diff options
| -rw-r--r-- | Makefile | 1 | ||||
| -rw-r--r-- | debian/control | 1 | ||||
| -rw-r--r-- | op-mode-definitions/show-interfaces-ethernet.xml | 47 | ||||
| -rw-r--r-- | op-mode-definitions/show-license.xml | 13 | ||||
| -rw-r--r-- | op-mode-definitions/show-log.xml | 218 | ||||
| -rw-r--r-- | op-mode-definitions/show-login.xml | 33 | ||||
| -rw-r--r-- | op-mode-definitions/show-monitoring.xml | 13 | ||||
| -rw-r--r-- | op-mode-definitions/show-poweroff.xml | 13 | ||||
| -rw-r--r-- | op-mode-definitions/show-reboot.xml | 13 | ||||
| -rw-r--r-- | python/vyos/ifconfig/pppoe.py | 10 | ||||
| -rw-r--r-- | python/vyos/ifconfig/vtun.py | 12 | ||||
| -rwxr-xr-x | scripts/build-command-templates | 3 | ||||
| -rwxr-xr-x | src/conf_mode/interfaces-bonding.py | 19 | ||||
| -rwxr-xr-x | src/op_mode/show_current_user.sh | 18 |
14 files changed, 399 insertions, 15 deletions
@@ -98,7 +98,6 @@ op_mode_definitions: rm -f $(OP_TMPL_DIR)/monitor/node.def rm -f $(OP_TMPL_DIR)/generate/node.def rm -f $(OP_TMPL_DIR)/show/system/node.def - rm -f $(OP_TMPL_DIR)/show/log/node.def rm -f $(OP_TMPL_DIR)/show/vpn/node.def rm -f $(OP_TMPL_DIR)/delete/node.def rm -f $(OP_TMPL_DIR)/reset/vpn/node.def diff --git a/debian/control b/debian/control index bb6116251..85dd919a5 100644 --- a/debian/control +++ b/debian/control @@ -41,7 +41,6 @@ Depends: python3, easy-rsa, ipaddrcheck, tcpdump, - tshark, isc-dhcp-client, wide-dhcpv6-client, bmon, diff --git a/op-mode-definitions/show-interfaces-ethernet.xml b/op-mode-definitions/show-interfaces-ethernet.xml new file mode 100644 index 000000000..63afe8248 --- /dev/null +++ b/op-mode-definitions/show-interfaces-ethernet.xml @@ -0,0 +1,47 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="show"> + <children> + <node name="interfaces"> + <children> + <tagNode name="ethernet"> + <properties> + <help>Show ethernet interface information</help> + <completionHelp> + <path>interfaces ethernet</path> + </completionHelp> + </properties> + <children> + <node name="physical"> + <properties> + <help>Show physical device information for specified ethernet interface</help> + </properties> + <command>/sbin/ethtool "$4"; /sbin/ethtool -i "$4"</command> + <children> + <leafNode name="offload"> + <properties> + <help>Show physical device offloading capabilities</help> + </properties> + <command>/sbin/ethtool -k "$4"</command> + </leafNode> + </children> + </node> + <leafNode name="statistics"> + <properties> + <help>Show physical device statistics for specified ethernet interface</help> + </properties> + <command>/sbin/ethtool -S "$4"</command> + </leafNode> + <leafNode name="transceiver"> + <properties> + <help>Show transceiver information from modules (e.g SFP+, QSFP)</help> + </properties> + <command>/sbin/ethtool -m "$4"</command> + </leafNode> + </children> + </tagNode> + </children> + </node> + </children> + </node> +</interfaceDefinition> diff --git a/op-mode-definitions/show-license.xml b/op-mode-definitions/show-license.xml new file mode 100644 index 000000000..2ce11567d --- /dev/null +++ b/op-mode-definitions/show-license.xml @@ -0,0 +1,13 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="show"> + <children> + <leafNode name="license"> + <properties> + <help>Show VyOS license information</help> + </properties> + <command>less $_vyatta_less_options --prompt=".license, page %dt of %D" -- ${vyatta_sysconfdir}/LICENSE</command> + </leafNode> + </children> + </node> +</interfaceDefinition> diff --git a/op-mode-definitions/show-log.xml b/op-mode-definitions/show-log.xml new file mode 100644 index 000000000..0c4da647b --- /dev/null +++ b/op-mode-definitions/show-log.xml @@ -0,0 +1,218 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="show"> + <children> + <node name="log"> + <properties> + <help>Show contents of current master log file</help> + </properties> + <command>/bin/journalctl</command> + <children> + <leafNode name="all"> + <properties> + <help>Show contents of all master log files</help> + </properties> + <command>eval $(lesspipe); less $_vyatta_less_options --prompt=".log?m, file %i of %m., page %dt of %D" -- `printf "%s\n" /var/log/messages* | sort -nr`</command> + </leafNode> + <leafNode name="authorization"> + <properties> + <help>Show listing of authorization attempts</help> + </properties> + <command>/bin/journalctl -q SYSLOG_FACILITY=10 SYSLOG_FACILITY=4</command> + </leafNode> + <leafNode name="cluster"> + <properties> + <help>Show log for Cluster</help> + </properties> + <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep -e heartbeat -e cl_status -e mach_down -e ha_log</command> + </leafNode> + <leafNode name="conntrack-sync"> + <properties> + <help>Show log for Conntrack-sync</help> + </properties> + <command>cat $(printf "%s\n" /var/log/messages* | sort -nr ) | grep -e conntrackd</command> + </leafNode> + <leafNode name="dhcp"> + <properties> + <help>Show log for Dynamic Host Control Protocol (DHCP)</help> + </properties> + <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep dhcpd</command> + </leafNode> + <node name="firewall"> + <properties> + <help>Show log for Firewall</help> + </properties> + <children> + <tagNode name="ipv6-name"> + <properties> + <help>Show log for a specified firewall (IPv6)</help> + <completionHelp> + <path>firewall ipv6-name</path> + </completionHelp> + </properties> + <command>cat $(printf "%s\n" /var/log/messages* | sort -nr ) | egrep "\[$5-([0-9]+|default)-[ADR]\]"</command> + <children> + <tagNode name="rule"> + <properties> + <help>Show log for a rule in the specified firewall</help> + <completionHelp> + <path>firewall ipv6-name ${COMP_WORDS[4]} rule</path> + </completionHelp> + </properties> + <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep -e "\[$5-$7-[ADR]\]"</command> + </tagNode> + </children> + </tagNode> + <tagNode name="name"> + <properties> + <help>Show log for a specified firewall (IPv4)</help> + <completionHelp> + <path>firewall name</path> + </completionHelp> + </properties> + <command>cat $(printf "%s\n" /var/log/messages* | sort -nr ) | egrep "\[$5-([0-9]+|default)-[ADR]\]"</command> + <children> + <tagNode name="rule"> + <properties> + <help>Show log for a rule in the specified firewall</help> + <completionHelp> + <path>firewall name ${COMP_WORDS[4]} rule</path> + </completionHelp> + </properties> + <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | egrep "\[$5-$7-[ADR]\]"</command> + </tagNode> + </children> + </tagNode> + </children> + </node> + <leafNode name="https"> + <properties> + <help>Show log for HTTPs</help> + </properties> + <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep -e nginx</command> + </leafNode> + <tagNode name="image"> + <properties> + <help>Show contents of master log file for image</help> + <completionHelp> + <script>compgen -f /lib/live/mount/persistence/boot/ | grep -v grub | sed -e s@/lib/live/mount/persistence/boot/@@</script> + </completionHelp> + </properties> + <command>less $_vyatta_less_options --prompt=".log, page %dt of %D" -- /lib/live/mount/persistence/boot/$4/rw/var/log/messages</command> + <children> + <leafNode name="all"> + <properties> + <help>Show contents of all master log files for image</help> + </properties> + <command>eval $(lesspipe); less $_vyatta_less_options --prompt=".log?m, file %i of %m., page %dt of %D" -- `printf "%s\n" /lib/live/mount/persistence/boot/$4/rw/var/log/messages* | sort -nr`</command> + </leafNode> + <leafNode name="authorization"> + <properties> + <help>Show listing of authorization attempts for image</help> + </properties> + <command>less $_vyatta_less_options --prompt=".log, page %dt of %D" -- /lib/live/mount/persistence/boot/$4/rw/var/log/auth.log</command> + </leafNode> + <tagNode name="tail"> + <properties> + <help>Show last changes to messages</help> + <completionHelp> + <list><NUMBER></list> + </completionHelp> + </properties> + <command>tail -n "$6" /lib/live/mount/persistence/boot/$4/rw/var/log/messages | ${VYATTA_PAGER:-cat}</command> + </tagNode> + </children> + </tagNode> + <leafNode name="lldp"> + <properties> + <help>Show log for LLDP</help> + </properties> + <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep -e lldpd</command> + </leafNode> + <leafNode name="nat"> + <properties> + <help>Show log for Network Address Translation (NAT)</help> + </properties> + <command>egrep -i "kernel:.*\[NAT-[A-Z]{3,}-[0-9]+(-MASQ)?\]" $(find /var/log -maxdepth 1 -type f -name messages\* | sort -t. -k2nr)</command> + </leafNode> + <leafNode name="nat"> + <properties> + <help>Show log for OpenVPN</help> + </properties> + <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep -e openvpn</command> + </leafNode> + <leafNode name="snmp"> + <properties> + <help>Show log for Simple Network Monitoring Protocol (SNMP)</help> + </properties> + <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep -e snmpd</command> + </leafNode> + <tagNode name="tail"> + <properties> + <help>Show last n changes to messages</help> + <completionHelp> + <list><NUMBER></list> + </completionHelp> + </properties> + <command>tail -n "$4" /var/log/messages | ${VYATTA_PAGER:-cat}</command> + </tagNode> + <node name="tail"> + <properties> + <help>Show last 10 lines of /var/log/messages file</help> + </properties> + <command>tail -n 10 /var/log/messages</command> + </node> + <node name="vpn"> + <properties> + <help>Show log for Virtual Private Network (VPN)</help> + </properties> + <children> + <leafNode name="all"> + <properties> + <help>Show log for ALL</help> + </properties> + <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep -e charon -e accel -e pptpd -e ppp</command> + </leafNode> + <leafNode name="ipsec"> + <properties> + <help>Show log for IPSec</help> + </properties> + <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep -e charon</command> + </leafNode> + <leafNode name="l2tp"> + <properties> + <help>Show log for L2TP</help> + </properties> + <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep -e remote-access-aaa-win -e remote-access-zzz-mac -e accel-l2tp -e ppp</command> + </leafNode> + <leafNode name="pptp"> + <properties> + <help>Show log for PPTP</help> + </properties> + <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep -e accel-pptp -e ppp</command> + </leafNode> + <leafNode name="sstp"> + <properties> + <help>Show log for SSTP</help> + </properties> + <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep -e accel-sstp -e ppp</command> + </leafNode> + </children> + </node> + <leafNode name="vrrp"> + <properties> + <help>Show log for Virtual Router Redundancy Protocol (VRRP)</help> + </properties> + <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep -e Keepalived_vrrp</command> + </leafNode> + <leafNode name="webproxy"> + <properties> + <help>Show log for Webproxy</help> + </properties> + <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep -e "squid"</command> + </leafNode> + </children> + </node> + </children> + </node> +</interfaceDefinition> diff --git a/op-mode-definitions/show-login.xml b/op-mode-definitions/show-login.xml new file mode 100644 index 000000000..6d8c782c4 --- /dev/null +++ b/op-mode-definitions/show-login.xml @@ -0,0 +1,33 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="show"> + <children> + <node name="login"> + <properties> + <help>Show current login credentials</help> + </properties> + <command>${vyos_op_scripts_dir}/show_current_user.sh</command> + <children> + <leafNode name="groups"> + <properties> + <help>Show current login group information</help> + </properties> + <command>/usr/bin/id -Gn</command> + </leafNode> + <leafNode name="level"> + <properties> + <help>Show current login level</help> + </properties> + <command>if [ -n "$VYATTA_USER_LEVEL_DIR" ]; then basename $VYATTA_USER_LEVEL_DIR; fi</command> + </leafNode> + <leafNode name="user"> + <properties> + <help>Show current login user id</help> + </properties> + <command>/usr/bin/id -un</command> + </leafNode> + </children> + </node> + </children> + </node> +</interfaceDefinition> diff --git a/op-mode-definitions/show-monitoring.xml b/op-mode-definitions/show-monitoring.xml new file mode 100644 index 000000000..2651b3438 --- /dev/null +++ b/op-mode-definitions/show-monitoring.xml @@ -0,0 +1,13 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="show"> + <children> + <leafNode name="monitoring"> + <properties> + <help>Show currently monitored services</help> + </properties> + <command>vtysh -c "show debugging"</command> + </leafNode> + </children> + </node> +</interfaceDefinition> diff --git a/op-mode-definitions/show-poweroff.xml b/op-mode-definitions/show-poweroff.xml new file mode 100644 index 000000000..1fd2afcc3 --- /dev/null +++ b/op-mode-definitions/show-poweroff.xml @@ -0,0 +1,13 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="show"> + <children> + <leafNode name="poweroff"> + <properties> + <help>Show scheduled poweroff</help> + </properties> + <command>${vyos_op_scripts_dir}/powerctrl.py --check</command> + </leafNode> + </children> + </node> +</interfaceDefinition> diff --git a/op-mode-definitions/show-reboot.xml b/op-mode-definitions/show-reboot.xml new file mode 100644 index 000000000..c85966bcb --- /dev/null +++ b/op-mode-definitions/show-reboot.xml @@ -0,0 +1,13 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="show"> + <children> + <leafNode name="reboot"> + <properties> + <help>Show scheduled reboot</help> + </properties> + <command>${vyos_op_scripts_dir}/powerctrl.py --check</command> + </leafNode> + </children> + </node> +</interfaceDefinition> diff --git a/python/vyos/ifconfig/pppoe.py b/python/vyos/ifconfig/pppoe.py index 7504408cf..787245696 100644 --- a/python/vyos/ifconfig/pppoe.py +++ b/python/vyos/ifconfig/pppoe.py @@ -30,4 +30,12 @@ class PPPoEIf(Interface): }, } - # The _create and _delete need to be moved from interface-ppoe to here + # stub this interface is created in the configure script + + def _create(self): + # we can not create this interface as it is managed outside + pass + + def _delete(self): + # we can not create this interface as it is managed outside + pass diff --git a/python/vyos/ifconfig/vtun.py b/python/vyos/ifconfig/vtun.py index 07d39fcbb..60c178b9a 100644 --- a/python/vyos/ifconfig/vtun.py +++ b/python/vyos/ifconfig/vtun.py @@ -31,4 +31,14 @@ class VTunIf(Interface): }, } - # The _create and _delete need to be moved from interface-ppoe to here + # stub this interface is created in the configure script + + def _create(self): + # we can not create this interface as it is managed outside + # it requires configuring OpenVPN + pass + + def _delete(self): + # we can not create this interface as it is managed outside + # it requires configuring OpenVPN + pass diff --git a/scripts/build-command-templates b/scripts/build-command-templates index 767517b29..457adbec2 100755 --- a/scripts/build-command-templates +++ b/scripts/build-command-templates @@ -249,7 +249,8 @@ def process_node(n, tmpl_dir): my_tmpl_dir.append(name) - print("Name of the node: {0}. Created directory: {1}\n".format(name, "/".join(my_tmpl_dir)), end="") + if debug: + print("Name of the node: {0}. Created directory: {1}\n".format(name, "/".join(my_tmpl_dir)), end="") os.makedirs(make_path(my_tmpl_dir), exist_ok=True) props = get_properties(props_elem) diff --git a/src/conf_mode/interfaces-bonding.py b/src/conf_mode/interfaces-bonding.py index c2081b8c3..a16c4e105 100755 --- a/src/conf_mode/interfaces-bonding.py +++ b/src/conf_mode/interfaces-bonding.py @@ -128,16 +128,15 @@ def get_config(): bond['mode'] = get_bond_mode(act_mode) # determine bond member interfaces (currently configured) - if conf.exists('member interface'): - bond['member'] = conf.return_values('member interface') - - # We can not call conf.return_effective_values() as it would not work - # on reboots. Reboots/First boot will return that running config and - # saved config is the same, thus on a reboot the bond members will - # not be added all (https://phabricator.vyos.net/T2030) - live_members = BondIf(bond['intf']).get_slaves() - if not (bond['member'] == live_members): - bond['shutdown_required'] = True + bond['member'] = conf.return_values('member interface') + + # We can not call conf.return_effective_values() as it would not work + # on reboots. Reboots/First boot will return that running config and + # saved config is the same, thus on a reboot the bond members will + # not be added all (https://phabricator.vyos.net/T2030) + live_members = BondIf(bond['intf']).get_slaves() + if not (bond['member'] == live_members): + bond['shutdown_required'] = True # Primary device interface if conf.exists('primary'): diff --git a/src/op_mode/show_current_user.sh b/src/op_mode/show_current_user.sh new file mode 100755 index 000000000..93e6efa61 --- /dev/null +++ b/src/op_mode/show_current_user.sh @@ -0,0 +1,18 @@ +#! /bin/bash + +echo -n "login : " ; who -m + +if [ -n "$VYATTA_USER_LEVEL_DIR" ] +then + echo -n "level : " + basename $VYATTA_USER_LEVEL_DIR +fi + +echo -n "user : " ; id -un +echo -n "groups : " ; id -Gn + +if id -Z >/dev/null 2>&1 +then + echo -n "context : " + id -Z +fi |