naftiko: 1.0.0-alpha2 info: label: SafeLine WAF Protection Management description: Unified workflow for managing web application firewall protection including website configuration, ACL rules, SSL certificates, security policies, and attack event analysis. Used by security engineers and IT admins to protect web applications. tags: - WAF - Security - Web Application Firewall - Open Source - Reverse Proxy - ACL created: '2026-05-02' modified: '2026-05-06' binds: - namespace: env keys: SAFELINE_API_TOKEN: SAFELINE_API_TOKEN capability: consumes: - type: http namespace: safeline baseUri: https://localhost:9443 description: SafeLine WAF management API authentication: type: apikey key: X-SLCE-API-Token value: '{{SAFELINE_API_TOKEN}}' placement: header resources: - name: authentication path: /api/LoginAPI description: User authentication and session management operations: - name: login-user method: POST description: Authenticate user with username and password outputRawFormat: json outputParameters: - name: result type: object value: $. body: type: json data: username: '{{tools.username}}' password: '{{tools.password}}' - name: api-tokens path: /api/UserAPITokenAPI description: API token management operations: - name: list-api-tokens method: GET description: List all API tokens for authenticated user outputRawFormat: json outputParameters: - name: result type: object value: $. - name: create-api-token method: POST description: Create a new API token for programmatic access outputRawFormat: json outputParameters: - name: result type: object value: $. body: type: json data: comment: '{{tools.comment}}' - name: websites path: /api/SoftwareReverseProxyWebsiteAPI description: Protected website management operations: - name: list-websites method: GET description: List all websites protected by SafeLine WAF inputParameters: - name: page in: query type: integer required: false description: Page number - name: page_size in: query type: integer required: false description: Items per page outputRawFormat: json outputParameters: - name: result type: object value: $. - name: create-website method: POST description: Add a new website to SafeLine WAF protection outputRawFormat: json outputParameters: - name: result type: object value: $. body: type: json data: name: '{{tools.name}}' upstream: '{{tools.upstream}}' ports: '{{tools.ports}}' - name: website-protection path: /api/EnableDisableWebsiteAPI description: Website protection enable/disable operations: - name: toggle-website-protection method: POST description: Enable or disable WAF protection for a website outputRawFormat: json outputParameters: - name: result type: object value: $. body: type: json data: id: '{{tools.id}}' enabled: '{{tools.enabled}}' - name: ssl-certificates path: /api/CertAPI description: SSL/TLS certificate management operations: - name: list-ssl-certificates method: GET description: List all SSL certificates configured in SafeLine outputRawFormat: json outputParameters: - name: result type: object value: $. - name: acl-rules path: /api/ACLRuleAPI description: Access control list rules operations: - name: list-acl-rules method: GET description: List ACL rules for blocking or allowing traffic inputParameters: - name: page in: query type: integer required: false description: Page number - name: page_size in: query type: integer required: false description: Items per page outputRawFormat: json outputParameters: - name: result type: object value: $. - name: create-acl-rule method: POST description: Create a new ACL rule for traffic filtering outputRawFormat: json outputParameters: - name: result type: object value: $. body: type: json data: name: '{{tools.name}}' action: '{{tools.action}}' conditions: '{{tools.conditions}}' - name: acl-whitelist path: /api/ACLWhiteListAPI description: ACL whitelist management operations: - name: list-acl-whitelist method: GET description: List IP addresses in the ACL whitelist outputRawFormat: json outputParameters: - name: result type: object value: $. - name: add-to-acl-whitelist method: POST description: Add an IP address or CIDR block to the whitelist outputRawFormat: json outputParameters: - name: result type: object value: $. body: type: json data: ip: '{{tools.ip}}' comment: '{{tools.comment}}' - name: policy-groups path: /api/PolicyGroupAPI description: Security policy group management operations: - name: list-policy-groups method: GET description: List security policy groups outputRawFormat: json outputParameters: - name: result type: object value: $. - name: create-policy-group method: POST description: Create a new security policy group outputRawFormat: json outputParameters: - name: result type: object value: $. body: type: json data: name: '{{tools.name}}' comment: '{{tools.comment}}' - name: reports path: /api/ReportResultAPI description: Security report management operations: - name: get-report-results method: GET description: Get generated security reports outputRawFormat: json outputParameters: - name: result type: object value: $. - name: acl-logs path: /api/ACLRuleExecutionLogAPI description: ACL rule execution logs operations: - name: get-acl-execution-logs method: GET description: Get logs of ACL rule executions and triggered actions inputParameters: - name: page in: query type: integer required: false description: Page number - name: start_time in: query type: integer required: false description: Unix timestamp start - name: end_time in: query type: integer required: false description: Unix timestamp end outputRawFormat: json outputParameters: - name: result type: object value: $. - name: node-info path: /api/NodeInfoAPI description: System node information operations: - name: get-node-info method: GET description: Get system node information and hardware stats outputRawFormat: json outputParameters: - name: result type: object value: $. exposes: - type: rest port: 8080 namespace: waf-protection-api description: Unified REST API for SafeLine WAF protection management. resources: - path: /v1/websites name: websites description: Protected website management operations: - method: GET name: list-websites description: List all websites protected by SafeLine WAF call: safeline.list-websites outputParameters: - type: object mapping: $. - method: POST name: create-website description: Add a new website to WAF protection call: safeline.create-website outputParameters: - type: object mapping: $. - path: /v1/websites/toggle name: website-protection description: Enable or disable website protection operations: - method: POST name: toggle-website-protection description: Enable or disable WAF protection for a specific website call: safeline.toggle-website-protection outputParameters: - type: object mapping: $. - path: /v1/ssl-certificates name: ssl-certificates description: SSL certificate management operations: - method: GET name: list-ssl-certificates description: List SSL certificates configured in SafeLine call: safeline.list-ssl-certificates outputParameters: - type: object mapping: $. - path: /v1/acl-rules name: acl-rules description: Access control list rules operations: - method: GET name: list-acl-rules description: List traffic ACL rules call: safeline.list-acl-rules outputParameters: - type: object mapping: $. - method: POST name: create-acl-rule description: Create a new ACL rule call: safeline.create-acl-rule outputParameters: - type: object mapping: $. - path: /v1/acl-whitelist name: acl-whitelist description: ACL whitelist management operations: - method: GET name: list-acl-whitelist description: List whitelisted IP addresses call: safeline.list-acl-whitelist outputParameters: - type: object mapping: $. - method: POST name: add-to-acl-whitelist description: Add IP or CIDR to whitelist call: safeline.add-to-acl-whitelist outputParameters: - type: object mapping: $. - path: /v1/policy-groups name: policy-groups description: Security policy groups operations: - method: GET name: list-policy-groups description: List security policy groups call: safeline.list-policy-groups outputParameters: - type: object mapping: $. - method: POST name: create-policy-group description: Create a security policy group call: safeline.create-policy-group outputParameters: - type: object mapping: $. - path: /v1/reports name: security-reports description: Security reports operations: - method: GET name: get-report-results description: Get security reports call: safeline.get-report-results outputParameters: - type: object mapping: $. - path: /v1/acl-logs name: acl-execution-logs description: ACL rule execution logs operations: - method: GET name: get-acl-execution-logs description: Get ACL rule execution logs call: safeline.get-acl-execution-logs with: page: rest.page start_time: rest.start_time end_time: rest.end_time outputParameters: - type: object mapping: $. - path: /v1/system/node name: node-info description: System information operations: - method: GET name: get-node-info description: Get SafeLine node system information call: safeline.get-node-info outputParameters: - type: object mapping: $. - type: mcp port: 9090 namespace: waf-protection-mcp transport: http description: MCP server for AI-assisted WAF protection management and security configuration. tools: - name: list-websites description: List all web applications protected by SafeLine WAF with their configuration hints: readOnly: true openWorld: false call: safeline.list-websites with: page: tools.page page_size: tools.page_size outputParameters: - type: object mapping: $. - name: create-website description: Add a new web application to SafeLine WAF protection hints: readOnly: false destructive: false idempotent: false call: safeline.create-website with: name: tools.name upstream: tools.upstream ports: tools.ports outputParameters: - type: object mapping: $. - name: toggle-website-protection description: Enable or disable WAF protection for a specific website hints: readOnly: false destructive: false idempotent: true call: safeline.toggle-website-protection with: id: tools.id enabled: tools.enabled outputParameters: - type: object mapping: $. - name: list-ssl-certificates description: List all SSL/TLS certificates managed by SafeLine hints: readOnly: true openWorld: false call: safeline.list-ssl-certificates outputParameters: - type: object mapping: $. - name: list-acl-rules description: List access control rules for blocking or allowing specific traffic patterns hints: readOnly: true openWorld: false call: safeline.list-acl-rules with: page: tools.page page_size: tools.page_size outputParameters: - type: object mapping: $. - name: create-acl-rule description: Create a new ACL rule to block or allow traffic based on IP, URL, or headers hints: readOnly: false destructive: false idempotent: false call: safeline.create-acl-rule with: name: tools.name action: tools.action conditions: tools.conditions outputParameters: - type: object mapping: $. - name: list-acl-whitelist description: List IP addresses and CIDR blocks in the ACL whitelist hints: readOnly: true openWorld: false call: safeline.list-acl-whitelist outputParameters: - type: object mapping: $. - name: add-to-acl-whitelist description: Add an IP address or CIDR block to the ACL whitelist hints: readOnly: false destructive: false idempotent: true call: safeline.add-to-acl-whitelist with: ip: tools.ip comment: tools.comment outputParameters: - type: object mapping: $. - name: list-policy-groups description: List security policy groups with their rule counts hints: readOnly: true openWorld: false call: safeline.list-policy-groups outputParameters: - type: object mapping: $. - name: create-policy-group description: Create a new security policy group for organizing WAF rules hints: readOnly: false destructive: false idempotent: false call: safeline.create-policy-group with: name: tools.name comment: tools.comment outputParameters: - type: object mapping: $. - name: get-report-results description: Get generated security reports showing attack statistics and traffic analysis hints: readOnly: true openWorld: false call: safeline.get-report-results outputParameters: - type: object mapping: $. - name: get-acl-execution-logs description: Get logs of triggered ACL rules showing blocked/allowed requests and source IPs hints: readOnly: true openWorld: false call: safeline.get-acl-execution-logs with: page: tools.page page_size: tools.page_size start_time: tools.start_time end_time: tools.end_time outputParameters: - type: object mapping: $. - name: get-node-info description: Get SafeLine system node information including CPU, memory, and version hints: readOnly: true openWorld: false call: safeline.get-node-info outputParameters: - type: object mapping: $. - name: list-api-tokens description: List API tokens for programmatic access to SafeLine management hints: readOnly: true openWorld: false call: safeline.list-api-tokens outputParameters: - type: object mapping: $. - name: create-api-token description: Create a new API token for SafeLine management automation hints: readOnly: false destructive: false idempotent: false call: safeline.create-api-token with: comment: tools.comment outputParameters: - type: object mapping: $.