summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-10-29 19:09:41 +0200
committerGitHub <noreply@github.com>2021-10-29 19:09:41 +0200
commit25fea6d05b378792fde1effc757fc8922253251e (patch)
treea7d7f9035d8177e915ad1a78ec9f6da12335e904
parent9d0d4b9d6dd2adaa80365d6049f643eac767395c (diff)
parent6650524e39896e950a80a45ab042d6fbfdf2da15 (diff)
downloadvyos-1x-25fea6d05b378792fde1effc757fc8922253251e.tar.gz
vyos-1x-25fea6d05b378792fde1effc757fc8922253251e.zip
Merge pull request #1053 from sever-sever/T3942-crux
op-mode: T3942: Add generate IPSec debug-archive
-rw-r--r--op-mode-definitions/generate-ipsec-debug-archive.xml20
-rwxr-xr-xsrc/op_mode/generate_ipsec_debug_archive.sh36
2 files changed, 56 insertions, 0 deletions
diff --git a/op-mode-definitions/generate-ipsec-debug-archive.xml b/op-mode-definitions/generate-ipsec-debug-archive.xml
new file mode 100644
index 000000000..ecd7108c4
--- /dev/null
+++ b/op-mode-definitions/generate-ipsec-debug-archive.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0"?>
+<interfaceDefinition>
+ <node name="generate">
+ <children>
+ <node name="ipsec">
+ <properties>
+ <help>Generate IPsec archives</help>
+ </properties>
+ <children>
+ <node name="debug-archive">
+ <properties>
+ <help>Generate IPSec debug-archive</help>
+ </properties>
+ <command>${vyos_op_scripts_dir}/generate_ipsec_debug_archive.sh</command>
+ </node>
+ </children>
+ </node>
+ </children>
+ </node>
+</interfaceDefinition>
diff --git a/src/op_mode/generate_ipsec_debug_archive.sh b/src/op_mode/generate_ipsec_debug_archive.sh
new file mode 100755
index 000000000..53d0a6eaa
--- /dev/null
+++ b/src/op_mode/generate_ipsec_debug_archive.sh
@@ -0,0 +1,36 @@
+#!/usr/bin/env bash
+
+# Collecting IPSec Debug Information
+
+DATE=`date +%d-%m-%Y`
+
+a_CMD=(
+ "sudo ipsec status"
+ "sudo swanctl -L"
+ "sudo swanctl -l"
+ "sudo swanctl -P"
+ "sudo ip x sa show"
+ "sudo ip x policy show"
+ "sudo ip tunnel show"
+ "sudo ip address"
+ "sudo ip rule show"
+ "sudo ip route"
+ "sudo ip route show table 220"
+ )
+
+
+echo "DEBUG: ${DATE} on host \"$(hostname)\"" > /tmp/ipsec-status-${DATE}.txt
+date >> /tmp/ipsec-status-${DATE}.txt
+
+# Execute all DEBUG commands and save it to file
+for cmd in "${a_CMD[@]}"; do
+ echo -e "\n### ${cmd} ###" >> /tmp/ipsec-status-${DATE}.txt
+ ${cmd} >> /tmp/ipsec-status-${DATE}.txt 2>/dev/null
+done
+
+# Collect charon logs, build .tgz archive
+sudo journalctl /usr/lib/ipsec/charon > /tmp/journalctl-charon-${DATE}.txt && \
+sudo tar -zcvf /tmp/ipsec-debug-${DATE}.tgz /tmp/journalctl-charon-${DATE}.txt /tmp/ipsec-status-${DATE}.txt >& /dev/null
+sudo rm -f /tmp/journalctl-charon-${DATE}.txt /tmp/ipsec-status-${DATE}.txt
+
+echo "Debug file is generated and located in /tmp/ipsec-debug-${DATE}.tgz"