diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-10-29 19:09:41 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-10-29 19:09:41 +0200 |
commit | 25fea6d05b378792fde1effc757fc8922253251e (patch) | |
tree | a7d7f9035d8177e915ad1a78ec9f6da12335e904 | |
parent | 9d0d4b9d6dd2adaa80365d6049f643eac767395c (diff) | |
parent | 6650524e39896e950a80a45ab042d6fbfdf2da15 (diff) | |
download | vyos-1x-25fea6d05b378792fde1effc757fc8922253251e.tar.gz vyos-1x-25fea6d05b378792fde1effc757fc8922253251e.zip |
Merge pull request #1053 from sever-sever/T3942-crux
op-mode: T3942: Add generate IPSec debug-archive
-rw-r--r-- | op-mode-definitions/generate-ipsec-debug-archive.xml | 20 | ||||
-rwxr-xr-x | src/op_mode/generate_ipsec_debug_archive.sh | 36 |
2 files changed, 56 insertions, 0 deletions
diff --git a/op-mode-definitions/generate-ipsec-debug-archive.xml b/op-mode-definitions/generate-ipsec-debug-archive.xml new file mode 100644 index 000000000..ecd7108c4 --- /dev/null +++ b/op-mode-definitions/generate-ipsec-debug-archive.xml @@ -0,0 +1,20 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="generate"> + <children> + <node name="ipsec"> + <properties> + <help>Generate IPsec archives</help> + </properties> + <children> + <node name="debug-archive"> + <properties> + <help>Generate IPSec debug-archive</help> + </properties> + <command>${vyos_op_scripts_dir}/generate_ipsec_debug_archive.sh</command> + </node> + </children> + </node> + </children> + </node> +</interfaceDefinition> diff --git a/src/op_mode/generate_ipsec_debug_archive.sh b/src/op_mode/generate_ipsec_debug_archive.sh new file mode 100755 index 000000000..53d0a6eaa --- /dev/null +++ b/src/op_mode/generate_ipsec_debug_archive.sh @@ -0,0 +1,36 @@ +#!/usr/bin/env bash + +# Collecting IPSec Debug Information + +DATE=`date +%d-%m-%Y` + +a_CMD=( + "sudo ipsec status" + "sudo swanctl -L" + "sudo swanctl -l" + "sudo swanctl -P" + "sudo ip x sa show" + "sudo ip x policy show" + "sudo ip tunnel show" + "sudo ip address" + "sudo ip rule show" + "sudo ip route" + "sudo ip route show table 220" + ) + + +echo "DEBUG: ${DATE} on host \"$(hostname)\"" > /tmp/ipsec-status-${DATE}.txt +date >> /tmp/ipsec-status-${DATE}.txt + +# Execute all DEBUG commands and save it to file +for cmd in "${a_CMD[@]}"; do + echo -e "\n### ${cmd} ###" >> /tmp/ipsec-status-${DATE}.txt + ${cmd} >> /tmp/ipsec-status-${DATE}.txt 2>/dev/null +done + +# Collect charon logs, build .tgz archive +sudo journalctl /usr/lib/ipsec/charon > /tmp/journalctl-charon-${DATE}.txt && \ +sudo tar -zcvf /tmp/ipsec-debug-${DATE}.tgz /tmp/journalctl-charon-${DATE}.txt /tmp/ipsec-status-${DATE}.txt >& /dev/null +sudo rm -f /tmp/journalctl-charon-${DATE}.txt /tmp/ipsec-status-${DATE}.txt + +echo "Debug file is generated and located in /tmp/ipsec-debug-${DATE}.tgz" |