, run the following command:
rdpguard-cli /http use-x-forwarded-for-field set on
get
The get command allows you to get the current HTTP protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /http get
The following output will be displayed:
enabled: off
logs : C:\inetpub\logs\LogFiles\W3SVC1,C:\inetpub\logs\LogFiles\W3SVC2
rules :
# This is comment, it starts with the # symbol
# Treat each 15 requests with HTTP status 404 as scan attempt
Status=404,Threshold=15
# secrets, environment variables, repository metadata scan
Uri=*/.aws*
Uri=*/.env*
Uri=*/.git*
Uri=*/.hg/*
Uri=*/.svn*
Uri=*/.vscode*
# scan for backups, uncomment if you do not host these archive types
#Uri=/*.bz2
#Uri=/*.tar.gz
#Uri=/*.tgz
#Uri=/*.7z
#Uri=/*.zip, Uri!=/download/*
#Uri=/*.rar
# scan for wordpress files, uncomment if necessary
#Uri=*/wp-content/*
#Uri=*/wp-admin/*
#Uri=*/wp-includes/*
#Uri=*/wp-json/*
#Uri=*/wp-config*
#Uri=*/wp-login.php*
use-x-forwarded-for-field : off
set
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /http set
The following output will be displayed:
To set engine settings in bulk, please use the following syntax:
rdpguard-cli /http set <setting=value>,<setting=value>,..
IMAP Object
The imap object allows you to manage IMAP protection settings.
To get detailed help for the imap object, run the following command:
rdpguard-cli /imap
The following output will be displayed:
Available commands:
enabled
monitoring-method
server
logs
traffic-monitoring-method
raw-sockets-addresses
pcap-adapter
ports
get
set
To get detailed help for an each command please use:
rdpguard-cli /imap <command>
enabled
The enabled command allows you to enable or disable the IMAP protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /imap enabled
The following output will be displayed:
To set the engine Enabled status, please use the following syntax:
rdpguard-cli /imap enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status, please use the following syntax:
rdpguard-cli /imap enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the IMAP protection engine, run the following command:
rdpguard-cli /imap enabled set on
monitoring-method
The monitoring-method command allows you to set the engine monitoring method.
To get detailed help for the monitoring-method command, run the following command:
rdpguard-cli /imap monitoring-method
The following output will be displayed:
To set the engine monitoring method, please use the following syntax:
rdpguard-cli /imap monitoring-method set <method>
<method> - engine monitoring method: logs, traffic
To get the engine monitoring method, please use the following syntax:
rdpguard-cli /imap monitoring-method get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine monitoring method to logs (recommended), run the following command:
rdpguard-cli /imap monitoring-method set logs
server
The server command allows you to set the IMAP server type.
The server must be set if you want to use the logs monitoring method.
To get detailed help for the server command, run the following command:
rdpguard-cli /imap server
The following output will be displayed:
To set the IMAP server type, please use the following syntax:
rdpguard-cli /imap server set <server-type>
<server-type> - IMAP server type:
mailenable : MailEnable
kerio : Kerio Connect
hmailserver: hMailServer
exchange : MS Exchange
axigen : Axigen Mail Server
mdaemon : MDaemon Email Server
smartermail: SmarterMail
To get the IMAP server type, please use the following syntax:
rdpguard-cli /imap server get
RdpGuard Service restart is required for these changes to take effect
For example, to set the IMAP server type to SmarterMail, run the following command:
rdpguard-cli /imap server set smartermail
logs
The logs command allows you to set the engine monitored logs.
The logs must be set if you want to use the logs monitoring method.
To get detailed help for the logs command, run the following command:
rdpguard-cli /imap logs
The following output will be displayed:
To set the the engine monitored logs, please use the following syntax:
rdpguard-cli /imap logs set <location>
<location> - one or more comma-separated log locations
To get the engine monitored logs, please use the following syntax:
rdpguard-cli /imap logs get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine monitored logs to C:\Temp\smartermail, run the following command:
rdpguard-cli /imap logs set C:\Temp\smartermail
traffic-monitoring-method
The traffic-monitoring-method command allows you to set the engine traffic monitoring method.
To get detailed help for the traffic-monitoring-method command, run the following command:
rdpguard-cli /imap traffic-monitoring-method
The following output will be displayed:
To set the engine traffic monitoring method, please use the following syntax:
rdpguard-cli
/imap traffic-monitoring-method set <method>
<method> - engine traffic monitoring method: winpcap, rawsockets
To get the engine traffic monitoring method, please use the following syntax:
rdpguard-cli /imap traffic-monitoring-method get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine traffic monitoring method to WinPcap, run the following command:
rdpguard-cli /imap traffic-monitoring-method set winpcap
raw-sockets-addresses
The raw-sockets-addresses command allows you to set the monitored raw sockets addresses.
The raw sockets addresses must be set if you want to use the raw sockets traffic monitoring method.
To get detailed help for the raw-sockets-addresses command, run the following command:
rdpguard-cli /imap raw-sockets-addresses
The following output will be displayed:
To set the monitored raw sockets addresses, please use the following syntax:
rdpguard-cli /imap raw-sockets-addresses set <addresses>
<addresses> - comma-separated list of addresses (* - all addresses)
To get the monitored raw sockets addresses, please use the following syntax:
rdpguard-cli /imap raw-sockets-addresses get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored raw sockets addresses to all addresses, run the following command:
rdpguard-cli /imap raw-sockets-addresses set *
pcap-adapter
The pcap-adapter command allows you to set the WinPcap adapter for monitoring.
Pcap adapter must be set if you want to use the WinPcap traffic monitoring method.
To get detailed help for the pcap-adapter command, run the following command:
rdpguard-cli /imap pcap-adapter
The following output will be displayed:
To set the WinPcap adapter for monitoring, please use the following syntax:
rdpguard-cli /imap pcap-adapter set <adapter-id>
<adapter-id> - WinPcap adapter id (use the /pcap adapters to get one)
To get the WinPcap adapter for monitoring, please use the following syntax:
rdpguard-cli /imap pcap-adapter get
RdpGuard Service restart is required for these changes to take effect
For example, to set the WinPcap adapter for monitoring
to rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}, run the following command:
rdpguard-cli /imap pcap-adapter set rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}
ports
The ports command allows you to set the monitored ports.
To get detailed help for the ports command, run the following command:
rdpguard-cli /imap ports
The following output will be displayed:
To set the monitored ports, please use the following syntax:
rdpguard-cli /imap ports set <ports>
<ports> - one or multiple ports, comma-separated
To get the monitored ports, please use the following syntax:
rdpguard-cli /imap ports get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored ports to 143, run the following command:
rdpguard-cli /imap ports set 143
get
The get command allows you to get the current IMAP protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /imap get
The following output will be displayed:
enabled : off
monitoring-method : logs
server : SmarterMail
logs : C:\Temp\smartermail
traffic-monitoring-method: rawsockets
raw-sockets-addresses : *
pcap-adapter : rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}
ports : 143
set
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /imap set
The following output will be displayed:
To set engine settings in bulk, please use the following syntax:
rdpguard-cli /imap set <setting=value>,<setting=value>,..
POP3 Object
The pop3 object allows you to manage POP3 protection settings.
To get detailed help for the pop3 object, run the following command:
rdpguard-cli /pop3
The following output will be displayed:
Available commands:
enabled
monitoring-method
server
logs
traffic-monitoring-method
raw-sockets-addresses
pcap-adapter
ports
get
set
To get detailed help for an each command please use:
rdpguard-cli /pop3 <command>
enabled
The enabled command allows you to enable or disable the POP3 protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /pop3 enabled
The following output will be displayed:
To set the engine Enabled status, please use the following syntax:
rdpguard-cli /pop3 enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status, please use the following syntax:
rdpguard-cli /pop3 enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the POP3 protection engine, run the following command:
rdpguard-cli /pop3 enabled set on
monitoring-method
The monitoring-method command allows you to set the engine monitoring method.
To get detailed help for the monitoring-method command, run the following command:
rdpguard-cli /pop3 monitoring-method
The following output will be displayed:
To set the engine monitoring method, please use the following syntax:
rdpguard-cli /pop3 monitoring-method set <method>
<method> - engine monitoring method: logs, traffic
To get the engine monitoring method, please use the following syntax:
rdpguard-cli /pop3 monitoring-method get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine monitoring method to logs (recommended), run the following command:
rdpguard-cli /pop3 monitoring-method set logs
server
The server command allows you to set the POP3 server type.
The server must be set if you want to use the logs monitoring method.
To get detailed help for the server command, run the following command:
rdpguard-cli /pop3 server
The following output will be displayed:
To set the POP3 server type, please use the following syntax:
rdpguard-cli /pop3 server set <server-type>
<server-type> - POP3 server type:
mailenable : MailEnable
kerio : Kerio Connect
hmailserver: hMailServer
exchange : MS Exchange
axigen : Axigen Mail Server
mdaemon : MDaemon Email Server
smartermail: SmarterMail
unknown : Unknown
To get the POP3 server type, please use the following syntax:
rdpguard-cli /pop3 server get
RdpGuard Service restart is required for these changes to take effect
For example, to set the POP3 server type to hMailServer, run the following command:
rdpguard-cli /pop3 server set hmailserver
logs
The logs command allows you to set the engine monitored logs.
The logs must be set if you want to use the logs monitoring method.
To get detailed help for the logs command, run the following command:
rdpguard-cli /pop3 logs
The following output will be displayed:
To set the the engine monitored logs, please use the following syntax:
rdpguard-cli /pop3 logs set <location>
<location> - one or more comma-separated log locations
To get the engine monitored logs, please use the following syntax:
rdpguard-cli /pop3 logs get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine monitored logs to C:\Temp\hmailserver, run the following command:
rdpguard-cli /pop3 logs set C:\Temp\hmailserver
traffic-monitoring-method
The traffic-monitoring-method command allows you to set the engine traffic monitoring method.
To
get detailed help for the traffic-monitoring-method command, run the following command:
rdpguard-cli /pop3 traffic-monitoring-method
The following output will be displayed:
To set the engine traffic monitoring method, please use the following syntax:
rdpguard-cli /pop3 traffic-monitoring-method set <method>
<method> - engine traffic monitoring method: winpcap, rawsockets
To get the engine traffic monitoring method, please use the following syntax:
rdpguard-cli /pop3 traffic-monitoring-method get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine traffic monitoring method to WinPcap, run the following command:
rdpguard-cli /pop3 traffic-monitoring-method set winpcap
raw-sockets-addresses
The raw-sockets-addresses command allows you to set the monitored raw sockets addresses.
The raw sockets addresses must be set if you want to use the raw sockets traffic monitoring method.
To get detailed help for the raw-sockets-addresses command, run the following command:
rdpguard-cli /pop3 raw-sockets-addresses
The following output will be displayed:
To set the monitored raw sockets addresses, please use the following syntax:
rdpguard-cli /pop3 raw-sockets-addresses set <addresses>
<addresses> - comma-separated list of addresses (* - all addresses)
To get the monitored raw sockets addresses, please use the following syntax:
rdpguard-cli /pop3 raw-sockets-addresses get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored raw sockets addresses to all addresses, run the following command:
rdpguard-cli /pop3 raw-sockets-addresses set *
pcap-adapter
The pcap-adapter command allows you to set the WinPcap adapter for monitoring.
Pcap adapter must be set if you want to use the WinPcap traffic monitoring method.
To get detailed help for the pcap-adapter command, run the following command:
rdpguard-cli /pop3 pcap-adapter
The following output will be displayed:
To set the WinPcap adapter for monitoring, please use the following syntax:
rdpguard-cli /pop3 pcap-adapter set <adapter-id>
<adapter-id> - WinPcap adapter id (use the /pcap adapters to get one)
To get the WinPcap adapter for monitoring, please use the following syntax:
rdpguard-cli /pop3 pcap-adapter get
RdpGuard Service restart is required for these changes to take effect
For example, to set the WinPcap adapter for monitoring
to rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}, run the following command:
rdpguard-cli /pop3 pcap-adapter set rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}
ports
The ports command allows you to set the monitored ports.
To get detailed help for the ports command, run the following command:
rdpguard-cli /pop3 ports
The following output will be displayed:
To set the monitored ports, please use the following syntax:
rdpguard-cli /pop3 ports set <ports>
<ports> - one or multiple ports, comma-separated
To get the monitored ports, please use the following syntax:
rdpguard-cli /pop3 ports get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored ports to 110, run the following command:
rdpguard-cli /pop3 ports set 110
get
The get command allows you to get the current POP3 protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /pop3 get
The following output will be displayed:
enabled : off
monitoring-method : logs
server : hMailServer
logs : c:\Temp\hmailserver
traffic-monitoring-method: rawsockets
raw-sockets-addresses : *
pcap-adapter :
ports : 110
set
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /pop3 set
The following output will be displayed:
To set engine settings in bulk, please use the following syntax:
rdpguard-cli /pop3 set <setting=value>,<setting=value>,..
SMTP Object
The smtp object allows you to manage SMTP protection settings.
To get detailed help for the smtp object, run the following command:
rdpguard-cli /smtp
The following output will be displayed:
Available commands:
enabled
monitoring-method
server
logs
traffic-monitoring-method
raw-sockets-addresses
pcap-adapter
ports
get
set
advanced-settings
To get detailed help for an each command please use:
rdpguard-cli /smtp <command>
enabled
The enabled command allows you to enable or disable the SMTP protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /smtp enabled
The following output will be displayed:
To set the engine Enabled status, please use the following syntax:
rdpguard-cli /smtp enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status, please use the following syntax:
rdpguard-cli /smtp enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the SMTP protection engine, run the following command:
rdpguard-cli /smtp enabled set on
monitoring-method
The monitoring-method command allows you to set the engine monitoring method.
To get detailed help for the monitoring-method command, run the following command:
rdpguard-cli /smtp monitoring-method
The following output will be displayed:
To set the engine monitoring method, please use the following syntax:
rdpguard-cli /smtp monitoring-method set <method>
<method> - engine monitoring method: logs, traffic
To get the engine monitoring method, please use the following syntax:
rdpguard-cli /smtp monitoring-method get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine monitoring method to logs (recommended), run the following command:
rdpguard-cli /smtp monitoring-method set logs
server
The server command allows you to set the SMTP server type.
The server must be set if you want to use the logs monitoring method.
To get detailed help for the server command, run the following command:
rdpguard-cli /smtp server
The following output will be displayed:
To set the SMTP server type, please use the following syntax:
rdpguard-cli /smtp server set <server-type>
<server-type> - SMTP server type:
mailenable : MailEnable
kerio : Kerio Connect
hmailserver: hMailServer
exchange : MS Exchange
domino : IBM Domino
axigen : Axigen Mail Server
mdaemon : MDaemon Email Server
smartermail: SmarterMail
To get the SMTP server type, please use the following syntax:
rdpguard-cli /smtp server get
RdpGuard Service restart is required for these changes to take effect
For example, to set the SMTP server type to hMailServer, run the following command:
rdpguard-cli /smtp server set hmailserver
logs
The logs command allows you to set the engine monitored logs.
The logs must be set if you want to use the logs monitoring method.
To get detailed help for the logs command, run the following command:
rdpguard-cli /smtp logs
The following output will be displayed:
To set the the engine monitored logs, please use the following syntax:
rdpguard-cli /smtp logs set <location>
<location> - one or more comma-separated log locations
To get the engine monitored logs, please use the following syntax:
rdpguard-cli /smtp logs get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine monitored logs to C:\Temp\hmailserver, run the following command:
rdpguard-cli /smtp logs set C:\Temp\hmailserver
traffic-monitoring-method
The traffic-monitoring-method command allows you to set the engine traffic monitoring method.
To get detailed help for the traffic-monitoring-method command, run the following command:
rdpguard-cli /smtp traffic-monitoring-method
The following output will be displayed:
To set the engine traffic monitoring method, please use the following syntax:
rdpguard-cli /smtp traffic-monitoring-method set <method>
<method> - engine traffic monitoring method: winpcap, rawsockets
To get the engine traffic monitoring method, please use the following syntax:
rdpguard-cli /smtp traffic-monitoring-method get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine traffic monitoring method to WinPcap, run the following command:
rdpguard-cli /smtp traffic-monitoring-method set winpcap
raw-sockets-addresses
The raw-sockets-addresses command allows you to set the monitored raw sockets addresses.
The raw sockets addresses must be set if you want to use the raw sockets traffic monitoring method.
To get detailed help for the raw-sockets-addresses command, run the following command:
rdpguard-cli /smtp raw-sockets-addresses
The following output will be displayed:
To set the monitored raw sockets addresses, please use the following syntax:
rdpguard-cli /smtp raw-sockets-addresses set <addresses>
<addresses> - comma-separated list of addresses (* - all addresses)
To get the monitored raw sockets addresses, please use the following syntax:
rdpguard-cli /smtp raw-sockets-addresses get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored raw sockets addresses to all addresses, run the following command:
rdpguard-cli /smtp raw-sockets-addresses set *
pcap-adapter
The pcap-adapter command allows you to set the WinPcap adapter for monitoring.
Pcap adapter must be set if you want to use the WinPcap traffic monitoring method.
To get detailed help for the pcap-adapter command, run the following command:
rdpguard-cli /smtp pcap-adapter
The following output will be displayed:
To set the WinPcap adapter for monitoring, please use the following syntax:
rdpguard-cli /smtp pcap-adapter set <adapter-id>
<adapter-id> - WinPcap adapter id (use the /pcap adapters to get one)
To get the WinPcap adapter for monitoring, please use the following syntax:
rdpguard-cli /smtp pcap-adapter get
RdpGuard Service restart is required for these changes to take effect
For example, to set the WinPcap adapter for monitoring
to rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}, run the following command:
rdpguard-cli /smtp pcap-adapter set rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}
ports
The ports command allows you to set the monitored ports.
To get detailed help for the ports command, run the following command:
rdpguard-cli /smtp ports
The following output will be displayed:
To set the monitored ports, please use the following syntax:
rdpguard-cli /smtp ports set <ports>
<ports> - one or multiple ports, comma-separated
To get the monitored ports, please use the following syntax:
rdpguard-cli /smtp ports get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored ports to 25, run the following command:
rdpguard-cli /smtp ports set 25
get
The get command allows you to get the current SMTP protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /smtp get
The following output will be displayed:
enabled : on
monitoring-method : logs
server : hMailServer
logs : C:\Temp\hmailserver
traffic-monitoring-method: rawsockets
raw-sockets-addresses : *
pcap-adapter :
ports : 25
advanced-settings : failed-web-admin,failed-web-mail,username-enum,relay-attempts,spam-attacks,dns-blacklisted,no-reverse-dns
set
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /smtp set
The following output will be displayed:
To set engine settings in bulk, please use the following syntax:
rdpguard-cli /smtp set <setting=value>,<setting=value>,..
advanced-settings
The advanced-settings command allows you to set advanced SMTP protection settings.
To get detailed help for the advanced-settings command, run the following command:
rdpguard-cli /smtp advanced-settings
The following output will be displayed:
To set advanced SMTP protection settings, please use the following syntax:
rdpguard-cli /smtp advanced-settings set <settings>
<settings> - comma-separated list of advanced settings:
failed-web-admin : Failed web admin logins
failed-web-mail : Failed web mail logins
username-enum : Username enumeration attempts
relay-attempts : Relay attempts
spam-attacks : Spam attacks
dns-blacklisted : DNS blacklisted IPs
no-reverse-dns : No reverse DNS entries
To get the advanced SMTP protection settings, please use the following syntax:
rdpguard-cli /smtp advanced-settings get
RdpGuard Service restart is required for these changes to take effect
For example, to set the advanced settings to monitor failed web admin logins and spam attacks, run the following command:
rdpguard-cli /smtp advanced-settings set failed-web-admin,spam-attacks
MySQL Object
The mysql object allows you to manage MySQL protection settings.
To get detailed help for the mysql object, run the following command:
rdpguard-cli /mysql
The following output will be displayed:
Available commands:
enabled
log-type
config-location
general-log-location
get
set
To get detailed help for an each command please use:
rdpguard-cli /mysql <command>
enabled
The enabled command allows you to enable or disable the MySQL protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /mysql enabled
The following output will be displayed:
To set the engine Enabled status, please use the following syntax:
rdpguard-cli /mysql enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status, please use the following syntax:
rdpguard-cli /mysql enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the MySQL protection engine, run the following command:
rdpguard-cli /mysql enabled set on
log-type
The log-type command allows you to set the MySQL log type.
To get detailed help for the log-type command, run the following command:
rdpguard-cli /mysql log-type
The following output will be displayed:
To set the MySQL log type, please use the following syntax:
rdpguard-cli /mysql log-type set <log-type>
<log-type> - application, general
To get the MySQL log type, please use the following syntax:
rdpguard-cli /mysql log-type get
RdpGuard Service restart is required for these changes to take effect
For example, to set the MySQL log type to application, run the following command:
rdpguard-cli /mysql log-type set application
config-location
The config-location command allows you to set the MySQL config location.
To get detailed help for the config-location command, run the following command:
rdpguard-cli /mysql config-location
The following output will be displayed:
To set the MySQL config location, please use the following syntax:
rdpguard-cli /mysql config-location set <location>
<location> - the location of MySQL configuration file
specify "auto" to automatically detect the location
To get the MySQL config location, please use the following syntax:
rdpguard-cli /mysql config-location get
RdpGuard Service restart is required for these changes to take effect
For example, to set the MySQL config location to C:\MySql, run the following command:
rdpguard-cli /mysql config-location set C:\MySql
general-log-location
The general-log-location command allows you to set the MySQL general log file location.
To get detailed help for the general-log-location command, run the following command:
rdpguard-cli /mysql general-log-location
The following output will be displayed:
To set the MySQL general log file location, please use the following syntax:
rdpguard-cli /mysql general-log-location set <location>
<location> - the location of MySQL general log file
specify "auto" to automatically detect the location
To get the MySQL general log file location, please use the following syntax:
rdpguard-cli /mysql general-log-location get
RdpGuard Service restart is required for these changes to take effect
For example, to set the MySQL general log file location to auto, run the following command:
rdpguard-cli /mysql general-log-location set auto
get
The get command allows you to get the current MySQL protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /mysql get
The following output will be displayed:
enabled : off
log-type : Application
config-location : C:\Temp
general-log-location: auto
set
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /mysql set
The following output will be displayed:
To set engine settings in bulk, please use the following syntax:
rdpguard-cli /mysql set <setting=value>,<setting=value>,..
MSSQL Object
The mssql object allows you to manage MSSQL protection settings.
To get detailed help for the mssql object, run the following command:
rdpguard-cli /mssql
The following output will be displayed:
Available commands:
enabled
events
18456-exclusions
get
set
To get detailed help for an each command please use:
rdpguard-cli /mssql <command>
enabled
The enabled command allows you to enable or disable the MSSQL protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /mssql enabled
The following output will be displayed:
To set the engine Enabled status, please use the following syntax:
rdpguard-cli /mssql enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status, please use the following syntax:
rdpguard-cli /mssql enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the MSSQL protection engine, run the following command:
rdpguard-cli /mssql enabled set on
events
The events command allows you to set the events to monitor.
To get detailed help for the events command, run the following command:
rdpguard-cli /mssql events
The following output will be displayed:
To set the events to monitor, please use the following syntax:
rdpguard-cli /mssql events set <ids>
<ids> - comma-separated list of event IDs to monitor
supported IDs are: 18456, 17832, 17836
To get the events to monitor, please use the following syntax:
rdpguard-cli /mssql events get
RdpGuard Service restart is required for these changes to take effect
For example, to set the events to monitor to 18456, 17832, and 17836, run the following command:
rdpguard-cli /mssql events set 18456,17832,17836
18456-exclusions
The 18456-exclusions command allows you to set the exclusions for event ID 18456.
To get detailed help for the 18456-exclusions command, run the following command:
rdpguard-cli /mssql 18456-exclusions
The following output will be displayed:
To set the exclusions for event ID 18456, please use the following syntax:
rdpguard-cli /mssql 18456-exclusions set <exclusions>
<exclusions> - comma-separated list of exclusions for event ID 18456
event is skipped if the Reason field contains any of the exclusion patterns
To get the exclusions for event ID 18456, please use the following syntax:
rdpguard-cli /mssql 18456-exclusions get
RdpGuard Service restart is required for these changes to take effect
For example, to set the exclusions for event ID 18456, run the following command:
rdpguard-cli /mssql 18456-exclusions set exclusion1,exclusion2
get
The get command allows you to get the current MSSQL protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /mssql get
The following output will be displayed:
enabled : off
events : 18456,17832,17836
18456-exclusions:
set
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /mssql set
The following output will be displayed:
To set engine settings in bulk, please use the following syntax:
rdpguard-cli /mssql set <setting=value>,<setting=value>,..
SIP Object
The sip object allows you to manage SIP protection settings.
To get detailed help for the sip object, run the following command:
rdpguard-cli /sip
The following output will be displayed:
Available commands:
enabled
traffic-monitoring-method
raw-sockets-addresses
pcap-adapter
ports
get
set
To get detailed help for an each command please use:
rdpguard-cli /sip <command>
enabled
The enabled command allows you to enable or disable the
SIP protection
engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /sip enabled
The following output will be displayed:
To set the engine Enabled status, please use the following syntax:
rdpguard-cli /sip enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status, please use the following syntax:
rdpguard-cli /sip enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the SIP protection engine, run the following command:
rdpguard-cli /sip enabled set on
traffic-monitoring-method
The traffic-monitoring-method command allows you to set the engine traffic monitoring method.
To get detailed help for the traffic-monitoring-method command, run the following command:
rdpguard-cli /sip traffic-monitoring-method
The following output will be displayed:
To set the engine traffic monitoring method, please use the following syntax:
rdpguard-cli /sip traffic-monitoring-method set <method>
<method> - engine traffic monitoring method: winpcap, rawsockets
To get the engine traffic monitoring method, please use the following syntax:
rdpguard-cli /sip traffic-monitoring-method get
RdpGuard Service restart is required for these changes to take effect
For example, to set the engine traffic monitoring method to WinPcap, run the following command:
rdpguard-cli /sip traffic-monitoring-method set winpcap
raw-sockets-addresses
The raw-sockets-addresses command allows you to set the monitored raw sockets addresses.
The raw sockets addresses must be set if you want to use the raw sockets traffic monitoring method.
To get detailed help for the raw-sockets-addresses command, run the following command:
rdpguard-cli /sip raw-sockets-addresses
The following output will be displayed:
To set the monitored raw sockets addresses, please use the following syntax:
rdpguard-cli /sip raw-sockets-addresses set <addresses>
<addresses> - comma-separated list of addresses (* - all addresses)
To get the monitored raw sockets addresses, please use the following syntax:
rdpguard-cli /sip raw-sockets-addresses get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored raw sockets addresses to all addresses, run the following command:
rdpguard-cli /sip raw-sockets-addresses set *
pcap-adapter
The pcap-adapter command allows you to set the WinPcap adapter for monitoring.
Pcap adapter must be set if you want to use the WinPcap traffic monitoring method.
To get detailed help for the pcap-adapter command, run the following command:
rdpguard-cli /sip pcap-adapter
The following output will be displayed:
To set the WinPcap adapter for monitoring, please use the following syntax:
rdpguard-cli /sip pcap-adapter set <adapter-id>
<adapter-id> - WinPcap adapter id (use the /pcap adapters to get one)
To get the WinPcap adapter for monitoring, please use the following syntax:
rdpguard-cli /sip pcap-adapter get
RdpGuard Service restart is required for these changes to take effect
For example, to set the WinPcap adapter for monitoring
to rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}, run the following command:
rdpguard-cli /sip pcap-adapter set rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}
ports
The ports command allows you to set the monitored ports.
To get detailed help for the ports command, run the following command:
rdpguard-cli /sip ports
The following output will be displayed:
To set the monitored ports, please use the following syntax:
rdpguard-cli /sip ports set <ports>
<ports> - one or multiple ports, comma-separated
To get the monitored ports, please use the following syntax:
rdpguard-cli /sip ports get
RdpGuard Service restart is required for these changes to take effect
For example, to set the monitored ports to 5060, run the following command:
rdpguard-cli /sip ports set 5060
get
The get command allows you to get the current SIP protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /sip get
The following output will be displayed:
enabled : off
traffic-monitoring-method: winpcap
raw-sockets-addresses : *
pcap-adapter : rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}
ports : 5060
set
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /sip set
The following output will be displayed:
To set engine settings in bulk, please use the following syntax:
rdpguard-cli /sip set <setting=value>,<setting=value>,..
The webforms object allows you to manage ASP.NET web forms protection settings.
To get detailed help for the webforms object, run the following command:
rdpguard-cli /webforms
The following output will be displayed:
Available commands:
enabled
rules
get
set
To get detailed help for an each command please use:
rdpguard-cli /webforms <command>
The enabled command allows you to enable or disable the ASP.NET web forms protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /webforms enabled
The following output will be displayed:
To set the engine Enabled status, please use the following syntax:
rdpguard-cli /webforms enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status, please use the following syntax:
rdpguard-cli /webforms enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the WebForms protection engine, run the following command:
rdpguard-cli /webforms enabled set on
The rules command allows you to set the detection rules.
To get detailed help for the rules command, run the following command:
rdpguard-cli /webforms rules
The following output will be displayed:
To set the detection rules, please use the following syntax:
rdpguard-cli /webforms rules set <rules>
<rules> - webforms detection rules
To get the detection rules, please use the following syntax:
rdpguard-cli /webforms rules get
RdpGuard Service restart is required for these changes to take effect
For example, to set the detection rules, run the following command:
rdpguard-cli /webforms rules set EventData1=3003,EventData18=HttpRequestValidationException\r\nEventData1=3005,EventData18=HttpException,EventData19=*ValidateInputIfRequiredByConfig*
Please note, new line characters \r\n are used to separate the rules.
The get command allows you to get the current WebForms protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /webforms get
The following output will be displayed:
enabled: off
rules :
EventData1=3003,EventData18=HttpRequestValidationException
EventData1=3005,EventData18=HttpException,EventData19=*ValidateInputIfRequiredByConfig*
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /webforms set
The following output will be displayed:
To set engine settings in bulk, please use the following syntax:
rdpguard-cli /webforms set <setting=value>,<setting=value>,..
RDWeb Object
The rdweb object allows you to manage RDWeb protection settings.
To get detailed help for the rdweb object, run the following command:
rdpguard-cli /rdweb
The following output will be displayed:
Available commands:
enabled
log-location
use-x-forwarded-for-field
get
set
To get detailed help for an each command please use:
rdpguard-cli /rdweb <command>
enabled
The enabled command allows you to enable or disable the RDWeb protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /rdweb enabled
The following output will be displayed:
To set the engine Enabled status, please use the following syntax:
rdpguard-cli /rdweb enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status, please use the following syntax:
rdpguard-cli /rdweb enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the RDWeb protection engine, run the following command:
rdpguard-cli /rdweb enabled set on
log-location
The log-location command allows you to set the IIS log files location for RDWeb.
To get detailed help for the log-location command, run the following command:
rdpguard-cli /rdweb log-location
The following output will be displayed:
To set the IIS log files location, please use the following syntax:
rdpguard-cli /rdweb log-location set <location>
<location> - the location of RD Web Access website log files
use 'auto' to automatically discover the log files location
To get the IIS log files location, please use the following syntax:
rdpguard-cli /rdweb log-location get
RdpGuard Service restart is required for these changes to take effect
For example, to set the log files location to 'auto', run the following command:
rdpguard-cli /rdweb log-location set auto
use-x-forwarded-for-field
The use-x-forwarded-for-field command allows you to set the Use X-Forwarded-For Field flag.
To get detailed help for the use-x-forwarded-for-field command, run the following command:
rdpguard-cli /rdweb use-x-forwarded-for-field
The following output will be displayed:
To set the Use X-Forwarded-For Field flag, please use the following syntax:
rdpguard-cli /rdweb use-x-forwarded-for-field set <on|off>
<on|off> - on to use the X-Forwarded-For Field to read client IP address and off otherwise
DO NOT ENABLE THIS OPTION UNLESS YOU ARE HOSTING YOUR RD-WEB ACCESS WEBSITE BEHIND A PROXY
To get the Use X-Forwarded-For Field flag status, please use the following syntax:
rdpguard-cli /rdweb use-x-forwarded-for-field get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the Use X-Forwarded-For Field feature, please run the following command:
rdpguard-cli /rdweb use-x-forwarded-for-field set on
get
The get command allows you to get the current RDWeb protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /rdweb get
The following output will be displayed:
enabled : on
log-location : auto
use-x-forwarded-for-field : off
set
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /rdweb set
The following output will be displayed:
To set engine settings in bulk, please use the following syntax:
rdpguard-cli /rdweb set <setting=value>,<setting=value>,..
MSVPN Object
The msvpn object allows you to manage MSVPN protection settings.
To get detailed help for the msvpn object, run the following command:
rdpguard-cli /msvpn
The following output will be displayed:
Available commands:
enabled
get
set
To get detailed help for an each command please use:
rdpguard-cli /msvpn <command>
enabled
The enabled command allows you to enable or disable the MSVPN protection engine.
To get detailed help for the enabled command, run the following command:
rdpguard-cli /msvpn enabled
The following output will be displayed:
To set the engine Enabled status, please use the following syntax:
rdpguard-cli /msvpn enabled set <on|off>
<on|off> - on to enable engine and off otherwise
To get the engine Enabled status, please use the following syntax:
rdpguard-cli /msvpn enabled get
RdpGuard Service restart is required for these changes to take effect
For example, to enable the MSVPN protection engine, run the following command:
rdpguard-cli /msvpn enabled set on
get
The get command allows you to get the current MSVPN protection settings.
To get detailed help for the get command, run the following command:
rdpguard-cli /msvpn get
The following output will be displayed:
enabled: off
set
The set command allows you to set engine settings in bulk.
To get detailed help for the set command, run the following command:
rdpguard-cli /msvpn set
The following output will be displayed:
To set engine settings in bulk, please use the following syntax:
rdpguard-cli /msvpn set <setting=value>,<setting=value>,..
|
