# phpIPAM

#### Introduction

phpIPAM - Open source IP address management.

phpipam is an open-source web IP address management application (IPAM). Its goal is to provide light, modern and useful IP address management. It is php-based application with MySQL database backend, using jQuery libraries, ajax and HTML5/CSS3 features.

URLs:

- Home: [https://phpipam.net/](https://phpipam.net/)
- API: [https://phpipam.net/api/api\_documentation/](https://phpipam.net/api/api_documentation/)
- Github: [https://github.com/phpipam/](https://github.com/phpipam/)

#### Installation

- [https://phpipam.net/documents/installation/](https://phpipam.net/documents/installation/)

##### Requirements

1. Apache2 webserver with php support or Nginx with php-fpm
2. Mysql server (5.1+)
3. PHP: 
    - version 5.3 supported to phpipam version 1.3.1
    - version 5.4
    - version 7.2 and higher supported from phpipam release 1.3.2
4. PHP modules: 
    - pdo, pdo\_mysql : Adds support for mysql connections
    - session : Adds persistent session support
    - sockets : Adds sockets support
    - openssl : Adds openSSL support
    - gmp : Adds support for dev-libs/gmp (GNU MP library) -> to calculate IPv6 networks
    - ldap : Adds LDAP support (Lightweight Directory Access Protocol – for AD also)
    - crypt : Add support for password encryption
    - SimpleXML: Support for SimpleXML (optional, for RIPE queries and if required for API)
    - json: Enable JSON support
    - gettext: Enables translation
    - filter : Adds filtering support
    - pcntl : Add support for process creation functions (optional, required for scanning)
    - cli : Enable CLI (optional, required for scanning and status checks)
    - mbstring : Enable mbstring support
5. php PEAR support

You can check which php modules are enabled by issuing `php -m` in command line.

#### API Develop

##### Enable API and Create new API Key (code)  


By default, the API is Disabled, go to Enable it first.

IPAM Web > Administration > Server management > phpIPAM settings > API: ON

IPAM Web > Administration > API > Create API Key

- App id: devappro (自定義 app 名稱，建議不同的 APP 使用不同的 app\_id)
- App code: <系統自動產生一組密鑰>
- App permissions: Read (依實際需求選擇)
- App security: User token (如果連線協定不想用 HTTPS，這裡必須是 User token)
- Transaction locking: No
- Lock timeout: 0
- Nest custom fields: No
- Show links: No

> NOTE:
> 
> 如果 App security 是 User token，表示 API 連線協定使用不加密的 HTTP，這時系統會提示需要變更 `config.php` 的參數。
> 
> $api\_allow\_unsafe = true;

##### API Test with curl  


API 使用注意

1. 第一次連線，需要先登入 IPAM 的帳號/密碼並取得一組 Token，預設有效期是 6 小時。
2. 每次連線 API 時，必須在 header 內包含一組有效的 Token，才能通過認證；否則會顯示 *Unauthorized*。
3. 先前建立的 API Key 與 第一項的 Token 兩個是不一樣的東西，用途也不同。基本上 API Client 開發只會用到 Token。
4. Token 一旦超過有效期，有兩種做法可以繼續 API 連線。 
    - 延展已過期的 Token。
    - 以帳密重新取得新的 Token。(注意: 原 Token 將會永久失效)

以帳號取得一組 token: /api/{app\_id}/user/

TIP: 相同語法也能用在驗證特定帳密是否有效。

```
#> curl -X POST --user admin:thisispassword http://10.10.2.207/api/devappro/user/ -i

HTTP/1.1 200 OK
Date: Wed, 15 Jun 2022 05:40:01 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Set-Cookie: phpipam=ttm3cg1ctpq1vqn2lv1rht3kl1; expires=Thu, 16-Jun-2022 05:40:01 GMT; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 116
Content-Type: application/json; charset=utf-8

{"code":200,"success":true,"data":{"token":"7dMGzul08SsPMhDDOK-oZdBk","expires":"2022-06-15 19:40:01"},"time":0.009}
```

查詢 token 的有效期: /api/{app\_id}/user/token\_expires/

```
#> curl -X GET http://10.10.2.207/api/devappro/user/token_expires/ --header "token: 7dMGzul08SsPMhDDOK-oZdBk"
{"code":200,"success":true,"data":{"expires":"2022-06-15 19:44:31"},"time":0.002}
```

延展 token 有效期: /api/{app\_id}/user/

TIP: 每次延展會以 6 小時為限，多次延展也不會超過 6 小時

```
curl -X PATCH http://10.10.2.207/api/devappro/user/ --header "token: 7dMGzul08SsPMhDDOK-oZdBk"
{"code":200,"success":true,"data":{"expires":"2022-06-15 21:11:37"},"time":0.004}
```

以 IP 搜尋資料庫: /api/{app\_id}//addresses/search/{ip-address}/

```
# IP is existed.
curl -X GET http://10.10.2.207/api/devappro/addresses/search/10.10.1.8 --header "token: 7dMGzul08SsPMhDDOK-oZdBk"
{"code":200,"success":true,"data":[{"id":"271","subnetId":"22","ip":"10.10.1.8","is_gateway":null,"description":"FAB A-VM Server-VM05","hostname":"TPECIMVM05","mac":null,"owner":null,"tag":"2","deviceId":null,"location":"3","port":null,"note":null,"lastSeen":"2022-06-15 13:30:01","excludePing":null,"PTRignore":null,"PTR":"0","firewallAddressObject":null,"editDate":"2022-06-15 13:30:10","customer_id":null}],"time":0.017}

# IP not found
curl -X GET http://10.10.2.207/api/devappro/addresses/search/10.10.1.7 --header "token: 7dMGzul08SsPMhDDOK-oZdBk"
{"code":200,"success":false,"message":"Address not found","time":0.007}
```

#### 延伸閱讀  


- Perl5 Interface: [https://github.com/natxo/phpipam-API](https://github.com/natxo/phpipam-API)
- [11 Best IP Address Management Tools for Linux Network](https://www.tecmint.com/ip-address-management-tools-for-linux/)

##### NextBox Community

NetBox Community 開放原始碼 IPAM 平台，有非常豐富的功能，適合企業中大型網路管理。

- GitHub: [https://github.com/netbox-community/netbox](https://github.com/netbox-community/netbox)
- Wiki: [https://github.com/netbox-community/netbox/wiki/Community-Contributions](https://github.com/netbox-community/netbox/wiki/Community-Contributions)
- Doc: [https://deepwiki.com/netbox-community/netbox/1-netbox-overview](https://deepwiki.com/netbox-community/netbox/1-netbox-overview)
- Doc2: [https://netboxlabs.com/docs/netbox/installation/](https://netboxlabs.com/docs/netbox/installation/)