diff options
author | Nicolas Fort <nicolasfort1988@gmail.com> | 2024-09-18 14:07:24 +0000 |
---|---|---|
committer | Nicolas Fort <nicolasfort1988@gmail.com> | 2024-09-18 14:07:24 +0000 |
commit | 38511df4b376f8ec5eee9af55df92f96cab0a0cf (patch) | |
tree | 1f56d47d88ad7fef0c95a2e79d75c9f8c564cd88 /op-mode-definitions/show-log.xml.in | |
parent | 4d5cba6ca072340e2ee577c85b6ec5e7e933b0b0 (diff) | |
download | vyos-1x-38511df4b376f8ec5eee9af55df92f96cab0a0cf.tar.gz vyos-1x-38511df4b376f8ec5eee9af55df92f96cab0a0cf.zip |
T6723: firewall: extend op-mode commands <show firewall ..> and a <show log firewall ..> in order to match all chains/priorities
Diffstat (limited to 'op-mode-definitions/show-log.xml.in')
-rwxr-xr-x[-rw-r--r--] | op-mode-definitions/show-log.xml.in | 125 |
1 files changed, 125 insertions, 0 deletions
diff --git a/op-mode-definitions/show-log.xml.in b/op-mode-definitions/show-log.xml.in index f0fad63d2..c2504686d 100644..100755 --- a/op-mode-definitions/show-log.xml.in +++ b/op-mode-definitions/show-log.xml.in @@ -172,6 +172,81 @@ </node> </children> </node> + <node name="input"> + <properties> + <help>Show Bridge input firewall log</help> + </properties> + <command>journalctl --no-hostname --boot -k | grep bri-INP</command> + <children> + <node name="filter"> + <properties> + <help>Show Bridge firewall input filter</help> + </properties> + <command>journalctl --no-hostname --boot -k | grep bri-INP-filter</command> + <children> + <tagNode name="rule"> + <properties> + <help>Show log for a rule in the specified firewall</help> + <completionHelp> + <path>firewall bridge input filter rule</path> + </completionHelp> + </properties> + <command>journalctl --no-hostname --boot -k | egrep "\[bri-INP-filter-$8-[ADRJC]\]"</command> + </tagNode> + </children> + </node> + </children> + </node> + <node name="output"> + <properties> + <help>Show Bridge output firewall log</help> + </properties> + <command>journalctl --no-hostname --boot -k | grep bri-OUT</command> + <children> + <node name="filter"> + <properties> + <help>Show Bridge firewall output filter</help> + </properties> + <command>journalctl --no-hostname --boot -k | grep bri-OUT-filter</command> + <children> + <tagNode name="rule"> + <properties> + <help>Show log for a rule in the specified firewall</help> + <completionHelp> + <path>firewall bridge output filter rule</path> + </completionHelp> + </properties> + <command>journalctl --no-hostname --boot -k | egrep "\[bri-OUT-filter-$8-[ADRJC]\]"</command> + </tagNode> + </children> + </node> + </children> + </node> + <node name="prerouting"> + <properties> + <help>Show Bridge prerouting firewall log</help> + </properties> + <command>journalctl --no-hostname --boot -k | grep bri-PRE</command> + <children> + <node name="filter"> + <properties> + <help>Show Bridge firewall prerouting filter</help> + </properties> + <command>journalctl --no-hostname --boot -k | grep bri-PRE-filter</command> + <children> + <tagNode name="rule"> + <properties> + <help>Show log for a rule in the specified firewall</help> + <completionHelp> + <path>firewall bridge prerouting filter rule</path> + </completionHelp> + </properties> + <command>journalctl --no-hostname --boot -k | egrep "\[bri-PRE-filter-$8-[ADRJC]\]"</command> + </tagNode> + </children> + </node> + </children> + </node> <tagNode name="name"> <properties> <help>Show custom Bridge firewall log</help> @@ -295,6 +370,31 @@ </node> </children> </node> + <node name="prerouting"> + <properties> + <help>Show firewall IPv4 prerouting log</help> + </properties> + <command>journalctl --no-hostname --boot -k | grep ipv4-PRE</command> + <children> + <node name="raw"> + <properties> + <help>Show firewall IPv4 prerouting raw log</help> + </properties> + <command>journalctl --no-hostname --boot -k | grep ipv4-PRE-raw</command> + <children> + <tagNode name="rule"> + <properties> + <help>Show log for a rule in the specified firewall</help> + <completionHelp> + <path>firewall ipv4 prerouting raw rule</path> + </completionHelp> + </properties> + <command>journalctl --no-hostname --boot -k | egrep "\[ipv4-PRE-raw-$8-[ADRJC]\]"</command> + </tagNode> + </children> + </node> + </children> + </node> </children> </node> <node name="ipv6"> @@ -398,6 +498,31 @@ </node> </children> </node> + <node name="prerouting"> + <properties> + <help>Show firewall IPv6 prerouting log</help> + </properties> + <command>journalctl --no-hostname --boot -k | grep ipv6-PRE</command> + <children> + <node name="raw"> + <properties> + <help>Show firewall IPv6 prerouting raw log</help> + </properties> + <command>journalctl --no-hostname --boot -k | grep ipv6-PRE-raw</command> + <children> + <tagNode name="rule"> + <properties> + <help>Show log for a rule in the specified firewall</help> + <completionHelp> + <path>firewall ipv6 prerouting raw rule</path> + </completionHelp> + </properties> + <command>journalctl --no-hostname --boot -k | egrep "\[ipv6-PRE-raw-$8-[ADRJC]\]"</command> + </tagNode> + </children> + </node> + </children> + </node> </children> </node> </children> |