diff --git a/config/vcpe.cfg b/config/vcpe.cfg
index 5be5fff..d1971ce 100644
--- a/config/vcpe.cfg
+++ b/config/vcpe.cfg
@@ -78,6 +78,17 @@ application:
         tcp_nodelay = true;
     };
 
+    protocol:
+    {
+        # 0：无编码格式，普通字符串
+        # 1：base64编码格式
+        # 2：采用AES128加密后的base64编码格式
+        # 3：采用3DES加密后的base64编码格式
+        # 4：采用AES256加密后的base64编码格式
+        crypto_type = 0;
+        crypto_key = "AES@YD1X+lI3U75l36yUsOUugw==";
+    };
+
     # DHCP Server Config
     dhcp_server: {
         listen_on = ["192.168.30.1", "192.168.100.1"];
diff --git a/srcs/libs/CMakeLists.txt b/srcs/libs/CMakeLists.txt
index 2950bd6..c62635d 100644
--- a/srcs/libs/CMakeLists.txt
+++ b/srcs/libs/CMakeLists.txt
@@ -20,6 +20,7 @@ AUX_SOURCE_DIRECTORY(mq C_SRC)
 AUX_SOURCE_DIRECTORY(cmdline C_SRC)
 AUX_SOURCE_DIRECTORY(crypto C_SRC)
 AUX_SOURCE_DIRECTORY(hardware C_SRC)
+AUX_SOURCE_DIRECTORY(protocol C_SRC)
 
 IF (USED_REDIS)
     ADD_DEFINITIONS(-DUSED_REDIS)
diff --git a/srcs/libs/configure/config.c b/srcs/libs/configure/config.c
index 71c5a36..9a5458a 100644
--- a/srcs/libs/configure/config.c
+++ b/srcs/libs/configure/config.c
@@ -109,6 +109,8 @@ static CFG_ITEM g_cfgItem[] = {
     DEF_CFG_ITEM(CFG_HTTP_SVR_ADDR, "http_svr.listen_addr", VAL_STR, "0.0.0.0", "Network address to listen on"),
     DEF_CFG_ITEM(CFG_HTTP_SVR_PORT, "http_svr.listen_port", VAL_INT, "6789", "Network port to listen on"),
     DEF_CFG_ITEM(CFG_HTTP_SVR_TCP_NODELAY, "http_svr.tcp_nodelay", VAL_BOOL, "1", "TCP delay switch"),
+    DEF_CFG_ITEM(CFG_PROTO_CRYPTO, "protocol.crypto_type", VAL_INT, "0", "Protocol crypto algorithm"),
+    DEF_CFG_ITEM(CFG_PROTO_CRYPTO_KEY, "protocol.crypto_key", VAL_STR, "", "Protocol crypto keys"),
 #ifdef OPENDHCPD_ON
     // 配置DHCP服务器
     DEF_CFG_ITEM(CFG_DHCP_LISTEN_ON, "dhcp_server.listen_on", VAL_ARRAY_STR, "", "DHCP listen interface"),
diff --git a/srcs/libs/configure/config_help.c b/srcs/libs/configure/config_help.c
index 4e00cc0..26419ce 100644
--- a/srcs/libs/configure/config_help.c
+++ b/srcs/libs/configure/config_help.c
@@ -3,16 +3,24 @@
 //
 #include "config.h"
 
+unsigned int config_get_proto_crypto_type() {
+    return cfg_get_integral_value(CFG_PROTO_CRYPTO);
+}
+
+const char *config_get_proto_crypto_key() {
+    return cfg_get_string_value(CFG_PROTO_CRYPTO_KEY);
+}
+
 #ifdef OPENDHCPD_ON
-const vector config_get_dhcp_server_range_set() {
+vector config_get_dhcp_server_range_set() {
     return cfg_get_vector(CFG_DHCP_RANGE_SET);
 }
 
-const vector config_get_dhcp_listen_on() {
+vector config_get_dhcp_listen_on() {
     return cfg_get_vector(CFG_DHCP_LISTEN_ON);
 }
 
-const vector config_get_dhcp_replication_svr() {
+vector config_get_dhcp_replication_svr() {
     return cfg_get_vector(CFG_DHCP_REPLICATION_SVR);
 }
 #endif
diff --git a/srcs/libs/include/config.h b/srcs/libs/include/config.h
index 485f296..5931641 100644
--- a/srcs/libs/include/config.h
+++ b/srcs/libs/include/config.h
@@ -69,6 +69,8 @@ typedef enum {
     CFG_HTTP_SVR_ADDR,
     CFG_HTTP_SVR_PORT,
     CFG_HTTP_SVR_TCP_NODELAY,
+    CFG_PROTO_CRYPTO,
+    CFG_PROTO_CRYPTO_KEY,
     CFG_DHCP_LISTEN_ON,
     CFG_DHCP_REPLICATION_SVR,
     CFG_DHCP_RANGE_SET,
@@ -129,10 +131,12 @@ const char  *config_get_vxlan_pkg_filter();
 const char  *config_get_http_server_addr();
 unsigned int config_get_http_server_port();
 int          config_get_http_server_tcp_nodelay();
+unsigned int config_get_proto_crypto_type();
+const char  *config_get_proto_crypto_key();
 #ifdef OPENDHCPD_ON
-const vector config_get_dhcp_server_range_set();
-const vector config_get_dhcp_listen_on();
-const vector config_get_dhcp_replication_svr();
+vector config_get_dhcp_server_range_set();
+vector config_get_dhcp_listen_on();
+vector config_get_dhcp_replication_svr();
 #endif
 #ifdef __cplusplus
 }
diff --git a/srcs/libs/include/misc.h b/srcs/libs/include/misc.h
index 994995a..03829b1 100644
--- a/srcs/libs/include/misc.h
+++ b/srcs/libs/include/misc.h
@@ -56,6 +56,7 @@ int                get_nic_info(const char    *pName,
                                 unsigned int  *pGateway,
                                 unsigned char *pMac);
 int                str_to_ipaddr(const char *pIp, unsigned int *ipAddr);
+unsigned long long get_current_time_ms();
 #ifdef __cplusplus
 }
 #endif
diff --git a/srcs/libs/include/proto.h b/srcs/libs/include/proto.h
new file mode 100644
index 0000000..2f71195
--- /dev/null
+++ b/srcs/libs/include/proto.h
@@ -0,0 +1,27 @@
+//
+// Created by xajhuang on 2022/12/2.
+//
+
+#ifndef VCPE_PROJECT_PROTO_H
+#define VCPE_PROJECT_PROTO_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+#include <cjson/cJSON.h>
+
+
+typedef enum {
+    CRYPTO_NONE   = 0,
+    CRYPTO_BASE64 = 1,
+    CRYPTO_AES128 = 2,
+    CRYPTO_3DES   = 3,
+    CRYPTO_AES256 = 4,
+} PROTO_CRYPTO_TYPE;
+
+const char *proto_create_new(cJSON *pMsgCtx, int rspCode);
+
+#ifdef __cplusplus
+}
+#endif
+#endif    //VCPE_PROJECT_PROTO_H
diff --git a/srcs/libs/init/init.c b/srcs/libs/init/init.c
index 2866496..f55c6e1 100644
--- a/srcs/libs/init/init.c
+++ b/srcs/libs/init/init.c
@@ -23,6 +23,7 @@
 #define DEFAULT_CONFIG_DIR  ("config")
 
 static pid_t g_pid;
+static int   g_isInited = FALSE;
 
 static void catch_system_interupt(int UNUSED(sig_num)) {
     if (g_pid == uv_os_getpid()) {
@@ -120,14 +121,18 @@ int user_init(const char *pAppCfgFile, const char *pCfgDirectory, const char *pK
 
     http_svr_init();
 
+    g_isInited = TRUE;
+
     return ERR_SUCCESS;
 }
 
 void user_uninit() {
-    task_manager_exit();
-    free_http_server();
-    mq_uninit();
-    zlog_fini();
-    uninit_config_system();
-    uv_loop_close(get_task_manager());
+    if (g_isInited) {
+        task_manager_exit();
+        free_http_server();
+        mq_uninit();
+        zlog_fini();
+        uninit_config_system();
+        uv_loop_close(get_task_manager());
+    }
 }
diff --git a/srcs/libs/misc/misc.c b/srcs/libs/misc/misc.c
index 56fb0c8..11866f5 100644
--- a/srcs/libs/misc/misc.c
+++ b/srcs/libs/misc/misc.c
@@ -11,6 +11,7 @@
 #include <linux/if.h>
 #include <sys/ioctl.h>
 #include <linux/if_ether.h>
+#include <sys/time.h>
 
 #include "user_errno.h"
 #include "misc.h"
@@ -154,6 +155,12 @@ const char *get_cur_process_dir() {
     return (const char *)g_exePath;
 }
 
+unsigned long long get_current_time_ms() {
+    struct timeval tv;
+    gettimeofday(&tv, NULL);
+    return tv.tv_sec * 1000 + tv.tv_usec / 1000;
+}
+
 int str_to_mac(const char *str, unsigned char mac[6]) {
     int   i;
     char *s, *e;
diff --git a/srcs/libs/protocol/protocol.c b/srcs/libs/protocol/protocol.c
new file mode 100644
index 0000000..05f4ef7
--- /dev/null
+++ b/srcs/libs/protocol/protocol.c
@@ -0,0 +1,100 @@
+//
+// Created by xajhuang on 2022/12/2.
+//
+#include <zlog.h>
+#include <string.h>
+
+#include "config.h"
+#include "misc.h"
+
+#include "proto.h"
+#include "crypto.h"
+#include "user_errno.h"
+
+#define CURRENT_PROTOCOL_VERSION (1)
+
+typedef struct {
+    unsigned int       ver;
+    unsigned int       cryptoType;
+    unsigned long long timeStamp;
+    unsigned int       code;
+    cJSON             *msgContend;
+} PROTOCOL_WARP, *PPROTOCOL_WARP;
+
+const char *proto_create_new(cJSON *pMsgCtx, int rspCode) {
+    const char   *pStrProto;
+    cJSON        *pRoot;
+    PROTOCOL_WARP pro = {.ver        = CURRENT_PROTOCOL_VERSION,
+                         .cryptoType = config_get_proto_crypto_type(),
+                         .timeStamp  = get_current_time_ms(),
+                         .code       = rspCode};
+
+    pRoot = cJSON_CreateObject();
+
+    if (pRoot == NULL) {
+        return NULL;
+    }
+
+    cJSON_AddNumberToObject(pRoot, "ver", pro.ver);
+    cJSON_AddNumberToObject(pRoot, "cryptoType", pro.cryptoType);
+    cJSON_AddNumberToObject(pRoot, "timeStamp", (double)pro.timeStamp);
+    cJSON_AddNumberToObject(pRoot, "code", pro.code);
+
+    if (pMsgCtx == NULL) {
+        pro.msgContend = cJSON_CreateObject();
+    }
+
+    switch (pro.cryptoType) {
+        case CRYPTO_NONE:
+            cJSON_AddItemToObject(pRoot, "msgContent", pro.msgContend);
+            break;
+        case CRYPTO_BASE64: {
+            const char *pStrMsg = cJSON_Print(pro.msgContend);
+            const char *base64  = base64_encode((unsigned char *)pStrMsg, strlen(pStrMsg));
+            cJSON_AddStringToObject(pRoot, "msgContent", base64);
+            free((void *)base64);
+        } break;
+        case CRYPTO_AES128:
+        case CRYPTO_AES256:
+        case CRYPTO_3DES: {
+            int            cryptoType, ret;
+            const char    *base64;
+            unsigned char *buf;
+            int            outSize = 0;
+            const char    *pStrMsg = cJSON_Print(pro.msgContend);
+            const char    *pKey    = config_get_proto_crypto_key();
+
+            if (pro.cryptoType == CRYPTO_AES128) {
+                cryptoType = DES3_ECB_PKCS7PADDING;
+            } else if (pro.cryptoType == CRYPTO_AES256) {
+                cryptoType = AES256_ECB_PKCS7PADDING;
+            } else {
+                cryptoType = AES128_ECB_PKCS7PADDING;
+            }
+
+            ret = symmetric_encrypto(cryptoType, (unsigned char *)pStrMsg, strlen(pStrMsg), &buf, &outSize, pKey);
+
+            if (ret != ERR_SUCCESS) {
+                dzlog_error("Unsupported protocol crypto : %d, Used default algorithm BASE64\n", cryptoType);
+                base64         = base64_encode((unsigned char *)pStrMsg, strlen(pStrMsg));
+                pro.cryptoType = CRYPTO_BASE64;
+            } else {
+                base64 = base64_encode((unsigned char *)buf, outSize);
+            }
+
+            cJSON_AddStringToObject(pRoot, "msgContent", base64);
+            free((void *)base64);
+        } break;
+        default:
+            dzlog_error("Unsupported protocol crypto algorithms: %d, Used default algorithm BASE64\n", pro.cryptoType);
+            cJSON_Delete(pRoot);
+            return NULL;
+    }
+
+    pStrProto = cJSON_Print(pRoot);
+    dzlog_debug("Create: %s\n", pStrProto);
+
+    cJSON_Delete(pRoot);
+
+    return pStrProto;
+}
\ No newline at end of file
diff --git a/srcs/open_dhcp/query.cpp b/srcs/open_dhcp/query.cpp
index f626a51..7e45333 100644
--- a/srcs/open_dhcp/query.cpp
+++ b/srcs/open_dhcp/query.cpp
@@ -272,16 +272,16 @@ static void expand_range_set(data19 *req, const char *pRequest) {
         return;
     }
 
-    fp       = req->dp;
-    pRspRoot = cJSON_CreateObject();
+    fp           = req->dp;
+    pRspRoot     = cJSON_CreateObject();
     pExpandArray = cJSON_CreateArray();
     cJSON_AddItemToObject(pRspRoot, "expansion", pExpandArray);
 
     for (int i = 0; i < cJSON_GetArraySize(prange_set); i++) {
         char   tempbuff[512];
-        cJSON *pItem    = cJSON_GetArrayItem(prange_set, i);
+        cJSON *pItem       = cJSON_GetArrayItem(prange_set, i);
         cJSON *pdhcp_range = cJSON_GetObjectItem(pItem, "dhcp_range");
-        cJSON *pEx_range = cJSON_CreateObject();
+        cJSON *pEx_range   = cJSON_CreateObject();
 
         if (!pdhcp_range) {
             cJSON_Delete(pRoot);
@@ -630,9 +630,9 @@ void opendhcp_init_http_server() {
 
     if (!added) {
         hw_http_add_route("/", opendhcp_http_info, nullptr);
-        hw_http_add_route("getuser", opendhcp_http_get_userinfo, nullptr);
-        hw_http_add_route("allusers", opendhcp_http_get_alluser, nullptr);
-        hw_http_add_route("expansion", opendhcp_http_expand_rangeset, nullptr);
+        hw_http_add_route("dchp/info/getuser", opendhcp_http_get_userinfo, nullptr);
+        hw_http_add_route("dchp/info/allusers", opendhcp_http_get_alluser, nullptr);
+        hw_http_add_route("dchp/config/rangeset", opendhcp_http_expand_rangeset, nullptr);
         added = TRUE;
     }
 }
\ No newline at end of file
diff --git a/srcs/vcpe_main.c b/srcs/vcpe_main.c
index 897d279..2254320 100644
--- a/srcs/vcpe_main.c
+++ b/srcs/vcpe_main.c
@@ -15,6 +15,7 @@
 
 #ifdef OPENDHCPD_ON
 #include "user_errno.h"
+#include "proto.h"
 #endif
 
 #ifdef OPENDHCPDDNS_ON
@@ -70,6 +71,8 @@ int main(int argc, char **argv) {
     pppoe_session_init();
 #endif
 
+    proto_create_new(NULL, 0);
+
     task_manager_run();
 
     while(!is_system_cleanup()) {