config.toml reference
The service reads C:\ProgramData\NetClamp\config.toml on startup
and watches it for changes — most settings reload without a service
restart. The same file is editable from the SPA’s Settings → Service
pane.
Full example
[api.rest]
bind = "127.0.0.1:9845"
[api.grpc]
bind = "127.0.0.1:9846"
[logging]
level = "info"
max_files = 30
[policy]
block_inbound_by_default = true
allow_outbound_by_default = true
[monitor]
sample_interval_ms = 1000
flow_idle_timeout_sec = 30
[license]
key_path = "C:\\ProgramData\\NetClamp\\license.key"Section: api.rest
| Key | Default | Meaning |
|---|---|---|
|
|
Listening address. Loopback recommended. Non-loopback works at any credit count but TLS is not yet wired — see Settings. |
Section: api.grpc
|
|
gRPC listener. The tray uses gRPC streaming for low-latency SSE. |
Section: logging
|
|
One of |
|
|
Rotated log files retained at
|
Section: policy
|
|
Drops any inbound flow not
matched by an |
|
|
Mirror for outbound. Toggling this off on a remote-managed machine can lock you out (SSH/RDP responses get dropped). The SPA gates with a confirmation; the API doesn’t. |
Section: monitor
|
|
How often the throughput sampler runs. |
|
|
Drop a tracked flow from the in-memory table after this many seconds with no traffic. |
Section: license
|
|
Where bound
credits are persisted. The service writes here when
|
Hot-reload behaviour
Most fields hot-reload — the service watches the file and re-reads on change. Exceptions:
-
api.rest.bind/api.grpc.bind— listener addresses can’t be rebound on a running socket. Change requires service restart.
To force a reload without editing the file (e.g. after dropping a new
trusted signer into trusted-signers.toml):
netclamp config reloadWhere else config lives
|
API bearer token (generated on first boot, base64url, 43 chars). |
|
Bound credits, signed Ed25519. |
|
SQLite store for rules + quotas. |
|
Public keys trusted to sign rule subscriptions. |
|
Cached rule-subscription bundles. |
|
Rotated service logs. |