no way to compare when less than two revisions

Differences

This shows you the differences between two versions of the page.

@@ Line 1: / Line 1: @@
+====== 1. Proxysmart manual [v2]. ======
+===== 1.1. The goal of the software.  =====
+The software allows running your own 4g/5g mobile proxy infrastructure.
+Functions:
+  * IP resets on modems (+ automatic rotation + checking IP uniqueness)
+  * WebApp for checking statuses of the modems, for creating users and ports, IP rotations
+  * WEB API for all actions
+  * Bandwidth quotas and Speed limits per proxy
+  * Exposing proxy ports, so they are available from world wide
+  * OS TCP normalization, aligns the TCP/IP stack signature with the client's actual operating system
+  * Proxy ACLs (what to allow/deny to proxy users) - blacklists
+  * Openvpn integration,  client-to-proxy tunneling
+  * Socks5 supports UDP and QUIC (HTTP/3.0)
+  * No leaks
+  * Native DNS from mobile carriers
+  * Large set of supported  carrier-authorised IoT modules (Quectel, Sierra Wireless), operator-branded routers, and industrial USB modems.
+Concept:
+  * A Modem is a device that connects to a mobile carrier
+  * A Port is a proxy (SOCKS5 + HTTP) + Openvpn profile, built on a modem
+  * Create multiple Ports on a Modem
+  * Each Port has its own settings
+===== 1.2. Architecture  =====
+  * Onsite: box with Ubuntu, USB hub and modems
+  * Remote: VPS with proxy ports (optional)
+** Online services are used: **
+  * IP checker - ''http:%%//%%ip.tanatos.org/ip.php'' which is simple PHP script that returns visitor’s IP. It is used to detect whether a modem is really online. Can be replaced with one of ''https:%%//%%ifconfig.co'' or similar, but I was not happy with their reliabiality, they are down sometimes. It is set in **WebApp->Global_settings**
+  * URL that is latency on modems measured with. Defined as ''COLLECTD_PINGER_HOSTNAME'' , default is ''t.co''
+===== 1.3. Configuration. =====
+Variables are set in the **WebApp->Global_settings** and in ''%%/etc/proxysmart/conf.txt%%''.
+Each variable has brief description in place.
+===== 1.4. Mongodb integration =====
+** Mongodb Schema **
+Mongodb contains 2 collections:  ''modems'' and ''ports''.
+  * **modems** collection.
+It contains real modems, array of associative arrays, take allowed fields in ''store_modem'' API call.
+  * **ports** collection
+It contains proxy ports given to the users. Each port is connected to a modem by the IMEI key. So you can attach 1 or more ports to a modem. It is array of associative arrays, take allowed fields in ''store_port'' API call.
+** MongoDB Configuration **
+MongoDB URI is defined in ''%%/etc/proxysmart/conf.txt%%'' :
+    * ''%%MONGODB_URI="mongodb://proxysmart2:[email protected]:27017/proxysmart?readPreference=primary&ssl=false"%%''
+If you want to use other Mongodb collection names instead of ''modems'' and ''ports'' , define them in ''%%/etc/proxysmart/conf.txt%%'' :
+    * ''MONGODB_MODEMS_COLLECTION=modemsNEW''
+    * ''MONGODB_PORTS_COLLECTION=portsNEW''
+after changes:
+    * ''systemctl restart proxysmart''
+    * ''proxysmart.sh reset_complete''
+** Moving Mongodb to other server **
+Sometimes you want to move Mongodb to a cloud server.
+  * update ''%%MONGODB_URI%%'' to new Mongodb URI in ''%%/etc/proxysmart/conf.txt%%''
+  * ''%%systemctl restart proxysmart%%''
+  * ''%%proxysmart.sh reset_complete%%''
+===== 1.5. Multishop =====
+It is useful for those who want to sell proxies to multiple **proxy shops**.
+When shops are granted access to the server, they receive full admin-level permissions, which allows them to see and interact with modems and proxies belonging to other shops. This poses both security and operational concerns.
+The Multishop system allows a single server to be safely and efficiently rented out to multiple proxy shops. Each shop can sell proxies independently, with access and visibility restricted to their own resources. Key improvements include:
+  * **Controlled access**: Shops only see their assigned modems and available (free) modems.
+  * **Scoped permissions**: Shops can only perform modem- and port-related actions on modems they are authorized to use.
+  * **On-demand usage**: Shops should create ports only when an order is received and release the modem when the order expires.
+  * **Usage tracking**: The system tracks how long each modem is used by each shop, enabling better resource management and billing.
+Prerequisites:
+  * Proxysmart  v2.4+
+  * 'Extended' license
+How to get it working?
+  * Buy Extended license, issue Extended license to the server
+  * create SHOPS: WebApp->Edit modems and ports -> Shops section.
+  * send the SHOPS access to the server.
+  * let the SHOPS create proxy ports.
+Each SHOP can:
+  * log in the WebApp
+  * create proxy ports on free modems (a modem is then marked as belonging to the shop).
+  * delete their proxy ports (a modem is then marked as free).
+  * review their usage of proxy ports.
+  * Operations with proxy ports can be done in the WebApp or by WEB API (with the SHOP' credentials).
+Admin can:
+  * create/delete SHOPS accounts
+  * track usage of each SHOP. Usage is of 2 types: 1. bandwidth consumed. 2. The Modems*hours number.
+====== 2. Installation ======
+===== 2.1. Initial installation =====
+Supported OS and Architectures:
+  * PC / Mini-PC / Laptop: https://ubuntu.com/download , Choose Server or Desktop, version: 24.04, 22.04
+  * Raspberry PI : https://ubuntu.com/download/raspberry-pi , Choose Ubuntu Server 64bit, version: 22.04, 24.04
+Armhf (arm 32 bit) doesn’t have Mongodb support!
+Install a fresh OS.
+Unplug any USB modems.
+<code>
+curl https://proxysmart.org/install-v2 | bash
+</code>
+Reboot or run ''%%proxysmart.sh reset_complete%%''.
+After that either enjoy the Demo version at ''http:%%//%%localhost:8080'' or check License section.
+++++ **Rockpi Notes** |
+If LOGRAM is enabled ( a folder /var/log.hdd exists). Disable logging:
+  * mongodb, edit ''%%/etc/mongodb.conf%%'', comment ''%%logpath%%'' directive.
+++++
+===== 2.2. Adding modems =====
+  * Read the section ''Adding modems'' of this manual.
+  * Plug in all modems you have,
+  * Navigate to the WebApp ( ''http:%%//%%localhost:8080'' or ''http:%%//%%your_box_lan_IP_address:8080/'' , proxy / proxy )
+  * Wait ~20 sec to let them initialize.
+  * For each modem, click "Add modem", assign a Nickname.
+  * For each modem, create proxy ports instead of "random" ports.
+  * Reboot and  wait 1 minute
+  * Navigate to the WebApp and make sure the WebApp shows the modems.
+===== 2.3. Forwarding proxies ports =====
+Why? In order to make proxy ports available for all users around the world.
+** Basic info on forwarding ports **
+You have 2 methods of forwarding ports :
+  * either forward them through a VPS
+  * or forward them through your own LAN router.
+Which to choose?
+If these conditions are met:
+  * you have static fiber IP onsite.
+  * and ISP allows incoming connections to that static IP
+  * and Upload and Download of fiber Internet is at least 40 Mbps.
+  * you don't need UDP in Socks5
+.. then choose port forwarding through your LAN router. Otherwise, choose port forwarding through a VPS.
+===== 2.4. Forwarding proxies ports through a VPS. =====
+The VPS server can be a cheap DigitalOcean / Linode / Vultr VPS or similar.
+It should have:
+  * Location: as close as possible to the local server  ( for lowest ping ).
+  * Static IPv4, so clouds like GCP / AWS / Azure / AliBabaCloud won't work (they have NAT'ed v4 IP).
+  * OS: fresh Ubuntu 22.04 / 24.04
+  * For 1-10    modems: CPU: 1, RAM:1GB
+  * For 11-39   modems: CPU: 2, RAM:2GB
+  * For 40-100 modems: CPU: 2, RAM:4GB
+== On Proxysmart multi modem server ==
+Go to the WebApp , copy content of the SSH public key from the bottom of the page. We will refer to it as **PUBKEY** below.
+Also it is stored on disk as ''%%/root/.ssh/fwd.pub%%''
+== On VPS ==
+Check if your VPS has no firewall. Disable it if it has – Both inside Linux OS and in hoster panel.
+Install & run Ansible.
+<code>
+apt update && apt install git ansible -y
+cd ~/
+git clone https://github.com/proxysmart/proxysmart-vps.git
+cd proxysmart-vps
+</code>
+copy template to ''vars.txt''. If it exists already, don't overwrite it.
+<code>
+cp -i vars.txt.example vars.txt
+</code>
+edit the file ''vars.txt''
+<code>
+nano vars.txt
+</code>
+Replace ''PUBKEY'' with the **PUBKEY** . Save the file by pressing ''Control O'' and exit the editor by pressing ''Control x'' .
+Run Ansible:
+<code>
+ansible-playbook proxysmart-vps.yml
+</code>
+done.
+== On Proxysmart multi modem server ==
+in **WebApp->Global_Settings**:
+  * set ''%%VPS%%'' variable to the VPS IP.
+  * set ''%%PROXY_PORTS_FORWARDER_ENABLE%%'' On.
+  * Pick a port for ''SSH_REMOTE_PORT'', in most cases 6001 is fine. The port (TCP) has to be free on the VPS
+  * Pick a port for ''WEB_REMOTE_PORT'', in most cases 7001 is fine. The port (TCP) has to be free on the VPS
+  * Pick a port for ''OPENVPN_SERVER_PORT'', in most cases 1501 is fine. The port (TCP+UDP) has to be free on the VPS.
+  * set ''%%VPS_SOCKS5_SERVER%%'' to scheme with authentication on VPS e.g. ''%%socks5://px:[email protected]:2323%%'' where ''3.3.3.3'' is a VPS IP.
+  * Click SAVE
+Run ''%%proxysmart.sh reset_complete%%''
+== On VPS ==
+issue the command ''%%ss -tnlp%%'' and you will see proxy ports are bound with ''%%sshd%%'' daemon. That means the ports are forwarded.
+== On your private desktop or any other PC  ==
+  * visit ''%%http://vps_ip:7001%%'' for the WebApp
+  * you can ssh to VPS IP and port 6001, and that goes to the multi-modem-server:22.
+=== Cloud VPS IP change ===
+If Cloud VPS IP is changed, update it on multi-modem-server side by defining new ''%%VPS%%'' variable in **WebApp->Global_settings** and rerun ''%%proxysmart.sh reset_complete%%'' there (or reboot).
+===== 2.5. Forwarding ports through your own LAN router. =====
+**Steps**
+Consult with documentation of your LAN router. Forward these ports from ISP IP address to the LAN IP of proxysmart server:
+  * TCP 8001-8999 for HTTP proxies
+  * TCP 5001-5999 for SOCKS5 proxies
+  * TCP 8080 for the WebApp , will be used in 'REWRITE_WEBAPP_TO'
+  * TCP 1194 for Openvpn (if it is working in TCP mode) , will be used for OPENVPN_SERVER_PORT
+  * UDP 1194 for Openvpn (if it is working in UDP mode) , will be used for OPENVPN_SERVER_PORT
+  * TCP 443  for Xray (makes sense only if Xray support is activated)
+**Notes**
+ Set in  WebApp->GlobalSettings :
+  * PROXY_PORTS_FORWARDER_ENABLE   : Off
+  * REWRITE_WEBAPP_URL             : On
+  * REWRITE_WEBAPP_TO              : ''%%http://myrouter.com:8080%%''
+  * REWRITE_HOST_IN_PROXY_CREDS    : On
+  * REWRITE_HOST_IN_PROXY_CREDS_TO : ''myrouter.com''
+  * OPENVPN_SERVER_HOST            : ''myrouter.com''
+  * OPENVPN_SERVER_PORT            : 1194
+  * XRAY_REMOTE_PORT               : 443
+ Replace ''myrouter.com'' with your actual external Hostname or external IP addresss.
+  * click SAVE.
+Then finally reconfigure the system by running ''%%proxysmart.sh reset_complete%%'' .
+-----
+===== 2.6. Upgrade =====
+  * Current stable version is **v2.3**.
+  * Current development version is **v2.4**.
+==== 2.6.1. Upgrade from v2.3 to (current stable) v2.3  ====
+Run these commands:
+<code>
+curl https://proxysmart.org/install-v2.3 | bash
+</code>
+Reboot or run ''%%proxysmart.sh reset_complete%%''.
+===== 2.7.  Development version installation (v2.4) =====
+Why? To unlock new features that are not yet in the Main version.
+** v2.4 **
+<code>
+curl https://proxysmart.org/install-v2.4 | bash
+</code>
+Reboot or run ''%%proxysmart.sh reset_complete%%''.
+-----
+====== 3. Adding modems =======
+** Proxy credentials for new modems **
+When adding new modems, please use
+  * unique HTTP ports from 8001 to 8999,
+  * unique SOCKS ports from 5001 to 5999.
+  * unique nicknames like ''%%dongleXXX%%'' or whatever else. Don’t use nicknames like ''%%randomXXX%%'', that are assigned automatically.
+===== 3.1 Adding a new modem (USB) =====
+  * Remove PIN from the modem’s SIM card and plug in the modem into USB port or USB hub.
+  * Check whether your modem Web App (e.g. Huawei’s E8372 / E5xxx or ZTE MF79 or Alcatel MW4x ) requires authentication, and if it does, set its admin password to ''%%admin123%%''. Basically to the value of ''%%DEFAULT_HILINK_ADMIN_PASSWORD%%'' variable in ''WebApp->GlobalSettings'' . Otherwise many functions will not work, and its IMEI will be detected similarly to ''%%2-1.1.2%%''
+  * Plug in the modem.
+  * Wait ~5 minutes
+  * The modem will appear in the WebApp.
+  * Click ADD MODEM on it, assign a unique Nickname, click APPLY.
+  * Create Ports on the modem - click ADD PORT against the modem, assign a unique Port name, HTTP & SOCKS5 ports, Login and Password, then click APPLY.
+  * Refresh the WebApp, done!
+===== 3.2. Adding a LAN modem. =====
+**Prepare network configuration on the Proxysmart server**
+Prerequisites:
+    * A server with 2 network Ethernet cards (preferred), or a server with a Wifi card and an Ethernet card (less preferred).
+Goal:
+    * To have 2 network interfaces, one as an internet source ; second for accessing the modems (HUBS).
+Assume you have 2 LAN cards, e.g. **enp6s0** main LAN, **enp2s0** is dedicated for LAN modems:
+''%%nmcli con%%''
+<code>
+NAME                UUID                                  TYPE      DEVICE
+Wired connection 1  bbbee134-51c3-3830-801f-9636470e0708  ethernet  enp6s0
+Wired connection 2  000ed912-2d99-3f37-882b-d79ad13102e7  ethernet  enp2s0
+</code>
+  * Rename ''%%Wired connection 2%%'' -> ''%%HUBS%%''
+<code>
+nmcli con modify Wired\ connection\ 2 con-name HUBS
+</code>
+  * Disable DHCP and IPV6 on **HUBS** and assign static IPv4 address 192.168.10.100. Here a network 192.168.10.x is used, where modems will be added later (as 192.168.10.1, 192.168.10.2, 192.168.10.3 etc).
+<code>
+nmcli con modify HUBS ipv4.method manual ipv4.addresses 192.168.10.100/24 ipv6.method link-local ipv4.route-metric 300
+</code>
+<code>
+systemctl restart NetworkManager
+</code>
+Delete old route:
+<code>
+ip ro del default via 192.168.10.1
+</code>
+Confirm you have only 1 default route via main LAN, query with
+<code>
+ip ro
+</code>
+Output:
+<code>
+default via 192.168.1.1 dev enp6s0 proto static metric 100
+</code>
+**Add the modems**
+  * Remove PIN from the SIM card and power on the modem.
+  * Change the modem’s web admin password to something stored in WebApp->GlobalSettings as ''%%DEFAULT_HILINK_ADMIN_PASSWORD%%'' variable (default value: admin123 ).
+  * Change the modem’s IP to something unique e.g. ''%%192.168.10.10%%''
+  * Put the modem's **LAN** outlet into Ethernet switch together with the Proxysmart server.
+  * On the Proxysmart server make sure you can ping the new modem by its IP you set in previous step.
+  * Make sure ''%%LAN_MODEMS_ENABLE%%'' is enabled in WebApp->GlobalSettings.
+  * Add Lan modem in the Webapp->Edit_modems , scroll to the bottom, and add as ''lanmodem10''  , ''192.168.10.10'' .
+  * Either wait 5 minutes or run the command ''%%sudo proxysmart reset_gently%%'', it will find new modems.
+  * Refresh the proxysmart Web App and assign proxy logins and passwords to the new modems.
+===== 3.3. Adding an Android phone =====
+Main guide dedicated to adding Android Phones: [[v2:android|Android phones guide]]
+===== 3.4. Adding a virtual modem (backend proxy). =====
+A **virtual modem** is a in fact a redirect to a 3rd party proxy (HTTP or SOCKS5) so you can build own proxies based on that and resell them.
+They even can be rotated if the backend proxy supports it.
+How to add?
+Make sure ''BACKEND_PROXIES_ENABLE'' is enabled in **WebApp->Global_settings** .
+Add them the **Webapp->Edit_modems->Virtual modems**
+ , scroll to the bottom, and add each with the following fields
+    - **id** has to be in the form 'bproxy' + a number e.g. ''bproxy1'' or ''bproxy2''
+    - **creds** is a line with credentials of the backend proxy e.g. ''%%http://Mylogin:Mypassword@Server:3128%%'' or ''%%socks5://Mylogin:Mypassword@Server:1080%%''
+    - **ip_reset** is an optional parameter , the URL for triggering IP rotation of the backend proxy
+Click **SAVE**
+Then either wait 5 minutes or run the command ''%%sudo proxysmart reset_gently%%'', it will find new modems. Then , refresh the proxysmart Web App and assign proxy logins and passwords to the new modems.
+---------
+====== 3. CLI API ======
+===== 3.1. Maintenance =====
+==== 3.1.1. Full reconfiguration  ====
+Run
+<code>
+# proxysmart.sh reset_complete
+</code>
+==== 3.1.2. Report IP uniqueness  ====
+++++ JSON output.|
+<code>
+proxysmart.sh  unique_ips_json
+{
+  "DAYS": 14,
+  "MAX_REPEATS": 50,
+  "TOTAL_ROTATIONS": 7,
+  "UNIQUE_IPS": 7,
+  "NON_UNIQUE_IPS": 0,
+  "UNIQUE_IPS_PERCENT": 100,
+  "NON_UNIQUE_IPS_PERCENT": 0,
+  "TXT": "\nIP Uniqueness report:\n\nOf past 14 days.\nA Unique IP is an IP that was encountered less than 50 times during the reported period.\nTotal IP rotations on all devices: 7\nUnique IP rotations: 7 (100%)\nNon Unique IP rotations: 0 (0%)\n"
+}
+</code>
+++++
+++++TEXT output. |
+<code>
+# proxysmart.sh  unique_ips
+IP Uniqueness report:
+Of past 14 days.
+A Unique IP is an IP that was encountered less than 50 times during the reported period.
+Total IP rotations on all devices: 7
+Unique IP rotations: 7 (100%)
+Non Unique IP rotations: 0 (0%)
+</code>
+++++
+==== 3.1.3. Autofix the system   ====
+The command adds not added modems, also it is executed automatically by Cron every 5th minute.
+Run
+<code>
+# proxysmart.sh reset_gently
+</code>
+==== 3.1.4. Export and Import Backup  ====
+Exports backup to a file:
+<code>
+proxysmart.sh backup_export FILE
+</code>
+Imports backup from a file
+<code>
+proxysmart.sh backup_import FILE
+</code>
+==== 3.1.5. Report Shop usage   ====
+(only for Proxysmart v2.4+ with enabled Multishop feature)
+  * ''SHOP'' is a shop username
+  * ''PERIOD'' is day/yesterday/week/prevweek/month/prevmonth/lifetime
+<code>
+proxysmart.sh shop_report SHOP PERIOD
+</code>
+++++Output:|
+<code>
+{
+    "period": "day",
+    "usage": {
+        "modems_hours": 13.583333333333334,
+        "lease_periods": [
+            [
+                "2026-01-15 00:00:00",
+                "modem_940010000000002",
+                {
+                    "Window": [
+                        "00:00 15.01.2026",
+                        "13:35 15.01.2026"
+                    ]
+                },
+                "start"
+            ],
+            [
+                "2026-01-15 13:35:00",
+                "modem_940010000000002",
+                {
+                    "Window": [
+                        "00:00 15.01.2026",
+                        "13:35 15.01.2026"
+                    ]
+                },
+                "end"
+            ]
+        ],
+        "bw_in": 10043.0,
+        "bw_out": 11946.0,
+        "bw_total": 21989.0
+    }
+}
+</code>++++
+===== 3.2. Modems Actions =====
+==== 3.2.1. reset IP on a modem  ====
+Args: IMEI or NICKNAME.
+JSON output:
+<code>
+# proxysmart.sh   reset_modem_by_imei    899999999999999
+# proxysmart.sh   reset_modem_by_imei    Dongle222
+</code>
+++++ Output:|
+<code>
+{
+   "message" : "external ip changed from 46.216.188.74 to 46.216.113.63",
+   "ext_ip" : "46.216.113.63",
+   "result" : "success",
+   "debug" : "= lock acquired on DEV modem0,= resetting DEV modem0 ..."
+}
+</code>++++
+Plain text output:
+<code>
+# proxysmart.sh  reset_quick_nick  899999999999999
+# proxysmart.sh  reset_quick_nick  Dongle222
+</code>
+++++Output:|
+<code>
+= lock acquired on DEV modem93
+= resetting NICK Client5 DEV modem93 local IP 192.168.0.100 N 93 GW 192.168.0.1 IMEI 359999999999999
+= external IP is 46.56.178.172
+=stopping redirector N 93
+...
+=DNS test attempt 2/7 to DNS server 1.1.1.1
+Checking/setting forced routing config (skip with /etc/proxysmart/altnetworking.sh -s ...)
+Applying net_cls class identifier 0x0010093 to cgroup cgproxy93
+Unset reverse path filtering for interface "all"
+Unset reverse path filtering for interface "modem93"
+DNS OK - 0.092 seconds response time
+= passed
+= restarting proxy@93 to definitely drop old connections..
+= starting redirector N 93
+=now detect EXT_IP
+= external IP is 46.56.181.222
+= purging old MTU rules from Iptables for modem N=93
+deleted rule 9 from mangle/OUTPUT
+= purging old MTU rules from Iptables for modem N=93
+= adding MTU rules to Iptables for modem N=93 MTU=1400 MSS=1360
+==save report:
+start_time=2022-05-29@21:14:43 end_time=2022-05-29@21:15:13
+    total_time=27 old_ip=46.56.178.172        new_ip=46.56.181.222 target_mode=auto
+= lock released on DEV modem93
+</code>++++
+==== 3.2.2. Reset a modem via USB  ====
+Can accept DEV name, IMEI or Nickname. So
+++++ For Text output:|
+<code>
+proxysmart.sh usb_reset_modem modem179
+proxysmart.sh usb_reset_modem 123456789012345
+proxysmart.sh usb_reset_modem Mydongle222
+</code>
+++++
+++++ For Json output.|
+<code>
+proxysmart.sh usb_reset_modem_json modem179
+proxysmart.sh usb_reset_modem_json 123456789012345
+proxysmart.sh usb_reset_modem_json Mydongle222
+</code>
+++++
+==== 3.2.3. show status  ====
+Show full status of all modems, table (slower).
+<code>
+# proxysmart.sh  show_status
+</code>
+++++Output:|
+<code>
++--------+----+---------+-------+----------------+-----+--------------+-----------+-------------+------+------------+----+
+| NICK   | N  | DEV     | MODEL | IMEI           | HTTP| LOCAL_IP     |GW         |EXT_IP       |ONLINE| CELL:MODE  | MSG|
++--------+----+---------+-------+----------------+-----+--------------+-----------+-------------+------+------------+----+
+| dongle1| 0  | modem0  | E3372h| 862329099999999| 8001| 192.168.8.100|192.168.8.1|46.216.113.63|yes   | MTS BY:LTE |    |
+| dongle2| 114| modem114| E3131 | 352221099999999| 8002| 192.168.8.100|192.168.8.1|             |no    | :NO_SERVICE|    |
++--------+----+---------+-------+----------------+-----+--------------+-----------+-------------+------+------------+----+
+items TOTAL 2
+</code>++++
+Show brief status of all modems, table, (faster)
+Run
+<code>
+# proxysmart.sh  show_status_brief
+</code>
+++++Output:|
+<code>
+| NICK    | N | DEV    | IMEI           | HTTP| LOCAL_IP     | GW         | EXT_IP        | ONLINE| MSG|
+| Cdongle2| 77| modem77| 862329099999999| 8002| 192.168.8.100| 192.168.8.1| 46.216.152.241| yes   |    |
+| Client5 | 93| modem93| 352221099999999| 8004| 192.168.0.100| 192.168.0.1| 46.56.186.34  | yes   |    |
+</code>++++
+Show full status of all modems , json
+<code>
+# proxysmart.sh  show_status_json
+</code>
+++++Output:|
+<code>
+[
+  {
+    "MSG": "",
+    "N": 1,
+    "IS_LOCKED": "false",
+    "modem_details": {
+      "NICK": "ddddddd",
+      "IMEI": "940010000000001",
+      "MODEL": "bproxy",
+      "MODEL_SHOWN": "bproxy",
+      "HUB_ID": "",
+      "HUB_PORT": "",
+      "UPTIME": "",
+      "UDEV_UPTIME": "",
+      "PHONE_NUMBER": "",
+      "AT_PORT": "",
+      "ADDED_TIME": "10 hours + 34.866667 minutes",
+      "REBOOT_SCORE": "0"
+    },
+    "net_details": {
+      "DEV": "bproxy1",
+      "GW": "server.org:3128",
+      "LOCAL_IP": "127.0.0.1",
+      "LOCAL_IP6": "",
+      "EXT_IP": "167.172.59.39",
+      "EXT_IPV6": "2a03:b0c0:1:d0::1192:f001",
+      "IS_ONLINE": "yes",
+      "CurrentNetworkType": "",
+      "SimStatus": "",
+      "ICCID": "",
+      "ConnectionStatus": "",
+      "workmode": "",
+      "SIGNAL_STRENGTH": "",
+      "CELLOP": "DigitalOcean, LLC",
+      "VALDIK": "Detected OS = Linux 2.2.x-3.x [generic];MTU = 1500;Distance = 9;PTR = pathos.tanatos.org;PTR test = Probably server user;Fingerprint and OS match. No proxy detected ;No OpenVPN detected.",
+      "BAND": "",
+      "APN": "",
+      "HTTP_REDIRECT_IMPOSED": ""
+    },
+    "proxy_creds": {
+      "HTTP_PORT": 30001,
+      "SOCKS_PORT": null,
+      "LOGIN": "def294246",
+      "PASS": "def294246",
+      "PROXYSTDLINE_HTTP": "127.0.0.1:30001:def294246:def294246",
+      "PROXYSTDLINE_SOCKS": "",
+      "VPN_USERS": [],
+      "VPN_USERS_ONLINE": []
+    },
+    "android": {
+      "battery": null,
+      "version": null
+    },
+    "RESET_SECURE_LINK": {
+      "URL": "http://i.org:7001/apix/reset_ip_secure?hash=KNQWY5DFMRPV6V67LVNZSLHBA2CB3NLUKKVFW54R5P3QK5OGNZ72SXUVRB7RZ7IUWSWHC4G4K6NYM3YK37PXNHLQJCUBXIX2C3KXSFA=",
+      "VALID_UNTIL": "2028-10-17@11:16:24 +03"
+    }
+  },
+  {
+    "MSG": "",
+    "N": 17,
+    "IS_LOCKED": "false",
+    "modem_details": {
+      "NICK": "sierra",
+      "IMEI": "353990074165890",
+      "MODEL": "DW5811e",
+      "MODEL_SHOWN": "DW5811e",
+      "HUB_ID": "2-1",
+      "HUB_PORT": "",
+      "UPTIME": "unknown",
+      "UDEV_UPTIME": "76461",
+      "PHONE_NUMBER": "",
+      "AT_PORT": "/dev/ttyUSB2",
+      "ADDED_TIME": "1.1333333 minutes",
+      "REBOOT_SCORE": "14"
+    },
+    "net_details": {
+      "DEV": "wwan_modem17",
+      "GW": "10.77.34.116",
+      "LOCAL_IP": "10.77.34.115",
+      "LOCAL_IP6": "",
+      "EXT_IP": "146.120.151.173",
+      "EXT_IPV6": "",
+      "IS_ONLINE": "yes",
+      "CurrentNetworkType": "WCDMA",
+      "SimStatus": "READY",
+      "ICCID": "8937501200200347057",
+      "ConnectionStatus": "OK connected",
+      "workmode": "WCDMA",
+      "SIGNAL_STRENGTH": "RSSI:-74dBm",
+      "CELLOP": "A1 BY",
+      "VALDIK": "Detected OS = Linux 2.2.x-3.x [generic];MTU = 1400;Network link = Probably IPsec or other VPN;Distance = 9;PTR test = Probably home user;Fingerprint and OS match. No proxy detected ;No OpenVPN detected.",
+      "BAND": "wcdma-900",
+      "APN": "internet",
+      "HTTP_REDIRECT_IMPOSED": ""
+    },
+    "proxy_creds": {
+      "HTTP_PORT": 30041,
+      "SOCKS_PORT": null,
+      "LOGIN": "def294246",
+      "PASS": "def294246",
+      "PROXYSTDLINE_HTTP": "127.0.0.1:30041:def294246:def294246",
+      "PROXYSTDLINE_SOCKS": "",
+      "VPN_USERS": [],
+      "VPN_USERS_ONLINE": []
+    },
+    "android": {
+      "battery": null,
+      "version": null
+    },
+    "RESET_SECURE_LINK": {
+      "URL": "http://i.org:7001/apix/reset_ip_secure?hash=KNQWY5DFMRPV7V3MMVOREWZ4CNSOUWHHQM5IVWFTOXK3PRITT446HMUJIJHKJPDXDT773XMXRPDYGVGXYTUC4U2PRM24CHY4U7XT4VQ=",
+      "VALID_UNTIL": "2028-10-17@11:16:32 +03"
+    }
+  }
+]
+</code>++++
+Show status for a single modem, JSON
+Arguements - NICK or IMEI.
+<code>
+# proxysmart.sh  show_single_status_json dongle111
+</code>
+++++Output:|
+<code json>
+[
+   {
+      "IS_LOCKED" : "false",
+      "MSG" : "",
+      "N" : "17",
+      "RESET_SECURE_LINK" : {
+         "URL" : "http://i.org:7001/apix/reset_ip_secure?hash=KNQWY5DFMRPV7U3DQI4NMATCXAAXTYJAJ7JHP5UQYN25UE5B6CYHUUP2CIQRTOP6BHP7I26PVANIIK44LSQKFYZZYQNUEKHC23L4D7Y=",
+         "VALID_UNTIL" : "2028-10-17@11:17:54 +03"
+      },
+      "android" : {
+         "battery" : null,
+         "version" : null
+      },
+      "modem_details" : {
+         "ADDED_TIME" : "2.5166667 minutes",
+         "AT_PORT" : "/dev/ttyUSB2",
+         "HUB_ID" : "2-1",
+         "HUB_PORT" : "",
+         "IMEI" : "353990070000000",
+         "MODEL" : "DW5811e",
+         "MODEL_SHOWN" : "DW5811e",
+         "NICK" : "sierra",
+         "PHONE_NUMBER" : "",
+         "REBOOT_SCORE" : "14",
+         "UDEV_UPTIME" : "76544",
+         "UPTIME" : "unknown"
+      },
+      "net_details" : {
+         "APN" : "internet",
+         "BAND" : "wcdma-900",
+         "CELLOP" : "A1 BY",
+         "ConnectionStatus" : "OK connected",
+         "CurrentNetworkType" : "WCDMA",
+         "DEV" : "wwan_modem17",
+         "EXT_IP" : "46.56.229.83",
+         "EXT_IPV6" : "",
+         "GW" : "10.77.34.116",
+         "HTTP_REDIRECT_IMPOSED" : "",
+         "ICCID" : "8937501200200347057",
+         "IS_ONLINE" : "yes",
+         "LOCAL_IP" : "10.77.34.115",
+         "LOCAL_IP6" : "",
+         "SIGNAL_STRENGTH" : "RSSI:-75dBm",
+         "SimStatus" : "READY",
+         "VALDIK" : "Detected OS = Linux 2.2.x-3.x [generic];MTU = 1400;Network link = Probably IPsec or other VPN;Distance = 9;PTR test = Probably home user;Fingerprint and OS match. No proxy detected ;No OpenVPN detected.",
+         "workmode" : "WCDMA"
+      },
+      "proxy_creds" : {
+         "HTTP_PORT" : "30041",
+         "LOGIN" : "def294246",
+         "PASS" : "def294246",
+         "PROXYSTDLINE_HTTP" : "127.0.0.1:30041:def294246:def294246",
+         "PROXYSTDLINE_SOCKS" : "",
+         "SOCKS_PORT" : null,
+         "VPN_USERS" : [],
+         "VPN_USERS_ONLINE" : []
+      }
+   }
+]
+</code>++++
+==== 3.2.4. reboot a modem  ====
+Args: Nickname or IMEI.
+++++ TEXT Output|
+<code>
+#  proxysmart.sh   reboot_modem dongle61_us
+</code>
+or
+<code>
+#  proxysmart.sh   reboot_modem 899999999999999
+</code>
+++++
+++++ JSON Output|
+<code>
+# proxysmart.sh reset_modem_by_imei 899999999999999 full
+</code>
+or
+<code>
+# proxysmart.sh reset_modem_by_imei dongle61_us full
+</code>
+++++
+==== 3.2.5. Apply settings for a modem by IMEI  ====
+JSON output
+<code>
+# proxysmart.sh   apply_settings_for_a_modem_by_imei  868723029999406
+</code>
+++++Output:|
+<code>
+{
+   "debug" : "= lock acquired on DEV modem0,...",
+   "message" : "",
+   "result" : "success"
+}
+</code>++++
+Plain text output:
+<code>
+ proxysmart.sh  apply_settings_for_a_modem_by_imei_raw    359999999999999
+</code>
+++++output:|
+<code>
+= lock acquired on DEV wwan_modem17
+= WAN_APN=
+= PHONE_NUMBER=
+= purge port portXrzD
+{"msg":"ok","result":"ok"}
+= purge port pxsystem17
+{"msg":"ok","result":"ok"}
+= adding port PORT pxsystem17 for N 17
+= HTTP_PORT 127.0.0.1:30041 is free
+= applying new settings: port pxsystem17 DEV wwan_modem17, N 17, IMEI 353990074165890, nick sierra, http_port 30041, socks_port
+= proxyport pxsystem17 started
+= wont purge_port_remote for pxsystem17
+= updated collectd conf
+= adding port PORT portXrzD for N 17
+= SOCKS_PORT 192.168.1.35:5001 is free
+= HTTP_PORT 127.0.0.1:8001 is free
+= applying new settings: port portXrzD DEV wwan_modem17, N 17, IMEI 353990074165890, nick sierra, http_port 8001, socks_port 5001
+= proxyport portXrzD started
+= purging gost_quic_server@5001 on VPS
+= setting up GOST proxy server, version: gost3
+= Gost local BA server
+= Gost remote Socks5 server
+= remote service name: gost_quic_server@5001 on 116.202.103.247:5001
+= LDNS 127.100.1.100
+= saved /tmp/conf.gost3.5001.yaml
+= starting redirector@portXrzD
+= port portXrzD: BIND_PORT=-R 0.0.0.0:8001:127.0.0.1:8001 -R 127.0.0.1:5001:127.0.0.1:5001
+= updated collectd conf
+= check expiry for PORT portXrzD
+= no proxy expiry set
+= kill vpn user portXrzD on OPENVPN_MGMT_SOCKET /var/run/openvpn/server.management.socket
+= purging old MTU rules from Iptables for modem N=17
+= del rotator timer if any
+= updated collectd conf
+= lock released on DEV wwan_modem17
+</code>++++
+==== 3.2.6. Get IP rotations log for a modem  ====
+++++ By Nickname or IMEI|
+<code>
+proxysmart.sh  get_rotation_log dongle2
+proxysmart.sh  get_rotation_log 899999999999999
+</code>
+<code>
+[
+  {
+    "start_time": "2022-08-10@19:29:38",
+    "end_time": "2022-08-10@19:29:49",
+    "total_time": "10",
+    "old_ip": "4.26.28.14",
+    "new_ip": "4.26.28.13",
+    "target_mode": "auto"
+  },
+  {
+    "start_time": "2022-08-10@19:29:54",
+    "end_time": "2022-08-10@19:30:04",
+    "total_time": "9",
+    "old_ip": "4.26.248.13",
+    "new_ip": "4.26.152.10",
+    "target_mode": "auto"
+  }
+]
+</code>
+++++
+==== 3.2.7. Run speedtest   ====
+On a single modem:
+Args: NICKNAME or IMEI.
+<code>
+# proxysmart.sh  speedtest 353990074160000
+# proxysmart.sh  speedtest sierra
+</code>
+++++ Response: |
+<code>
+{
+    "upload": "8.85 mbps",
+    "download": "35.13 mbps",
+    "share": "http://www.speedtest.net/result/16912814215.png",
+    "msg": null,
+    "debug": null,
+    "ping": "36 ms"
+}
+</code>++++
+===== 3.3. Ports Actions =====
+==== 3.3.1. Get Top hosts from a modem  ====
+++++ By PORTID |
+<code>
+proxysmart.sh top_hosts port92848428
+</code>
+Response:
+<code>
+{
+  "bbc.com": 10,
+  "gmail.com": 20
+}
+</code>
+++++
+==== 3.3.2. report bandwitdh  ====
+++++ On a single port|
+Args: portID
+<code>
+# proxysmart.sh  bandwidth_report_json  portNF87478
+{
+   "HTTP_PORT" : "8001",
+   "IS_OVER_QUOTA" : "0",
+   "QUOTA_DIRECTION" : "inout",
+   "SOCKS_PORT" : "5001",
+   "bandwidth_bytes_day_in" : "9.5KB",
+   "bandwidth_bytes_day_out" : "9.6KB",
+   "bandwidth_bytes_lifetime_in" : "3.5MB",
+   "bandwidth_bytes_lifetime_out" : "440KB",
+   "bandwidth_bytes_month_in" : "3.5MB",
+   "bandwidth_bytes_month_out" : "433KB",
+   "bandwidth_bytes_yesterday_in" : "6.0KB",
+   "bandwidth_bytes_yesterday_out" : "4.9KB",
+   "left_to_quota" : null,
+   "port" : "portXrzD",
+   "portName" : "ddddd",
+   "quota" : null,
+   "quota_type" : null
+}
+</code>
+++++
+++++ With arbitrary time interval.|
+<code>
+# proxysmart.sh get_counters_port portID394848 '2023-01-28 18:10' '2023-01-28 19:20:01'
+</code>
+Output:
+<code>
+</code>
+++++
+++++ On all ports at once |
+<code>
+# proxysmart.sh bandwidth_report_all
+{
+    "portfQ48BUlu": {
+        "port": "portfQ48BUlu",
+        "portName": "busy_regard",
+        "bandwidth_bytes_day_in": "3.2 KB",
+        "bandwidth_bytes_day_out": "3.0 KB",
+        "bandwidth_bytes_yesterday_in": "1.3 KB",
+        "bandwidth_bytes_yesterday_out": "1.3 KB",
+        "bandwidth_bytes_month_in": "4.5 KB",
+        "bandwidth_bytes_month_out": "4.3 KB",
+        "bandwidth_bytes_prevmonth_in": 0,
+        "bandwidth_bytes_prevmonth_out": 0,
+        "bandwidth_bytes_lifetime_in": "3.9 KB",
+        "bandwidth_bytes_lifetime_out": "3.7 KB",
+        "quota_type": "",
+        "quota": "",
+        "left_to_quota": "",
+        "IS_OVER_QUOTA": "0",
+        "QUOTA_DIRECTION": "inout"
+    },
+    "port6UpKEM8X": {
+        "port": "port6UpKEM8X",
+        "portName": "talented_blast",
+        "bandwidth_bytes_day_in": "5.3 MB",
+        "bandwidth_bytes_day_out": "71.8 KB",
+        "bandwidth_bytes_yesterday_in": 0,
+        "bandwidth_bytes_yesterday_out": 0,
+        "bandwidth_bytes_month_in": "5.3 MB",
+        "bandwidth_bytes_month_out": "71.8 KB",
+        "bandwidth_bytes_prevmonth_in": 0,
+        "bandwidth_bytes_prevmonth_out": 0,
+        "bandwidth_bytes_lifetime_in": "5.3 MB",
+        "bandwidth_bytes_lifetime_out": "71.8 KB",
+        "quota_type": "",
+        "quota": "",
+        "left_to_quota": "",
+        "IS_OVER_QUOTA": "0",
+        "QUOTA_DIRECTION": "inout"
+    }
+}
+</code>
+++++
+==== 3.3.3. reset bandwidth counter on a port  ====
+ARGS: portID
+++++ JSON output|
+<code>
+# proxysmart.sh   bandwidth_reset_counter  portFIFJNF
+{"result":"success","debug":null}
+</code>
+++++
+---------
+====== 4. WEB API ======
+===== 4.1. Basic info =====
+==== 4.1.1. Web API endpoint   ====
+WEB API endpoint is the URL that Proxysmart WebApp available at.
+It can be
+    *  ''%%LAN_IP:8080%%'' when you call it from the same LAN
+    * ''%%VPS_IP:7001%%'' when you forwardded ports to the Cloud VPS
+    * ''%%STATIC_IP:8080%%'' when you forwarded ports via your LAN router and your ISP gave you STATIC_IP
+Also attach proper username:password (the -u parameter).
+Whenever below you are seeing ''%%localhost:8080%%'', replace it with the actual WEB API endpoint.
+==== 4.1.2. Workflow  ====
+**quick start:**
+  * Populate ''modems'' collection with modems objects
+  * Populate ''ports'' collection with proxy ports objects
+  * for each added modem call 'Apply settings for a modem' WEB API call. It will configure each modem and its ports
+** Detailed start **
+Assume you have given a fresh Proxysmart server with multiple modems, by default each of the modems has generated a ''random'' modem nickname and ''random'' ports on it.
+IMEI is a unique identifier for a modem.
+So, query full status with ''/apix/show_status_json'', gather IMEI's where nicknames are like ''random'', for each of these IMEI do:
+    * generate a unique modem nickname, e.g. "dongle_100" and store modem object with ''/crud/store_modem''
+    * generate proxy ports for the modem, create proxy port objects and store them with ''/crud/store_port''
+    * apply the settings for the modem and for its ports with ''/modem/settings''
+(done)
+**if you edited a modem**
+call 'Apply settings for a modem' WEB API call for the modem.
+** if you edited a port **
+call 'Apply settings for a port' WEB API call for the port (faster)
+or
+call 'Apply settings for a modem' WEB API call for the modem. (slower, affects all modem's ports)
+** if you deleted a port **
+call 'Purge port' WEB API call for the port (faster)
+or
+call 'Apply settings for a modem' WEB API call for the modem. (slower, affects all modem's ports))
+===== 4.2. Modems Actions =====
+==== 4.2.1. Store a modem object in Mongodb  ====
+This call just stores the object. Then you have to call "Apply Settings for a modem".
+It deletes all modem objects with the same IMEI.
+Request:
+<code>
+curl -u proxy:proxy localhost:8080/crud/store_modem --data-raw data='{"IMEI": "123456789012345", "name":"MyModem"}'
+</code>
+++++ Response:|
+<code>
+{
+  "result": "success"
+}
+</code>
+++++
+**Mandatory Fields**
+  * IMEI - 15 digits
+  * name - a Nickname of the modem
+**Optional Fields**
+  * TARGET_MODE - the mode, one of ( 3g /  4g / auto / default ) the mode will work in.
+  * AUTO_IP_ROTATION - how often to rotate the IP on the modem (minutes)
+  * PHONE_NUMBER - arbitrary field for setting phone number just for your information ) e.g. "+1111111111"
+  * NOTES - arbitrary string for some info about the modem.
+  * WAN_APN -   for LTE modules, APN to be set during bringing up the modem online, if correct APN can't be detected automatically. E.g. "my.cool.apn.com"
+  * mtu - set MTU fix for the modem, e.g. ''1400''
+  * MUTE_ALERTS - 0 or 1, if mute alerts about this modem
+Example 1, only mandatory fields.
+<code>
+{
+  "IMEI": "862329041087714",
+  "name": "dongle2"
+}
+</code>
+Example 2, mandatory + optional  fields.
+<code>
+{
+  "IMEI": "862329041087719",
+  "name": "dongle21",
+  "AUTO_IP_ROTATION": 10,
+  "PHONE_NUMBER": "+1111111111",
+  "TARGET_MODE": "4g",
+  "WAN_APN": "internet",
+  "mtu": 1400
+}
+</code>
+==== 4.2.2. Apply settings for a modem  ====
+Request:
+<code>
+curl http://localhost:8080/modem/settings -d imei=862329099999999 -u proxy:proxy
+</code>
+++++Response:|
+<code>
+{
+  "message": "Result: success, message: applied",
+  "success": true
+}
+</code>++++
+==== 4.2.3. List all modems  ====
+Request:
+<code>
+curl 'http://localhost:8080/apix/show_status_json' -u proxy:proxy
+</code>
+++++Response:|
+<code>
+[
+  {
+    "MSG": "",
+    "N": 1,
+    "IS_LOCKED": "false",
+    "modem_details": {
+      "NICK": "ddddddd",
+      "IMEI": "940010000000001",
+      "MODEL": "bproxy",
+      "MODEL_SHOWN": "bproxy",
+      "HUB_ID": "",
+      "HUB_PORT": "",
+      "UPTIME": "",
+      "UDEV_UPTIME": "",
+      "PHONE_NUMBER": "",
+      "AT_PORT": "",
+      "ADDED_TIME": "11.966667 minutes",
+      "REBOOT_SCORE": "0"
+    },
+    "net_details": {
+      "DEV": "bproxy1",
+      "GW": "server.org:3128",
+      "LOCAL_IP": "127.0.0.1",
+      "LOCAL_IP6": "",
+      "EXT_IP": "167.172.59.39",
+      "EXT_IPV6": "2a03:b0c0:1:d0::1192:f001",
+      "IS_ONLINE": "yes",
+      "CurrentNetworkType": "",
+      "SimStatus": "",
+      "ICCID": "",
+      "ConnectionStatus": "",
+      "workmode": "",
+      "SIGNAL_STRENGTH": "",
+      "CELLOP": "DigitalOcean, LLC",
+      "VALDIK": "Detected OS = Linux 2.2.x-3.x [generic];MTU = 1500;Distance = 9;PTR = pathos.tanatos.org;PTR test = Probably server user;Fingerprint and OS match. No proxy detected ;No OpenVPN detected.",
+      "BAND": "",
+      "APN": "",
+      "HTTP_REDIRECT_IMPOSED": ""
+    },
+    "proxy_creds": {
+      "HTTP_PORT": 30001,
+      "SOCKS_PORT": null,
+      "LOGIN": "def294246",
+      "PASS": "def294246",
+      "PROXYSTDLINE_HTTP": "127.0.0.1:30001:def294246:def294246",
+      "PROXYSTDLINE_SOCKS": "",
+      "VPN_USERS": [],
+      "VPN_USERS_ONLINE": []
+    },
+    "android": {
+      "battery": null,
+      "version": null
+    },
+    "RESET_SECURE_LINK": {
+      "URL": "http://i.org:7001/apix/reset_ip_secure?hash=KNQWY5DFMRPV74XDCJ5XV6OWRIWV46HM3QJ6GKR46JD6ZMV5EPPDUAIB5IUFR447JCEZO2BJC7UIG5LC2W2HD3DYERZZLSJNZJSI3EI=",
+      "VALID_UNTIL": "2028-10-17@11:31:45 +03"
+    }
+  },
+  {
+    "MSG": "",
+    "N": 17,
+    "IS_LOCKED": "false",
+    "modem_details": {
+      "NICK": "sierra",
+      "IMEI": "353990074165890",
+      "MODEL": "DW5811e",
+      "MODEL_SHOWN": "DW5811e",
+      "HUB_ID": "2-1",
+      "HUB_PORT": "",
+      "UPTIME": "unknown",
+      "UDEV_UPTIME": "77382",
+      "PHONE_NUMBER": "",
+      "AT_PORT": "/dev/ttyUSB2",
+      "ADDED_TIME": "9.6333333 minutes",
+      "REBOOT_SCORE": "0"
+    },
+    "net_details": {
+      "DEV": "wwan_modem17",
+      "GW": "10.54.117.97",
+      "LOCAL_IP": "10.54.117.96",
+      "LOCAL_IP6": "",
+      "EXT_IP": "178.163.151.102",
+      "EXT_IPV6": "",
+      "IS_ONLINE": "yes",
+      "CurrentNetworkType": "WCDMA",
+      "SimStatus": "READY",
+      "ICCID": "8937501200200347057",
+      "ConnectionStatus": "OK connected",
+      "workmode": "WCDMA",
+      "SIGNAL_STRENGTH": "RSSI:-77dBm",
+      "CELLOP": "A1 BY",
+      "VALDIK": "Detected OS = Linux 2.2.x-3.x [generic];MTU = 1400;Network link = Probably IPsec or other VPN;Distance = 9;PTR test = Probably home user;Fingerprint and OS match. No proxy detected ;No OpenVPN detected.",
+      "BAND": "wcdma-900",
+      "APN": "internet",
+      "HTTP_REDIRECT_IMPOSED": ""
+    },
+    "proxy_creds": {
+      "HTTP_PORT": 30041,
+      "SOCKS_PORT": null,
+      "LOGIN": "def294246",
+      "PASS": "def294246",
+      "PROXYSTDLINE_HTTP": "127.0.0.1:30041:def294246:def294246",
+      "PROXYSTDLINE_SOCKS": "",
+      "VPN_USERS": [],
+      "VPN_USERS_ONLINE": []
+    },
+    "android": {
+      "battery": null,
+      "version": null
+    },
+    "RESET_SECURE_LINK": {
+      "URL": "http://i.org:7001/apix/reset_ip_secure?hash=KNQWY5DFMRPV6YBVYPNMAKNADEBKVOIHJLN6P4E3LBARXMXPRAIYRAFCVROUURJWLDFGC6AVRT2KFDRKJLCYPKBBC5B44YNZTK64SFI=",
+      "VALID_UNTIL": "2028-10-17@11:31:53 +03"
+    }
+  }
+]
+</code>
+++++
+==== 4.2.4. Single modem status  ====
+Request:
+( either by IMEI or Nickname )
+<code>
+curl http://localhost:8080/apix/show_single_status_json?arg=dongle111    -u proxy:proxy
+curl http://localhost:8080/apix/show_single_status_json?arg=899999999999999    -u proxy:proxy
+</code>
+++++ Response:|
+<code>
+[
+   {
+      "IS_LOCKED" : "false",
+      "MSG" : "",
+      "N" : "17",
+      "android" : {
+         "battery" : null,
+         "version" : null
+      },
+      "modem_details" : {
+         "ADDED_TIME" : "11.55 minutes",
+         "AT_PORT" : "/dev/ttyUSB2",
+         "HUB_ID" : "2-1",
+         "HUB_PORT" : "",
+         "IMEI" : "353990074165890",
+         "MODEL" : "DW5811e",
+         "MODEL_SHOWN" : "DW5811e",
+         "NICK" : "sierra",
+         "PHONE_NUMBER" : "",
+         "REBOOT_SCORE" : "0",
+         "UDEV_UPTIME" : "77497",
+         "UPTIME" : "unknown"
+      },
+      "net_details" : {
+         "APN" : "internet",
+         "BAND" : "wcdma-900",
+         "CELLOP" : "A1 BY",
+         "ConnectionStatus" : "OK connected",
+         "CurrentNetworkType" : "WCDMA",
+         "DEV" : "wwan_modem17",
+         "EXT_IP" : "18.13.151.102",
+         "EXT_IPV6" : "",
+         "GW" : "10.54.117.97",
+         "HTTP_REDIRECT_IMPOSED" : "",
+         "ICCID" : "8937501209999947057",
+         "IS_ONLINE" : "yes",
+         "LOCAL_IP" : "10.54.117.96",
+         "LOCAL_IP6" : "",
+         "SIGNAL_STRENGTH" : "RSSI:-69dBm",
+         "SimStatus" : "READY",
+      },
+   }
+]
+</code> ++++
+==== 4.2.5. Reset (change) IP on a modem.  ====
+Request:
+( either by IMEI or Nickname )
+<code>
+curl http://localhost:8080/apix/reset_modem_by_imei?IMEI=899999999999999 -u proxy:proxy
+curl http://localhost:8080/apix/reset_modem_by_nick?NICK=dongle22 -u proxy:proxy
+</code>
+++++ Response:|
+<code>
+{
+   "debug" : "...",
+   "ext_ip" : "46.216.248.48",
+   "message" : "external ip changed from 46.216.225.112 to 46.216.248.48",
+   "result" : "success"
+}
+</code>
+++++
+==== 4.2.6. Reboot a modem  ====
+Request:
+( either by IMEI or Nickname )
+<code>
+curl http://localhost:8080/apix/reboot_modem_by_imei?IMEI=860493043888886 -u proxy:proxy
+curl http://localhost:8080/apix/reboot_modem_by_nick?NICK=dongle2 -u proxy:proxy
+</code>
+++++ Response:|
+<code>
+{
+   "debug" : "...",
+   "message" : "new external ip cannot be detected",
+   "result" : "failure"
+}
+</code>
+or
+<code>
+{
+   "debug" : "...",
+   "ext_ip" : "172.58.172.255",
+   "message" : "external ip changed from 172.58.172.251 to 172.58.172.255",
+   "result" : "success"
+}
+</code>
+++++
+ETA: ~ 1.5 minute
+==== 4.2.7. Get IP rotations log for a modem  ====
+Request - by Nickname - by IMEI
+<code>
+curl localhost:8080/apix/get_rotation_log?arg=899999999999999  -u proxy:proxy
+curl localhost:8080/apix/get_rotation_log?arg=dongle2          -u proxy:proxy
+</code>
+++++Response:|
+<code>
+[
+  {
+    "start_time": "2022-08-10@19:29:38",
+    "end_time": "2022-08-10@19:29:49",
+    "total_time": "10",
+    "old_ip": "4.26.28.14",
+    "new_ip": "4.26.28.13",
+    "target_mode": "auto"
+  },
+  {
+    "start_time": "2022-08-10@19:29:54",
+    "end_time": "2022-08-10@19:30:04",
+    "total_time": "9",
+    "old_ip": "4.26.248.13",
+    "new_ip": "4.26.152.10",
+    "target_mode": "auto"
+  }
+]
+</code>++++
+==== 4.2.8. Reset a modem via USB  ====
+Request either - by network interface e.g. modem77 - by Nickname - by IMEI
+<code>
+curl localhost:8080/apix/usb_reset_modem_json?arg=modem77      -u proxy:proxy
+curl localhost:8080/apix/usb_reset_modem_json?arg=dongle22      -u proxy:proxy
+curl localhost:8080/apix/usb_reset_modem_json?arg=868888888888889      -u proxy:proxy
+</code>
+++++Response:|
+<code>
+{
+  "USB_RESET_METHOD": "uhubctl",
+  "debug": "......",
+  "result": "ok"
+}
+</code>++++
+==== 4.2.9. Run speedtest on a modem   ====
+Request: by modem Nickname or IMEI :
+<code>
+curl localhost:8080/apix/speedtest?arg=dongle22             -u proxy:proxy
+curl localhost:8080/apix/speedtest?arg=868888888888889      -u proxy:proxy
+</code>
+Response:
+<code>
+{
+  "debug": null,
+  "download": "52.79mbps",
+  "msg": null,
+  "ping": "164.758ms",
+  "share": null,
+  "upload": "149.85mbps"
+}
+</code>
+===== 4.3. Ports Actions =====
+==== 4.3.1. Store a port object in Mongodb  ====
+This call just stores the object. Then you have to call "Apply Settings for a port".
+Request:
+<code>
+curl -u proxy:proxy localhost:8080/crud/store_port --data-raw data='{"IMEI": "353990074165890", "portID":"lel9999", "portName":"yyyyyyyy", "proxy_password":"aaaaaaaaa", "proxy_login":"aaaaaaaaaa", "http_port":8005, "socks_port": 5005}'
+</code>
+++++ Response:|
+<code>
+{
+  "result": "success"
+}
+</code>
+++++
+**Mandatory fields :**
+  * IMEI: IMEI of the modem to attach the port to,  e.g. ''862329041087719''
+  * portID: unique port ID, for existing ports, use existing value. For new ports, construct it like 'port' + at least 6 alphanumeric chars, e.g. ''portFj7H36sd1''
+  * portName: arbitrary port name, e.g. ''Customer Cool''
+  * proxy_login: Proxy login, e.g. ''kileq'', length is larger than 5.
+  * proxy_password: Proxy password, e.g. ''Jdh27dh'' , length is larger than 5.
+  * http_port: Http port, e.g. 8005 , Must be 8001-8999
+  * socks_port: Socks5 port, e.g. 5005 , Must be 5001-5999
+**Optional fields :**
+  * DENIED_SITES_ENABLE - if 1 , then apply DENIED_SITES_LIST , see below
+  * DENIED_SITES_LIST - array of denied sites. Applied if DENIED_SITES_ENABLE is "1".
+  * bw_quota : bandwidth quota in MB
+  * QUOTA_TYPE can be daily/monthly/lifetime. Latter means you allocate the quota forever till its over quota
+  * IP_MODE: can be :
+    * 4 : ipv4 only
+    * 6 : ipv6 only
+    * 46 : prefer ipv4 but also allow ipv6
+    * 64 : prefer ipv6 but also allow ipv4
+    * null : leave default
+  * PROXY_VALID_BEFORE:  expiry date in format  "2026-02-22T12:54"
+  * CREATED_AT: datetime when port was created in format  "2026-02-22T12:54"
+  * MAXCONN: max allowed connections
+  * CONNLIM: allow this number of new connections within 60 seconds
+  * bandlimin: download speed (megabits per second, mbps)
+  * bandlimout: upload speed (megabits per second, mbps)
+  * OS - destination TCP normalized OS fingerprint, can be
+    * (empty or absent field) No altering
+    * "android:1"  Android, slow
+    * "android:3"  real Android, almost like Linux
+    * "macosx:3"   macosx:3
+    * "macosx:4"   real MacOSX 12.6 / iPhone 13 Pro Max
+    * "ios:1"      ios:1, slow
+    * "ios:2"      ios:2, real Iphone
+    * "windows:1"  real Windows 10
+  * white_list - array of whitelisted customers' IP's (so proxy access for them is password-less)
+Example 1, only mandatory fields.
+<code>
+{
+  "portID": "portO39458fh",
+  "IMEI": "862329041087719",
+  "portName": "PEPA",
+  "http_port": "8005",
+  "socks_port": "5005",
+  "proxy_login": "kileq",
+  "proxy_password": "Jdh27dh"
+}
+</code>
+Example 2, mandatory + optional  fields.
+<code>
+{
+  "portID": "portQ73fhs764g",
+  "portName": "DEDA",
+  "IMEI": "862329041087719",
+  "MAXCONN": 100,
+  "CONNLIM": 100,
+  "DENIED_SITES_ENABLE": 1,
+  "DENIED_SITES_LIST": [
+    "bad.com",
+    "porn.com"
+  ],
+  "PROXY_VALID_BEFORE": "2028-02-22T12:54",
+  "IP_MODE": "46",
+  "OS": "ios:2",
+  "bandlimin": "10",
+  "bandlimout": "10",
+  "bw_quota": 200,
+  "QUOTA_TYPE": "monthly",
+  "http_port": "8004",
+  "proxy_login": "mokos",
+  "proxy_password": "rQ1h6J",
+  "socks_port": "5004",
+  "white_list": [
+    "192.168.0.0/16",
+    "78.140.162.201",
+    "78.140.162.202"
+  ]
+}
+</code>
+==== 4.3.2. Apply settings for a port  ====
+Args: portID
+Request:
+<code>
+curl http://localhost:8080/apix/apply_port?arg=port029348 -u proxy:proxy
+</code>
+++++Response:|
+<code>
+{
+  "msg": "success",
+  "result": "ok"
+}
+</code>++++
+==== 4.3.3. List all active ports  ====
+Request:
+<code>
+curl http://localhost:8080/apix/list_ports_json -u proxy:proxy
+</code>
+++++ Response:|
+<code>
+{
+  "358888888888890": [
+    {
+      "HTTP_PORT": "8001",
+      "IS_EXPIRED": 0,
+      "IS_OVER_QUOTA": 0,
+      "LOGIN": "N9999999",
+      "PASSWORD": "l8888-Gd",
+      "PROXY_VALID_BEFORE": "",
+      "RESET_SECURE_LINK": {
+        "URL": "http://i.org:7001/apix/reset_ip_secure?hash=KNQWY5DFMRPV7AR2KLHJQAIBL6H2MKF2JLEUNOZLIOJQ7KATN3S74QR7PYCWM3JWX4PJVQUZNGL6I===",
+        "VALID_UNTIL": "2029-03-07@20:47:51 +03"
+      },
+      "SOCKS_PORT": "5001",
+      "http_creds": "http://NVX_MhO9:[email protected]:8001",
+      "portID": "portXrzD",
+      "portName": "ddddd",
+      "redirector": {
+        "ActiveState": "active",
+        "NRestarts": 36,
+        "SubState": "running",
+        "UPTIME": "-1 d, 22 h, 14 m, 5 s."
+      },
+      "socks5_creds": "socks5://NVX_MhO9:[email protected]:5001"
+    },
+    {
+      "HTTP_PORT": "8009",
+      "IS_EXPIRED": 0,
+      "IS_OVER_QUOTA": 0,
+      "LOGIN": "EQAXGXOO",
+      "PASSWORD": "TTcbUlMK",
+      "PROXY_VALID_BEFORE": "",
+      "RESET_SECURE_LINK": {
+        "URL": "http://i.org:7001/apix/reset_ip_secure?hash=KNQWY5DFMRPV6V3NBPEKDNNXLHRQZ6TTY52BYKCWAQD35UUR7HZSG3QWAL3G5BKHY5KFHHUMIZCWK===",
+        "VALID_UNTIL": "2029-03-07@20:47:51 +03"
+      },
+      "SOCKS_PORT": "5009",
+      "http_creds": "http://EQAXGXOO:[email protected]:8009",
+      "portID": "portewH_",
+      "portName": "moldy_assistant",
+      "redirector": {
+        "ActiveState": "active",
+        "NRestarts": 36,
+        "SubState": "running",
+        "UPTIME": "-1 d, 23 h, 14 m, 5 s."
+      },
+      "socks5_creds": "socks5://EQAXGXOO:[email protected]:5009"
+    }
+  ]
+}
+</code>
+++++
+==== 4.3.4. Get available TCP ports   ====
+Available in Proxysmart v2.3+
+Get a list of Free TCP ports for farther usage in Http or Socks port creation.
+Request:
+<code>
+curl 'http://localhost:8080/apix/get_free_tcp_ports'  -u proxy:proxy
+</code>
+++++Response:|
+<code>
+[
+,
+,
+  ..SKIP..
+,
+]
+</code>++++
+==== 4.3.5. Purge a port   ====
+    * it deletes the port object from the DB
+    * it stops its proxies
+Args: portID
+Request:
+<code>
+curl http://localhost:8080/apix/purge_port?arg=port029348 -u proxy:proxy
+</code>
+++++Response:|
+<code>
+{
+  "msg": "ok",
+  "result": "ok"
+}
+</code>++++
+==== 4.3.6. Get Top hosts from a modem  ====
+By PORTID
+Request:
+<code>
+curl localhost:8080/apix/top_hosts?arg=port2847472 -u proxy:proxy
+</code>
+++++ Response:|
+<code>
+{
+  "bbc.com": 10,
+  "gmail.com": 20
+}
+</code>
+++++
+==== 4.3.7. Read bandwidth stats from a port  ====
+Args: porID
+Request:
+<code>
+curl localhost:8080/apix/bandwidth_report_json?arg=portJFJHFHJ -u proxy:proxy
+</code>
+++++Response:|
+<code>
+{
+   "HTTP_PORT" : "8001",
+   "IS_OVER_QUOTA" : "0",
+   "QUOTA_DIRECTION" : "inout",
+   "SOCKS_PORT" : "5001",
+   "bandwidth_bytes_day_in" : "9.5KB",
+   "bandwidth_bytes_day_out" : "9.6KB",
+   "bandwidth_bytes_lifetime_in" : "3.5MB",
+   "bandwidth_bytes_lifetime_out" : "440KB",
+   "bandwidth_bytes_month_in" : "3.5MB",
+   "bandwidth_bytes_month_out" : "433KB",
+   "bandwidth_bytes_yesterday_in" : "6.0KB",
+   "bandwidth_bytes_yesterday_out" : "4.9KB",
+   "left_to_quota" : null,
+   "port" : "portXrzD",
+   "portName" : "ddddd",
+   "quota" : null,
+   "quota_type" : null
+}
+</code>++++
+**With arbitrary time interval:**
+ARGS: portID, start time, end time.
+Request:
+<code>
+curl -G http://localhost:8080/apix/get_counters_port -X GET -d PORTID=portKFJKJKDD --data-urlencode 'START=2023-01-28 18:10' --data-urlencode 'END=2023-01-28 19:20:01' -u proxy:proxy
+</code>
+++++ Response:|
+<code>
+{ "in": "1101534", "out": "2158378" }
+</code>++++
+==== 4.3.8. Read bandwidth stats from all ports  ====
+Available only in Proxysmart **v2.3+**
+Request:
+<code>
+curl localhost:8080/apix/bandwidth_report_all -u proxy:proxy
+</code>
+++++Response:|
+<code>
+{
+    "portfQ48BUlu": {
+        "port": "portfQ48BUlu",
+        "portName": "busy_regard",
+        "bandwidth_bytes_day_in": "3.2 KB",
+        "bandwidth_bytes_day_out": "3.0 KB",
+        "bandwidth_bytes_yesterday_in": "1.3 KB",
+        "bandwidth_bytes_yesterday_out": "1.3 KB",
+        "bandwidth_bytes_month_in": "4.5 KB",
+        "bandwidth_bytes_month_out": "4.3 KB",
+        "bandwidth_bytes_prevmonth_in": 0,
+        "bandwidth_bytes_prevmonth_out": 0,
+        "bandwidth_bytes_lifetime_in": "3.9 KB",
+        "bandwidth_bytes_lifetime_out": "3.7 KB",
+        "quota_type": "",
+        "quota": "",
+        "left_to_quota": "",
+        "IS_OVER_QUOTA": "0",
+        "QUOTA_DIRECTION": "inout"
+    },
+    "port6UpKEM8X": {
+        "port": "port6UpKEM8X",
+        "portName": "talented_blast",
+        "bandwidth_bytes_day_in": "5.3 MB",
+        "bandwidth_bytes_day_out": "71.8 KB",
+        "bandwidth_bytes_yesterday_in": 0,
+        "bandwidth_bytes_yesterday_out": 0,
+        "bandwidth_bytes_month_in": "5.3 MB",
+        "bandwidth_bytes_month_out": "71.8 KB",
+        "bandwidth_bytes_prevmonth_in": 0,
+        "bandwidth_bytes_prevmonth_out": 0,
+        "bandwidth_bytes_lifetime_in": "5.3 MB",
+        "bandwidth_bytes_lifetime_out": "71.8 KB",
+        "quota_type": "",
+        "quota": "",
+        "left_to_quota": "",
+        "IS_OVER_QUOTA": "0",
+        "QUOTA_DIRECTION": "inout"
+    }
+}
+</code>++++
+==== 4.3.9. Reset bandwidth stats for a port  ====
+Request (by portID ):
+<code>
+curl localhost:8080/apix/bandwidth_reset_counter?arg=portJKJKDHJ83  -u proxy:proxy
+</code>
+Response:
+<code>
+{"result":"success","debug":null}
+</code>
+==== 4.3.10. Download Openvpn profiles  ====
+For each port you can download an Openpn profile.
+<code>
+curl localhost:8080/get_vpn_profile/port2834hfhsf.ovpn
+</code>
+Where port2834hfhsf is ''portID''
+Note, this URL doesn't require authentication, so it can be passed to the customer.
+The sole Ovpn profile file is not sufficient for connection - it will require a login and a password.
+===== 4.4. Other =====
+==== 4.4.1. Export backup  ====
+Request:
+<code>
+curl -u proxy:proxy localhost:8080/crud/backup_export
+</code>
+++++ Response:|
+<code>
+{
+  "modems_collection": [
+    {
+      "IMEI": "920000000000002",
+      "name": "dddddddddd"
+    }
+  ],
+  "ports_collection": [
+    {
+      "IMEI": "920000000000002",
+      "portID": "portnqIj",
+      "portName": "Port_dddddddddd",
+      "http_port": "8001",
+      "socks_port": "5001",
+      "proxy_login": "yyyyyyyy",
+      "proxy_password": "yyyyyyyyyyyy",
+      "DENIED_SITES_ENABLE": 0
+    }
+  ],
+  "local_settings": {
+    "lan_modems": [
+      {
+        "gw": "192.168.8.8",
+        "dev": "lanmodem1"
+      },
+      {
+        "gw": "192.168.8.9",
+        "dev": "lanmodem2"
+      }
+    ]
+  }
+}
+</code>
+++++
+==== 4.4.2. Getting current Backend Proxies (virtual modems)  ====
+Request:
+<code>
+curl -u proxy:proxy localhost:8080/crud/backend_proxies -X GET --header "Content-Type: application/json"
+</code>
+++++ Response:|
+<code>
+[
+  {
+    "creds": "http://MyLogin:MyPass@MyProxyHost1:3128",
+    "id": "bproxy1",
+    "ip_reset": "http://MyProxyHost1/reset1"
+  },
+  {
+    "creds": "http://MyLogin:MyPass@MyProxyHost2:3128",
+    "id": "bproxy2"
+  }
+]
+</code>
+++++
+==== 4.4.3. Getting current LAN modems list  ====
+Request:
+<code>
+curl -u proxy:proxy localhost:8080/crud/lanmodems -X GET --header "Content-Type: application/json"
+</code>
+++++ Response:|
+<code>
+[
+  {
+    "dev": "lanmodem3",
+    "gw": "192.168.8.3"
+  },
+  {
+    "dev": "lanmodem2",
+    "gw": "192.168.8.2"
+  }
+]
+</code>
+++++
+==== 4.4.4. Storing Backend Proxies (virtual modems)  ====
+Request:
+<code>
+curl -u proxy:proxy localhost:8080/crud/backend_proxies -X POST --header "Content-Type: application/json" -d \
+  '[
+    {
+    "id" : "bproxy1" ,
+    "creds" : "http://MyLogin:MyPass@MyProxyHost1:3128" ,
+    "ip_reset": "http://MyProxyHost1/reset1"
+    },
+    {
+    "id" : "bproxy2" ,
+    "creds" : "http://MyLogin:MyPass@MyProxyHost2:3128"
+    }
+  ]'
+</code>
+    * id: a string like "bproxy" + number
+    * creds: credentials in format ''%%protocol://login:password@host:port%%''
+    * ip_reset: (optional) Ip reset link
+++++ Response:|
+<code>
+{
+  "message": "",
+  "result": "success"
+}
+</code>
+++++
+==== 4.4.5. Storing LAN modems  ====
+Request:
+<code>
+curl -u proxy:proxy localhost:8080/crud/lanmodems -X POST --header "Content-Type: application/json" -d \
+  '[
+      {
+        "dev": "lanmodem3",
+        "gw": "192.168.8.3"
+      },
+      {
+        "dev": "lanmodem2",
+        "gw": "192.168.8.2"
+      }
+  ]'
+</code>
+    * dev: a string like "lanmodem" + number
+    * gw: the LAN modem's IP address
+++++ Response:|
+<code>
+{
+  "message": "",
+  "result": "success"
+}
+</code>
+++++
+==== 4.4.6. Report IP uniquness  ====
+Request:
+<code>
+curl localhost:8080/apix/unique_ips_json -u proxy:proxy
+</code>
+++++ Response:|
+<code>
+{
+  "DAYS": 14,
+  "MAX_REPEATS": 50,
+  "TOTAL_ROTATIONS": 7,
+  "UNIQUE_IPS": 7,
+  "NON_UNIQUE_IPS": 0,
+  "UNIQUE_IPS_PERCENT": 100,
+  "NON_UNIQUE_IPS_PERCENT": 0,
+  "TXT": "\nIP Uniqueness report:\n\nOf past 14 days.\nA Unique IP is an IP that was encountered less than 50 times during the reported period.\nTotal IP rotations on all devices: 7\nUnique IP rotations: 7 (100%)\nNon Unique IP rotations: 0 (0%)\n"
+}
+</code>
+++++
+==== 4.4.7. Report Shop usage   ====
+(only for Proxysmart v2.4+ with enabled Multishop feature)
+Request options are:
+  * ''SHOP'' is a shop username
+  * ''PERIOD'' is day/yesterday/week/prevweek/month/prevmonth/lifetime
+Response fields are:
+  * bw_in, bw_out, bw_total -- Download, Upload, Download+Upload in Bytes.
+  * modems_hours : number of modems\*hours (like manhours but for modems)
+  * lease_periods: Start and End of leasing modems
+Can be called by a Shop itself or by a Admin.
+Request:
+<code>
+curl 'http://localhost:8080/apix/shop_report/SHOP/PERIOD' -u proxy:proxy
+</code>
+++++Response:|
+<code>
+{
+    "period": "day",
+    "usage": {
+        "modems_hours": 13.583333333333334,
+        "lease_periods": [
+            [
+                "2026-01-15 00:00:00",
+                "modem_940010000000002",
+                {
+                    "Window": [
+                        "00:00 15.01.2026",
+                        "13:35 15.01.2026"
+                    ]
+                },
+                "start"
+            ],
+            [
+                "2026-01-15 13:35:00",
+                "modem_940010000000002",
+                {
+                    "Window": [
+                        "00:00 15.01.2026",
+                        "13:35 15.01.2026"
+                    ]
+                },
+                "end"
+            ]
+        ],
+        "bw_in": 10043.0,
+        "bw_out": 11946.0,
+        "bw_total": 21989.0
+    }
+}
+</code>++++
+==== 4.4.8. Common Status   ====
+Request:
+<code>
+curl -u proxy:proxy localhost:8080/modem/common_status
+</code>
+++++ Response:|
+<code>
+{
+  "EXT_IP": "",
+  "EXT_IP6": "",
+  "HOSTNAME": "HP-EliteDesk-CoolSetup",
+  "IPV6_SUPPORT": 0,
+  "LAN_IP": "192.168.99.26",
+  "P_public_ssh_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDJiLhwSdu2eu0ml8GGM5gFLZBRqakC1ONEbUCaYyBso/H2iwpBY2mugKN7fv+XOnLOkDR6mgiOAb2XCtytEVdPYGtYdxCzbYsxvdLnwT6WAxiEW1nRvWdH6IpIEhWaCzPehDf+cu/YVQRJc1baEjwvur6tXfYHRT3V23BLKB+zVY7su8Z+7K/z5rVZSjjjv7k8euirP8b5LMfTCCVOUIxBv4FkP+G988MuSQ6Mdb7tsHZKvrJ6QHq5zAkwcs+7vnG1cUpkyL2US3YYe4OJFo8SqD2nnksXZWRSca/VJ7ltU5/lXUnrVGrQSSszwsqU9zxAUpZgBhXdaQ2keBczEXOhiucMOysIXWpnpKAEsvDl6W0tU+HRAe/HIqTMQ0/FJ1xW1lzqcrUJ0i2D2sAHDxX+YnN4YrSyZkoQ16amJxb5DyDOx9VH6kTnWKr0kCA0kryUKKoifWiLU6GIH/sZJWpbjAJN6iIsT7FvI7FGjzQDZje0KP4uoxls+xtlPUu9Zz8= proxysmartPUBkey@e130 2026-02-06@14:34:28",
+  "count_connections": 37,
+  "country": "France",
+  "country_code": "FR",
+  "devices": 1,
+  "multishop": true,
+  "region_name": "Paris",
+  "reset_complete_done": true,
+  "reset_complete_failed_reason": "",
+  "role": "admin",
+  "settings": {
+    "HTTP_PORT_MAX": 8799,
+    "HTTP_PORT_MIN": 8701,
+    "SOCKS_PORT_MAX": 5799,
+    "SOCKS_PORT_MIN": 5701
+  },
+  "version": "2.4-202603121111+gitv2.4+fd5a437a~ubuntu26.04"
+}
+</code>
+++++
+Notes on the response
+  * ''devices'' is the number of physically attached devices (modems).
+  * On Proxysmart v2.4, ''role'' is either ''admin'' or ''shop''
+  * On Proxysmart v2.4, if  ''multishop'' is ''true'' then Multishop is activated.
+  * ''reset_complete_done'' indicates if the system is ready, if it is not, the reason is ''reset_complete_failed_reason''
+  * The system won't allow creating proxies with ports outside of ''(HTTP|SOCKS)_PORT_(MIN|MAX)''
+---------
+====== 7. License ======
+==== 1. Demo license ====
+Installation is shipped with default **demo** license.
+It allows you to run proxy on 1 modem.
+In order to run more modems, buy a License.
+==== 2. Requesting a License ====
+=== 2.1. Get the machine data ===
+**Method1. From the WebApp:**
+  * Open the proxysmart WebApp at ''http:%%//%%localhost:8080'' or ''http:%%//%%LAN_IP:8080''
+  * Scroll down to the Machine Data text.
+  * Copy **MachineData** value to the Clipboard.
+**Method2. From the CLI:**
+  * Open terminal
+  * Run **sudo proxysmart.sh license_status**
+  * Copy **machine_data** value
+=== 2.2. Contact Sales Team ===
+Send the copied value to [[https://proxysmart.org|proxysmart.org]]
+==== 2. License installation ====
+You will be given the **license** and **license signature**. Both are sequences of numbers and characters. Then submit both either via WebApp or CLI:
+**submitting via WebApp**
+Open the WebApp , ''http:%%//%%localhost:8080'' , expand License section and type in the keys & submit both.
+**submitting via CLI**
+run commands
+<code>
+proxysmart.sh submit_license LICENSE
+proxysmart.sh submit_license_signature LICENSE_SIGNATURE
+</code>
+==== 3. Restoring Demo license. ====
+If your paid license expired or broken, restore DEMO license
+**Method1. From the WebApp:**
+  * Open the Proxysmart WebApp at ''http:%%//%%localhost:8080'' or ''http:%%//%%LAN_IP:8080''
+  * click Restore Demo License.
+**Method2. From the console:**
+run ''%%sudo cp -v  /usr/share/proxysmart/demo/license.txt* /etc/proxysmart/%%''
+==== 4. Upgrading license ====
+The idea:
+    * When adding modems, you only pay of the remaining time of the license
+    * When approaching license end, upgrade price is lower
+The case:
+    * You bought a license for 50 modems / 1 year :  USD 416
+    * 8 months past, 4 months remained
+    * You want to add +20 modems
+    * New price of 70 modems / 1 year :  USD 550.4
+    * Time factor: 4 month / 12 month =  .33
+    * Difference between old price and new price : USD 134.400
+    * The difference with applied Time factor: USD 134.400 * 0.3333333333
+    * total to be paid: **USD 44.8**
+Or simple formula:
+''( New_price - Old_price ) * ( Tr / T  )''
+where:
+  * ''Tr''  - remaining number months to the end of license
+  * ''T''   - number of months of the original licence
+----------
+====== 8. FAQ and Troubleshooting. ======
+===== 8.1. Basic info =====
+==== 8.1.1. How to use proxies  ====
+  * If proxy ports are forwarded via remote cloud VPS: then the proxies can be used from all over the Internet, by that VPS IP and proxy port numbers.
+  * From the same LAN where multimodem server is located: by the server’s LAN IP and proxy port numbers.
+==== 8.1.2. Reconfigure all modems & proxies.  ====
+Method1. Click the button "Reset Complete" on the main screen of the WebApp in the bottom.
+Method2. In linux console, run: ''%%proxysmart.sh reset_complete%%''
+Also it is done after reboot automatically by a Cron job.
+==== 8.1.3. Where is WebApp  ====
+One of
+  * http:%%//%%localhost:8080/
+  * http:%%//%%LAN_IP:8080/
+  * http:%%//%%VPS_IP:7001/
+==== 8.1.4. UDP support on Socks5 proxies, for QUIC / HTTP/3.0  ====
+On **Proxysmart 2.3+**  it is enabled by default.
+It is needed for proper work of HTTP/3.0 which uses UDP.
+QUIC (UDP over socks5) will work either in your LAN or via a VPS. Steps are below.
+=== Steps on VPS : ===
+Make sure you finished the **Cloud VPS setup part**, with Ansible
+<code>
+cd /root/proxysmart-vps/
+nano vars.txt
+</code>
+- set ''vps_socks5_udp:  1''
+Save the file (press ''Control O'') and exit the editor (''Control x'')
+Run Ansible again
+<code>
+ansible-playbook ./proxysmart-vps.yml
+</code>
+=== Steps on Proxysmart server : ===
+set in ''%%WebApp->GlobalSettings%%'' -> ''%%QUIC_SUPPORT%%'' : On.
+and reboot or reconfigure all proxies (run ''%%proxysmart.sh reset_complete%%'' ).
+Note: make sure the VPS has enough RAM, each proxy needs 50MB of RAM. Also add swap if needed.
+==== 8.1.5. I want to add extra users on a modem  ====
+In the WebApp, create more ports on the modem, each port means a dedicated proxy.
+==== 8.1.6. How to set extra settings for a proxy port.  ====
+Those are optional and are set in the WebApp
+  * WHITELIST - allowed customers IP’s who are not required to type in proxy password (IP-based auth).
+  * bandwidth (speed) limit. Values are in mbps (megabits per second).
+  * DENIED_SITES_ENABLE (on/off) and DENIED_SITES_LIST (list of blocked sites patterns).
+  * Bandwidth Quota (Megabytes) and Bandwidth Quota Type (daily/monthly/lifetime)
+==== 8.1.7. How to change proxy credentials for a modem. How to rename a modem.  ====
+  * click EDIT on a modem or a port, set new values
+  * click APPLY
+==== 8.1.8. How to change WebApp password  ====
+**Proxysmart versions: v2.3**
+__WebApp method__
+In the ''WebApp->GlobalSettings'' scroll to the bottom, set new WebApp password. NOTE: login remains ''proxy''.
+__Command line method.__
+<code>
+sudo htpasswd -b /etc/nginx/htpasswd proxy NewAweSomePassword999999
+</code>
+If you want to __change username__ as well, just delete the file and then assign new password
+<code>
+sudo rm /etc/nginx/htpasswd
+sudo htpasswd -b -c /etc/nginx/htpasswd MyNewUsername NewAweSomePassword999999
+</code>
+**Proxysmart versions: v2.4+**
+__WebApp method__
+In the ''WebApp->Profile'' set new WebApp password. NOTE: login remains ''proxy''.
+__Command line method.__
+Set new random password
+<code>
+sudo proxysmart.sh reset_main_webapp_password
+</code>
+or set your own password
+<code>
+sudo proxysmart.sh reset_main_webapp_password NewAweSomePassword999999
+</code>
+==== 8.1.9. Get monthly/daily proxy usage.  ====
+Click ''%%Bandwitdh Stats%%'' in the WebApp, or use "Report Bandwidth" CLI or WEB API call.
+==== 8.1.10. OS TCP fingerprint normalization.  ====
+Aligns the TCP/IP stack signature with the client's actual operating system (iOS, Android, Windows, macOS), eliminating proxy-layer mismatch that would otherwise trigger false positives in anti-fraud systems.
+**How to enable ?**
+In the WebApp set the needed OS per each proxy port (click EDIT PORT).
+**How to test ?**
+Visit one of these websites (IP checkers) through a proxy. Find something like “OS TCP fingerprints”.
+  * http:%%//%%witch.valdikss.org.ru/
+  * https:%%//%%thesafety.us/
+  * https:%%//%%whoer.net ->  extended results
+  * https:%%//%%browserleaks.com/ip
+**Can I dump OS TCP fingerprint from a real device and use it?**
+Yes, contact me.
+**I enabled OS TCP normalization, but it is not working!**
+The reason may be that the operator passes all traffic through its internal proxy, or in other way modifies TCP signatures. Then local OS TCP modifications are overwritten. Is it bad? No! Because still traffic looks //natural// as it was coming from this operator network.
+The carriers where OS TSP is not working (and it is 100% OK!):
+    * Three, UK
+    * AT&T,  USA
+==== 8.1.11. PPP modems  ====
+These are very old 3g modems like **Huawei** E303, E173, E156; **ZTE** MF110, MF193, MF190. In order to make them work with proxysmart,
+edit ''WebApp->GlobalSettings'' and set ''PPP_MODEMS_ENABLE'' .
+**Make Quectel / Sierra Wireless LTE modules work in PPP mode**
+Why? sometimes they fail working in QMI mode. So:
+    * edit ''WebApp->GlobalSettings'' and set ''PPP_MODEMS_ENABLE''
+    * place a file ''/etc/udev/rules.d/21-wwan.rules''
+<code>
+# ignore QMI_WWAN endpoints on Quectel, to make it work in PPP mode.
+SUBSYSTEM=="net", ACTION=="add",  ATTRS{idVendor}=="2c7c" , ATTRS{idProduct}=="0125",  ENV{.LOCAL_ifNum}=="04", PROGRAM="/usr/local/bin/usb_ignore.sh %p"
+# ignore QMI_WWAN endpoints on SierraWireless  , to make it work in PPP mode. Save to 21-wwan.rules:
+SUBSYSTEM=="net", ACTION=="add",  ATTRS{idVendor}=="413c" , ATTRS{idProduct}=="81b6",  ENV{.LOCAL_ifNum}=="08", PROGRAM="/usr/local/bin/usb_ignore.sh %p"
+</code>
+    * re-plug modems or reboot Proxysmart server
+===== 8.2. Troubleshooting =====
+==== 8.2.1. My proxy is offline and showing Red in the WebApp.  ====
+   * Check if the modem has __good signal__.
+   * Check if the modem has __correct APN__ (set in its Web Dashboard).
+   * Check if its __SIM card is active__ (not blocked on Operator side) and is topped up.
+   * Check the modem on __another PC__ (e.g. your own Windows desktop) without WiFi and without Ethernet (to make sure Internet is provided by the dongle that being tested).
+==== 8.2.2. My proxies are slow.  ====
+Assume a chain ''%%UsbModem%%''->''%%PC%%''->''%%VPS%%''->''%%ProxyUser%%''. Final Proxy speed is limited by:
+    * Download speed of the modem
+    * Upload speed from PC to VPS
+    * Download speed from VPS to the ProxyUser
+** Download speed of the modem. **
+It can be measured on the side of the PC e.g. in the Proxysmart WebApp by clicking the Speedtest button.
+How to improve it?
+  * try other carriers
+  * try other modems
+  * try better location with better signal (i.e. not your Home)
+** Upload speed from PC to VPS. **
+Normally it correlates with quality of home internet (Fiber/xDSL) and can be measured by running speedtest on the PC in browser or in Terminal (speedtest-cli). Upload value has to be high.
+With different types of port forwardings:
+''wan''  (Home Internet is used for ports forwarding) :  remote proxy user's DownloadSpeed is limited to minimum of (ModemDownloadSpeed, HomeInternetUploadSpeed )
+''cell'' (each modem forwards its proxies through its internet) :  remote proxy user's DownloadSpeed is limited to minimum of (ModemDownloadSpeed, ModemUploadSpeed )
+How to improve it?
+  * get a better home internet with better upload
+  * switch from WiFi to Ethernet
+** Download speed from VPS to the ProxyUser **
+It can be measured by downloading a file from VPS to the Proxyuser.
+How to improve it?
+  * Change location of the VPS to a Cloud Hoster that has better reachability to the clients from all over the world
+==== 8.2.3. My proxies are slower than the same SIM card in a Phone.  ====
+Reason 1: Compare LTE category of the modem and the phone. Phone has higher LTE cat e.g. 12..20, while modem has LTE cat 4..6 (depends).
+Reason 2: when the speed is really bad (about 1mbps) then it is Operator's throttling. Perhaps you bought a plan that allows only phones/tablets and doesn't allow modems.
+==== 8.2.4. IP's are rotated on their own  ====
+If you don't rotate IP's and they are detected each time as a new IP - it is natural behaviour of mobile provider, when it routes its clients through random different gateways every 1 minute or so. T-Mobile USA is known of doing so.
+__Solution__: in the ''WebApp->GlobalSettings'' set  ''COLLECTD_PINGER_KEEPALIVE'' to ''On'', so there will be a pinger daemon that **keeps** open connection to a hostname defined as ''COLLECTD_PINGER_HOSTNAME'' through each modem.
+==== 8.2.5. Use custom Speedtest server.  ====
+It is useful when for some reason you want to run speed tests towards a custom server, instead of Ookla servers.
+Update **WebApp->Global_settings** with IP of the WEB server:
+    * ''SPEEDTEST_CUSTOM'' :  enabled
+''DL_URL'' can be an URL of a large enough file (~100Mb+). And ''UL_URL'' is an URL that accepts large enough POST request.
+==== 8.2.6. Speedtest for the clients   ====
+Why? In order to test quality of connnection between proxy/VPN users and the server, not involving mobile equipment.
+How?
+**For the proxy users: **
+Open the URL in the browser: The WebApp plus ''/openspeedtest/'' e.g. ''http://VPS_IP:7001/openspeedtest/'' , login/password are ''speedtest / pw2000pw''
+** For the VPN users:**
+While connnected over the VPN, open the URL in the browser: ''http://172.22.27.1/openspeedtest/''  , login/password are ''speedtest / pw2000pw''
+==== 8.2.7. How to get current number of connections for a proxy port?  ====
+In WebApp : click Bandwidth Report for the port. Scroll down to number of connections.
+==== 8.2.8. Migrate a server (export/import the backup)   ====
+If you want to
+  * Migrate a server i.e. replace its hardware
+  * Keep all settings
+  * Keep all proxies configurations
+Then on the old server, export its backup.
+  * Go to WebApp->''Edit Modems & Ports''
+  * Click Export backup, save the file.
+On the new server, import the backup.
+  * Go to WebApp->''Edit Modems & Ports''
+  * Choose the file, Click Import backup.
+  * Reboot or run Reset Complete.
+===== 8.3. IP Reset =====
+==== 8.3.1. “Dirty” IP reset.  ====
+It may be needed when you need even faster IP reset. In this case, post-checks are not made, so it is not sure if the modem really went online after IP reset. It can be activated by ''%%DIRTY_IP_ROTATION%%'' in ''WebApp->GlobalSettings''
+==== 8.3.2. IP rotation links.  ====
+These links
+  * Can be safely passed to your customers. They don’t reveal real dongle parameters like IMEI or Nickname.
+  * They don’t require HTTP basic authentication
+  * They depend on the proxy password. So, when you change the proxy password - old IP rotation links, associated with that proxy, will stop working.
+A link can be copied from the WebApp->Ports list. Each Port has its own IP rotation link. If one port rotates IP, then other ports of the same modem affected too.
+If you realized you gave a link to a customer, and want to revoke it, just set new password for the proxy.
+If you want to invalidate all links of all modems, set a new secret: set ''%%RESET_LINK_SECRET%%'' in ''WebApp->GlobalSettings'' .
+==== 8.3.3. Minimum time between IP rotations  ====
+If you want to avoid too frequent IP rotations triggered by your users – in **WebApp->Global_settings** set ''%%MINIMUM_TIME_BETWEEN_ROTATIONS%%'' as 120,  so for 120 seconds minimum delay.
+==== 8.3.4. Prevent non-unique IP’s after IP rotation.  ====
+For example to prevent using IP’s that were in use 1 time (or more) within last 24h: set in **WebApp->Global_settings** :
+<code>
+RETRY_IP_ROTATIONS                 # enables Re-rotation, enable it.
+NON_UNIQUE_IP_OCCURS 1             # how many times an IP must occur to be considered NonUnique. E.g. 1
+NON_UNIQUE_IP_PERIOD 24hour        # during which period an IP must occur to be considered NonUnique. E.g. 1day or 1hour
+</code>
+==== 8.3.5. Reset (change) IP on a modem.  ====
+The options are below.
+  * **From Web App**
+Click ''%%Reset Ip%%'' button.
+  * **From command line.**
+Run: ''%%proxysmart.sh reset_quick_nick dongle1%%''
+Where ''%%dongle1%%'' is a Dongle “nickname” that is seen from output of ''%%proxysmart.sh show_status%%''
+  * **From Web API.**
+check WEB API section of this manual.
+**How to rotate a modem periodically?**
+  * WebApp method
+Update modem’s settings in the WebApp and click APPLY.
+  * Cron method
+Install a Cron job. Edit a file ''%%/etc/cron.d/proxysmart%%'', add a line ( or uncomment a commented line.. )
+''%%*/10 * * * *    root  run-one /usr/local/bin/proxysmart.sh reset_quick_nick  dongle3%%''
+so that a modem with the Nickname dongle3 is rotated every 10 min.
+Repeat for each modem you want to rotate periodically.
+==== 8.3.6. How to re-rotate IP when IP doesn’t change?  ====
+In **WebApp->Global_settings** set ''%%RETRY_IP_ROTATIONS%%'' .
+So when Old_IP == New_IP, then IP rotation is retried. Up to ''%%MAX_RETRY_IP_ROTATIONS%%'' attempts which is by default 3.
+==== 8.3.7. How to lock network mode per modem  ====
+Set ''TARGET_MODE'' the modem's settings in the Proxysmart WebApp. Allowed values:
+  * auto
+  * 3g
+  * 4g
+===== 8.4. Access Control =====
+==== 8.4.1. How to block domains  ====
+    * Individual (per proxy) block lists : WebApp -> **Edit Port**, check ''%%DENIED_SITES_ENABLE%%'', populate ''%%DENIED_SITES_LIST%%''
+    * Global block list - for all proxies: **WebApp->Global_settings**  -> check ''DENIED_SITES_ENABLE'' populate ''DENIED_SITES_LIST'' , click SAVE and re-apply all modems settings.
+How blocklists are processed:
+    * if you block ''porn.com'', then also ''www.porn.com'' is blocked.
+    * if you block ''gov'', then also ''nyc.gov,www.nyc.gov'' are blocked.
+    * IP's are blocked also e.g. 23.23.23.23
+**Note for Socks5 proxies**
+When a domain blacklist is imposed, then by default users still can access blocked sites by their IP’s.
+In order to prevent it, set ''%%DENY_IP_REQUESTS%%'' in **WebApp->Global_settings** and run ''%%proxysmart.sh reset_complete%%'' for resetting all configuration (or reboot).
+==== 8.4.2. How to allow only whitelisted domains.  ====
+The feaure it not ready.
+==== 8.4.3. How to enable client IP whitelisting?   ====
+** On Proxysmart 2.3+ it is enabled by default **
+By default Proxysmart can't see original clients IP's. So we have to enable it:
+Steps:
+**1. On Proxysmart server**
+  * set ''%%PROXY_PORTS_FORWARDER_SOFTWARE=ssh+haproxy%%'' in **WebApp->Global_settings**
+  * run ''%%proxysmart.sh reset_complete%%'' for resetting all configuration.
+**2. On the VPS**
+<code>
+cd /root/proxysmart-vps/
+nano vars.txt
+</code>
+set
+''haproxy_enabled: 1''
+Save the file (press ''Control O'') and exit the editor (''Control x'')
+Run Ansible again
+<code>
+ansible-playbook ./proxysmart-vps.yml
+</code>
+==== 8.4.4. How to make my proxes Open (i.e. not requiring authentication )  ====
+Set ''%%OPEN_PROXIES%%'' in ''WebApp->GlobalSettings'' and regenerate all configs.
+Note, when proxy ports are forrwarded via a VPS, the proxies are available to any internet user. Use it with caution.
+===== 8.5. Mobile VPN =====
+==== 8.5.1. Mobile VPN  ====
+Together with building proxies, it is possible to build Mobile VPN.
+It is enabled with WebApp->GlobalSettings -> OpenVPN integration -> ''OPENVPN_INTEGRATION''
+==== 8.5.2. Mobile VPN, how to connect  ====
+So download the VPN profiles and connect using any VPN client software.
+  * Download and install software:
+Windows: https://openvpn.net/community-downloads/ or https://openvpn.net/client-connect-vpn-for-windows/
+MacOS: https://tunnelblick.net/
+Android: https://play.google.com/store/apps/details?id=de.blinkt.openvpn or https://f-droid.org/en/packages/de.blinkt.openvpn/
+IOS: https://apps.apple.com/us/app/openvpn-connect/id590379981
+  * Import downloaded OpenVPN profile, tap Connect.
+  * use Login and Password from the corresponding proxy.
+==== 8.5.3. Mobile VPN logs  ====
+Logs of openvpn sessions - ''/var/log/openvpn/sessions.log''. Format:
+<code>
+'$time','$type','$local_port','$proto','$duration','$bytes_in','$bytes_out','$Real_IP','$Real_PORT','$Ovpn_CERT','$Ovpn_IP','$IMEI','$proxy_login','$auth_reject_why'
+</code>
+    * type - session_start / session_stop / auth_reject
+    * local_port - local port of Openvpn server
+    * proto  - tcp-server or udp
+    * duration - when type is session_stop, how many the session lasted
+    * Real_IP, Real_PORT - of a client
+    * auth_reject_why - when type is session_stop, the reason why auth was rejected
+==== 8.5.4. Mobile VPN, Switch Openvpn protocol   ====
+  * You can switch to TCP or UDP.
+  * In WebApp->GlobalSettings set **OPENVPN_PROTOCOL** to  **tcp** or **udp** and run ''proxysmart.sh reset_complete''
+  * On Clients, either download profiles again, or change protocol in client settings.
+===== 8.6. Advanced settings =====
+==== 8.6.1. Is IPV6 supported?  ====
+Yes but it’s off by default.
+On modems , edit APN and set APN type for both IPv4 and IPv6 , e.g. Ip4Ip6 or Ip4+ip6, there is a dropdown list for that.
+On Proxysmart box: Update ''WebApp->GlobalSettings'' -> ''%%IPV6_SUPPORT%%'' ''On''
+and reset configuration ''%%proxysmart.sh reset_complete%%'' ; or even better do a reboot.
+==== 8.6.2. How to host multiple Proxysmart servers  ====
+** When ports forwarded through a VPS **
+Assume 2 Proxysmart servers:
+    * Server1
+    * Server2
+On each, make sure the proxies are configured on these ports:
+    * Server1 : http 8001..8099, socks5 5001..5099
+    * Server2 : http 8101..8199, socks5 5101..5199
+Make settings in the WebApp->GlobalSettings:
+For Server1:
+    * VPS - IP of the VPS
+    * PROXY_PORTS_FORWARDER_ENABLE on
+    * SSH_REMOTE_PORT: 6001
+    * WEB_REMOTE_PORT: 7001
+    * OPENVPN_SERVER_PORT: 1501
+    * XRAY_REMOTE_PORT: 441 (makes sense only if Xray support is activated)
+For Server2:
+    * VPS - IP of the VPS
+    * PROXY_PORTS_FORWARDER_ENABLE on
+    * SSH_REMOTE_PORT: 6002
+    * WEB_REMOTE_PORT: 7002
+    * OPENVPN_SERVER_PORT: 1502
+    * XRAY_REMOTE_PORT: 442 (makes sense only if Xray support is activated)
+On the VPS install SSH public keys of each Proxysmart server:
+<code>
+cd ~/proxysmart-vps
+nano vars.txt
+</code>
+<code>
+ssh_pub_keys:
+ - ssh-rsa AAAAB3NzaC1..
+ - ssh-rsa AAAA2847371..
+</code>
+Save the file by pressing ''Control O'' and exit the editor by pressing ''Control x'' .
+Run Ansible:
+<code>
+ansible-playbook proxysmart-vps.yml
+</code>
+** When ports forwarded through a static office IP **
+Assume 2 Proxysmart servers:
+    * Server1, LAN_IP1
+    * Server2, LAN_IP2
+On each, make sure the proxies are configured on these ports:
+    * Server1 : http 8001..8099, socks5 5001..5099
+    * Server2 : http 8101..8199, socks5 5101..5199
+Then on the router, make forwardings.
+For Server1:
+    * WebApp:  (from external IP) TCP       8080                    -> LAN_IP1:8080
+    * Proxies: (from external IP) TCP       8001..8099,5001..5099   -> LAN_IP1
+    * Openvpn: (from external IP) TCP+UDP   1194                    -> LAN_IP1:1194
+    * Xray:    (from external IP) TCP       441                     -> LAN_IP1:441 (makes sense only if Xray support is activated)
+For Server2:
+    * WebApp:  (from external IP) TCP       8082                    -> LAN_IP2:8080
+    * Proxies: (from external IP) TCP       8101..8199,5101..5199   -> LAN_IP2
+    * Openvpn: (from external IP) TCP+UDP   1195                    -> LAN_IP2:1194
+    * Xray:    (from external IP) TCP       442                     -> LAN_IP1:442 (makes sense only if Xray support is activated)
+==== 8.6.3. How to forward proxy ports via each modem individually?  ====
+Why is it needed? When home __base internet is unstable__ or its upload speed <15mbps.
+A VPS is needed in order to expose the ports this way ( see **VPS integration** chapter ).
+** How it works **
+Each proxy forwards its port through its modem, not using base internet.
+** PRO's :**
+    * Home base internet speed & stability is not important
+** CON's :**
+    * each modem is working in bidirectional mode
+    * proxy speed is limited to 4G Upload speed which is slow
+**Steps: on Proxysmart server**
+  * set ''%%PROXY_PORTS_FORWARDER_TYPE=cell%%'' in **WebApp->Global_settings**
+  * run ''%%proxysmart.sh reset_complete%%'' for resetting all configuration.
+==== 8.6.4. Auto-rebooting modems.  ====
+Sometimes only a reboot can fix a modem. In order to enable, set ''%%AUTOREBOOT_DONGLES%%'' in **WebApp->Global_settings**.  How it works:
+  * if a situation occurs , “reboot score” of a modem is increased by the value, according to the situation:
+<code>
+SCORE_IP_ROTATION_FAIL=10                   # score increments when IP rotation failed
+SCORE_IP_NOT_DETECTED=2                     # score increments when IP not detected
+SCORE_IP_RECONNECT_FAIL=10                  # score increments when IP not auto-reconnected
+SCORE_WWAN_DATA_FAIL=10                     # score increments when WWAN device can't establish Data connection
+SCORE_WEBAPP_FAIL=20                        # score increments when the modem's WebApp is stuck
+</code>
+  * when the modem’s reboot score reaches ''%%MAX_REBOOT_SCORE%%'' then the modem is rebooted.
+  * special case, do USB reset instead of a reboot, when ''%%AUTO_USB_RESET_DONGLES%%'' is 1, it is useful when modems’ WEB APP is not available.
+==== 8.6.5. Socks5 UDP behind a LAN router  ====
+Normally, when using socks5 software like 3proxy or gost, behind a LAN router, Socks5 proxies won't have UDP. In order to add UDP to them, perform these steps.
+=== If your LAN router has **Assymetrical** NAT type, or you **don't know** its NAT type : ===
+On Proxysmart server:
+  * Set LAN_SOCKS_SOFTWARE  to asysocks
+  * Set REWRITE_UDP_ASSOCIATE_IP_TO to external (public) IP of the LAN router
+  * Set REWRITE_PORT_UDP_ASSOCIATE to On.
+  * Set CONE_NAT_FIX to Off.
+  * Set unique UDP port range e.g. 20000-20100 using MIN_PORT_UDP_ASSOCIATE and MAX_PORT_UDP_ASSOCIATE . This UDP port range is unique per server.
+On the router:
+  * forward UDP port range e.g. 20000..21000 to the LAN IP of the Socks5 proxy server
+=== If your LAN router  has **Full Cone / Restricted Cone** NAT type: ===
+On Proxysmart server:
+  * Set LAN_SOCKS_SOFTWARE  to asysocks
+  * Set REWRITE_UDP_ASSOCIATE_IP_TO to external (public) IP of the LAN router
+  * Set CONE_NAT_FIX to On
+On the router:
+   * Nothing.
+=== Finally ===
+Reboot or run ''proxysmart.sh reset_complete''
+==== 8.6.6. Custom DNS server for the proxies   ====
+Edit ''%%/etc/proxysmart/conf.txt%%'' and set ''%%DNS_SERVER_PROXIES="1.1.1.1"%%''  where ''1.1.1.1'' is a custom DNS server, it must be publicly available.
+Click the button "Reset Complete" on the main screen of the WebApp in the bottom or in the console, run: ''%%sudo proxysmart.sh reset_complete%%'' or reboot the server.
+==== 8.6.7. How to access WebApp and proxies by a Hostname?  ====
+Just buy a domain for $5 and assign a Hostname ( e.g. `srv1.company.com` to the IP  of your LAN router or of the VPS.
+And make up these **GlobalSettings** :
+  * REWRITE_WEBAPP_URL : On
+  * REWRITE_WEBAPP_TO : http://srv1.company.com:8080
+  * REWRITE_HOST_IN_PROXY_CREDS : On
+  * REWRITE_HOST_IN_PROXY_CREDS_TO : srv1.company.com
+  * OPENVPN_SERVER_HOST : srv1.company.com
+==== 8.6.8. Performance tuning  ====
+When >50 modems are added, play with ''%%MAX_PARALLEL_WORKERS_STATUS%%'' variable, on faster CPU’s it can be set to 8 or 16 (to the number of CPU cores). It can be set by editing the file ''%%/etc/proxysmart/conf.txt%%''. It affects number of threads
+    * when generating status of the modems
+    * when generating configuration of newly added modems
+==== 8.6.9. How many modems can I run on a single computer?  ====
+Hi , technically it depends on how powerful this PC is, and how intensively proxies are used.
+  * Raspberry PI - 4 proxies (roughly)
+  * a miniPC (Intel NUC or similar) - up to 10
+  * a Laptop like Core i5 - up to 30.
+Also it depends on what Plan you buy.
+Also it depends on USB configuration, for maximum number of modems:
+  * disable USB3.0 in BIOS
+  * use USB2.0 hubs
+==== 8.6.10. How to set monthly traffic quota per modem?  ====
+In the WebApp, set monthly traffic quota. Click EDIT & APPLY.
+==== 8.6.11. How to set TTL and why?  ====
+In some cases custom TTL must be set in order to have Cell Operator think we are not using the modem in hotspot  tethering mode. I.e. we don’t share its data. By default Linux OS has ttl = 64. To change Cell Operator perception of the situation, we want to set it +1 i.e. 65.
+Edit ''WebApp->GlobalSettings'' and set ''%%CUSTOM_TTL_SET%%'' and ''%%CUSTOM_TTL_VALUE=65%%'' and regenerate settings.
+==== 8.6.12. How to set MTU and why?  ====
+In some cases different MTU values connect with different types of ISP’s. You may want to change it.
+Mtu can be only lowered. E.g. if you have MTU 1390, you can set 1340. Not opposite.
+- WebApp -> GlobalSettings -> enable ''%%CUSTOM_MTU_SET%%''  .
+- Set MTU in the WebApp for each modem.
+==== 8.6.13. Exclude some modems  ====
+In ''%%/etc/proxysmart/conf.txt%%''
+  * by Device name, populate this array ''%%IGNORED_DEV=(  modem132  modem0000000002)%%'' – array of Network Interfaces that are not processed
+  * by IMEI, populate this array ''%%IGNORED_IMEI=( 9999999999999999 8888888888888888 )%%'' – array of IMEI that are not processed
+==== 8.6.14. Nagios integration.  ====
+There is a plugin embedded, run it as root,
+''%%/usr/lib/nagios/plugins/proxysmart-nagios-helper.sh IMEI%%''
+or
+''%%/usr/lib/nagios/plugins/proxysmart-nagios-helper.sh NICKNAME%%''
+so it will return OK/WARN/CRIT/UNKNOWN and corresponding exit code.
+==== 8.6.15. How can I access the web interface admin panel of each modem?  ====
+** Proxysmart 2.3+ : **
+  * Open WebApp. Locate the modem. Click blue "Display" button towards the modem. Modem's WebApp will open in the new tab.
+==== 8.6.16. What if a modem connected via 3G or 2G, and I want 4G?  ====
+Lock network mode to 4G and rotate its IP.
+==== 8.6.17. Where are proxy logs.  ====
+On the Proxysmart server in a folder ''%%/var/log/3proxy/%%'' , each filename is named for HTTP proxy port.
+Logs are rotated daily and 90 copies are saved, details are in ''%%/etc/logrotate.d/3proxy%%''.
+Logs of IP rotations are in a folder ''%%/var/log/proxysmart/dongle_rotations/%%''.
+==== 8.6.18. No logs policy  ====
+If you want to run NoLogs policy, create  a cron script that deletes the logs, i.e. the files
+<code>
+/var/log/gost/*
+/var/log/3proxy/*
+/var/log/sniproxy*
+/var/log/haproxy*
+</code>
+==== 8.6.19. Install logging of all requests in single place  ====
+Why? Get  single log of all requests from Proxies (HTTP/Socks5) clients and VPN clients.
+**Installation On Proxysmart server**
+In the ''WebApp->GlobalSettings'' set ''SNIFFER_ENABLED'' and click Apply.
+run ''%%proxysmart.sh reset_complete%%''
+Watch the log ''/var/log/proxy_log.log'' on Proxysmart server.
+It is rotated and 365 daily copies are stored on disk.
+Then it is bound to a button "Download Proxy Logs".
+It can also be installed on a VPS if the  VPS is working as proxies frontend.
+**Installation On VPS**
+not supported yet.
+**Log format**
+File: ''/var/log/proxy_log.log''
+<code>
+    _ws.col.Time  frame.interface_name   ip.src  tcp.srcport   ip.dst   tcp.dstport
+    #   1          2                        3       4           5           6
+    socks.remote_name    socks.dst    socks.port   socks.dstport
+    # 7                         8         9         10
+     http.request.method    http.host
+    #   11                  12
+     tls.handshake.extensions_server_name  x509ce.dNSName
+    #   13                                  14
+</code>
+==== 8.6.20. Alerts to Telegram  ====
+In Telegram start a chat with a bot https://t.me/userinfobot and get your Telegram numeric ID.
+In Proxysmart WebApp->GlobalSettings , set  ''TG_ALERTS_ENABLE''  ; and set ''TG_ALERTS_RECEIVER'' to your Telegram numeric ID.
+In Telegram start a chat with Proxysmart bot https://t.me/nagios737bot and send 'hi'.
+After that the bot will send you alerts.
+**Sending alerts to a group ** (proxysmart v2.4+)
+   * Get numeric ID of the Telegram group, e.g. ''-99999999999999'' (negative value!)
+   * In Proxysmart WebApp->GlobalSettings , Set ''TG_ALERTS_RECEIVER''  to ''-99999999999999''
+   * In Proxysmart WebApp->GlobalSettings , enable ''TG_ALERTS_RECEIVER''
+   * Add https://t.me/nagios737bot to the group and then write something to the group
+==== 8.6.21. Vless with Xtls Reality (Xray) integration.   ====
+** What is it - Xray?  **
+  * Xray is a family of protocols. We will use its VLESS protocol + Xtls Reality extension. More read https://xtls.github.io/en/
+  * Supports UDP-in-TCP tunneling, so if a Proxysmart server is behind a LAN router, the clients will be able to send UDP traffic.
+  * It bypasses Socks5 protocol blocks (in some countries) due to Xtls Reality extension that makes all traffic look like TLS traffic to a neutral domain like ''gmail.com''
+** How to activate Xray?  **
+  * **Extended** license is needed
+  * Set ''XRAY_REMOTE_PORT''  unique on each server.
+  * Set ''XRAY_ENABLE'' On in ''WebApp->Global Settings''
+  * Reboot or reconfigure all proxies (run ''%%proxysmart.sh reset_complete%%'' ).
+  * A button "Xray" appears in the main screen of the WebApp. It will show details how to connect to the Xray port.
+**How to use Xray on client's side **
+https://en.nekoray.org/ or https://github.com/XTLS/Xray-core or https://getnekobox.com/en/
+------------
+====== 9. Bugs and Limitations ======
+==== LTE modules ====
+  * IPV6 is not supported
+==== Android phones ====
+  * No TCP OS normalization with Proxysmart APK app.
+  * No Sock5 UDP with Proxysmart APK app.
+==== VPN users ====
+  * IPV6 is not supported
+==== Port ranges ====
+    * Proxy ports range: HTTP 8001..8999, SOCKS5 5001..5999
+==== OS TCP Fingerprint Normalization ====
+    * Not supported on Ipv6
+==== No spam ====
+TCP port 25 is blocked, we don't send spam. If you want to send normal emails then you can use ports: 587, 465.  Port 25 is for server2server communication only.