diff options
| author | Viacheslav <v.gletenko@vyos.io> | 2021-10-26 20:34:48 +0000 |
|---|---|---|
| committer | Viacheslav <v.gletenko@vyos.io> | 2021-10-26 20:34:48 +0000 |
| commit | 0e0565b83909784abcf5858f8ea178ded98debb0 (patch) | |
| tree | 1c20798a0d57375df331a8cd80419f89e24baf82 | |
| parent | 8c8fe9b6f91d0a0b6c56b9e7a31b8f71dca75272 (diff) | |
| download | vyos-1x-0e0565b83909784abcf5858f8ea178ded98debb0.tar.gz vyos-1x-0e0565b83909784abcf5858f8ea178ded98debb0.zip | |
op-mode: T3942: Add feature generate IPSec debug-archive
| -rw-r--r-- | op-mode-definitions/generate-ipsec-debug-archive.xml.in | 20 | ||||
| -rwxr-xr-x | src/op_mode/generate_ipsec_debug_archive.sh | 36 |
2 files changed, 56 insertions, 0 deletions
diff --git a/op-mode-definitions/generate-ipsec-debug-archive.xml.in b/op-mode-definitions/generate-ipsec-debug-archive.xml.in new file mode 100644 index 000000000..ecd7108c4 --- /dev/null +++ b/op-mode-definitions/generate-ipsec-debug-archive.xml.in @@ -0,0 +1,20 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="generate"> + <children> + <node name="ipsec"> + <properties> + <help>Generate IPsec archives</help> + </properties> + <children> + <node name="debug-archive"> + <properties> + <help>Generate IPSec debug-archive</help> + </properties> + <command>${vyos_op_scripts_dir}/generate_ipsec_debug_archive.sh</command> + </node> + </children> + </node> + </children> + </node> +</interfaceDefinition> diff --git a/src/op_mode/generate_ipsec_debug_archive.sh b/src/op_mode/generate_ipsec_debug_archive.sh new file mode 100755 index 000000000..53d0a6eaa --- /dev/null +++ b/src/op_mode/generate_ipsec_debug_archive.sh @@ -0,0 +1,36 @@ +#!/usr/bin/env bash + +# Collecting IPSec Debug Information + +DATE=`date +%d-%m-%Y` + +a_CMD=( + "sudo ipsec status" + "sudo swanctl -L" + "sudo swanctl -l" + "sudo swanctl -P" + "sudo ip x sa show" + "sudo ip x policy show" + "sudo ip tunnel show" + "sudo ip address" + "sudo ip rule show" + "sudo ip route" + "sudo ip route show table 220" + ) + + +echo "DEBUG: ${DATE} on host \"$(hostname)\"" > /tmp/ipsec-status-${DATE}.txt +date >> /tmp/ipsec-status-${DATE}.txt + +# Execute all DEBUG commands and save it to file +for cmd in "${a_CMD[@]}"; do + echo -e "\n### ${cmd} ###" >> /tmp/ipsec-status-${DATE}.txt + ${cmd} >> /tmp/ipsec-status-${DATE}.txt 2>/dev/null +done + +# Collect charon logs, build .tgz archive +sudo journalctl /usr/lib/ipsec/charon > /tmp/journalctl-charon-${DATE}.txt && \ +sudo tar -zcvf /tmp/ipsec-debug-${DATE}.tgz /tmp/journalctl-charon-${DATE}.txt /tmp/ipsec-status-${DATE}.txt >& /dev/null +sudo rm -f /tmp/journalctl-charon-${DATE}.txt /tmp/ipsec-status-${DATE}.txt + +echo "Debug file is generated and located in /tmp/ipsec-debug-${DATE}.tgz" |