summaryrefslogtreecommitdiff
path: root/docs/appendix/commandtree/configmode.rst
diff options
context:
space:
mode:
Diffstat (limited to 'docs/appendix/commandtree/configmode.rst')
-rw-r--r--docs/appendix/commandtree/configmode.rst542
1 files changed, 0 insertions, 542 deletions
diff --git a/docs/appendix/commandtree/configmode.rst b/docs/appendix/commandtree/configmode.rst
deleted file mode 100644
index 049863b6..00000000
--- a/docs/appendix/commandtree/configmode.rst
+++ /dev/null
@@ -1,542 +0,0 @@
-.. _commandtree_configmode:
-
-Configuration mode
-------------------
-
-.. code-block:: none
-
- confirm Confirm prior commit-confirm
- comment Add comment to this configuration element
- commit Commit the current set of changes
- commit-confirm Commit the current set of changes with 'confirm' required
- compare Compare configuration revisions
- copy Copy a configuration element
- delete Delete a configuration element
- discard Discard uncommitted changes
- edit Edit a sub-element
- exit Exit from this configuration level
- load Load configuration from a file and replace running configuration
- loadkey Load user SSH key from a file
- merge Load configuration from a file and merge running configuration
- rename Rename a configuration element
- rollback Rollback to a prior config revision (requires reboot)
- run Run an operational-mode command
- save Save configuration to a file
- set Set the value of a parameter or create a new element
- show Show the configuration (default values may be suppressed)
-
-
-Confirm
-^^^^^^^
-
-The ``confirm`` command confirms the prior ``commit-confirm``.
-
-Comment
-^^^^^^^
-
-The ``comment`` commands allow you to insert a comment above the current configuration section.
-The command cannot be used at the top of the configuration hierarchy, only on subsections. Comments needs to be commited, just like other config changes.
-
-To add a comment to a section, while being already at the proper section level:
-
-.. code-block:: none
-
- [edit <section>]
- vyos@vyos# comment "Type Comment Here"
-
-To add a comment directly to a section, from the top or a higher section:
-
-.. code-block:: none
-
- [edit]
- vyos@vyos# comment <section> "Type Comment Here"
-
-To remove a comment, add a blank comment to overwrite:
-
-.. code-block:: none
-
- [edit <section>]
- vyos@vyos# comment ""
-
-Examples
-********
-
-To add a comment to the "interfaces" section:
-
-.. code-block:: none
-
- [edit]
- vyos@vyos# edit interfaces
- [edit interfaces]
- vyos@vyos# comment "Here is a comment"
- [edit interfaces]
- vyos@vyos# commit
-
-The comment would then appear like this:
-
-.. code-block:: none
-
- [edit]
- vyos@vyos# show
- /* Here is a comment */
- interfaces {
- ethernet eth0 {
- [...]
-
-
-An important thing to note is that since the comment is added on top of the section, it will not appear if the ``show <section>`` command is used. With the above example, the ``show interfaces`` command would return starting after the "interfaces {" line, hiding the comment:
-
-.. code-block:: none
-
- [edit]
- vyos@vyos# show interfaces
- ethernet eth0 {
- [...]
-
-
-To add a comment to the interfaces section from the top:
-
-.. code-block:: none
-
- [edit]
- vyos@vyos# comment interfaces "test"
-
-
-The comment can be added to any node that already exists, even if it's multiple levels lower:
-
-.. code-block:: none
-
- [edit]
- vyos@vyos# comment interfaces ethernet eth0 vif 222 address "Far down comment"
-
-
-Commit
-^^^^^^
-
-The ``commit`` command commits the proposed changes to the configuration file.
-Every changes done in the configuration session is only applied when the configuration is committed. To view the changes that will be applied, use the show command.
-To discard the changes without committing, use the ``discard`` command. The ``commit`` command doesn't save the configuration, you need to manually use the ``save`` command.
-
-The confirm keyword can be added, see ``commit-confirm``. A comment can be entered, it will appear in the commit log.
-
-.. code-block:: none
-
- [edit]
- vyos@vyos# commit
- Possible completions:
- <Enter> Commit working configuration
- comment Comment for commit log
-
-Commit-confirm
-^^^^^^^^^^^^^^
-
-The ``commit-confirm`` command commits the proposed changes to the configuration file and starts a timer.
-If the ``confirm`` command is not entered before the timer expiration, the configuration will be rolled back and VyOS will reboot.
-The default timer value is 10 minutes, but a custom value can be entered.
-
-.. code-block:: none
-
- [edit]
- vyos@vyos# commit-confirm
- Possible completions:
- <Enter> Commit, rollback/reboot in 10 minutes if no confirm
- <N> Commit, rollback/reboot in N minutes if no confirm
- comment Comment for commit log
-
-
-Compare
-^^^^^^^
-
-VyOS maintains backups of previous configurations. To compare configuration revisions in configuration mode, use the compare command:
-
-.. code-block:: none
-
- [edit]
- vyos@vyos# compare
- Possible completions:
- <Enter> Compare working & active configurations
- saved Compare working & saved configurations
- <N> Compare working with revision N
- <N> <M> Compare revision N with M
-
- Revisions:
- 0 2019-03-20 20:57:22 root by boot-config-loader
- 1 2019-03-15 20:00:04 root by boot-config-loader
- 2 2019-03-05 01:58:39 vyos by cli
- 3 2019-03-05 01:54:59 vyos by cli
- 4 2019-03-05 01:53:08 vyos by cli
- 5 2019-03-05 01:52:21 vyos by cli
- 6 2019-02-24 21:01:24 root by boot-config-loader
- 7 2019-02-21 22:00:12 vyos by cli
- 8 2019-02-21 21:56:49 vyos by cli
-
-
-Copy
-^^^^
-
-The ``copy`` command allows you to copy a configuration object.
-
-Copy the configuration entrys from a firewall name WAN rule 1 to rule 2.
-
-.. code-block:: none
-
- [edit firewall name WAN]
- vyos@vyos# show
- rule 1 {
- action accept
- source {
- address 10.1.0.0/24
- }
- }
- [edit firewall name WAN]
- vyos@vyos# copy rule 1 to rule 2
- [edit firewall name WAN]
- vyos@vyos# show
- rule 1 {
- action accept
- source {
- address 10.1.0.0/24
- }
- }
- +rule 2 {
- + action accept
- + source {
- + address 10.1.0.0/24
- + }
- +}
-
-Delete
-^^^^^^
-
-The ``delte`` command is to delete a configuration entry.
-
-This Example delete the hole ``service tftp-server`` section.
-
-.. code-block:: none
-
- delete service tftp-server
-
-Discard
-^^^^^^^
-
-The ``discard`` command removes all pending configuration changes.
-
-.. code-block:: none
-
- [edit]
- vyos@vyos# discard
-
- Changes have been discarded
-
-Edit
-^^^^
-
-The ``edit`` command allows you to navigate down into the configuration tree.
-
-To avoid writing or pasting long paths,
-you can set the edit level to any node with the "edit" command,
-such as "edit firewall name Foo".
-Once you are at some level, you can use relative node paths,
-such as "set rule 10 action accept" in this case.
-
-To get back to an upper level, use the ``up`` command or use the ``top`` command to get back to the upper most level.
-The ``[edit]`` text displays where the user is located in the configuration tree.
-
-.. code-block:: none
-
- vyos@vyos# edit firewall name Foo
-
- [edit firewall name Foo]
-
- vyos@vyos# set rule 10 protocol tcp
-
- [edit firewall name Foo]
-
- vyos@vyos# edit rule 10
-
- [edit firewall name Foo rule 10]
-
- vyos@vyos# set destination port 22
-
- [edit firewall name Foo rule 10]
-
- vyos@vyos# up
-
- [edit firewall name Foo]
-
- vyos@vyos# set rule 10 description "Allow SSH"
-
- [edit firewall name Foo]
-
- vyos@vyos# top
-
- [edit]
-
-Exit
-^^^^
-
-The ``exit`` command exits the current configuration mode. If the current configuration level isn't the top-most, then the configuration level is put back to the top-most level.
-If the configuration level is at the top-most level, then it exits the configuration mode and returns to operational mode.
-The ``exit`` command cannot be used if uncommitted changes exists in the configuration file. To exit with uncommitted changes, you either need to use the ``exit discard`` command or you need to commit the changes before exiting.
-The ``exit`` command doesn't save the configuration, only the ``save`` command does. A warning will be given when exiting with unsaved changes. Using the ``exit`` command in operational mode will logout the session.
-
-
-Exiting from a configuration level:
-
-
-.. code-block:: none
-
- [edit interfaces ethernet eth0]
- vyos@vyos# exit
-
-Exiting from configuration mode:
-
-.. code-block:: none
-
- [edit]
- vyos@vyos# exit
- exit
- vyos@vyos:~$
-
-Exiting from operational mode:
-
-.. code-block:: none
-
- vyos@vyos:~$ exit
- logout
-
-Error message when trying to exit with uncommitted changes:
-
-.. code-block:: none
-
- vyos@vyos# exit
- Cannot exit: configuration modified.
- Use 'exit discard' to discard the changes and exit.
-
-
-Warning message when exiting with unsaved changes:
-
-.. code-block:: none
-
- [edit]
- vyos@vyos# exit
- Warning: configuration changes have not been saved.
-
-Load
-^^^^
-
-The ``load`` command load a configuration from a local or remote file. You have to be use ``commit`` to make the change active
-
-.. code-block:: none
-
- <Enter> Load from system config file
- <file> Load from file on local machine
- scp://<user>:<passwd>@<host>/<file> Load from file on remote machine
- sftp://<user>:<passwd>@<host>/<file> Load from file on remote machine
- ftp://<user>:<passwd>@<host>/<file> Load from file on remote machine
- http://<host>/<file> Load from file on remote machine
- https://<host>/<file> Load from file on remote machine
- tftp://<host>/<file> Load from file on remote machine
-
-
-.. code-block:: none
-
- [edit]
- vyos@vyos# load
- Loading configuration from '/config/config.boot'...
-
- Load complete. Use 'commit' to make changes active.
-
-
-Loadkey
-^^^^^^^^
-
-Copies the content of a public key to the ~/.ssh/authorized_keys file.
-
-.. code-block:: none
-
- loadkey <username> [tab]
-
- <file> Load from file on local machine
- scp://<user>@<host>/<file> Load from file on remote machine
- sftp://<user>@<host>/<file> Load from file on remote machine
- ftp://<user>@<host>/<file> Load from file on remote machine
- http://<host>/<file> Load from file on remote machine
- tftp://<host>/<file> Load from file on remote machine
-
-Merge
-^^^^^
-
-The ``merge`` command merge the config from a local or remote file with the running config.
-
-In the example below exist a ``default-firewall.config`` file with some common firewall rules you saved earlier.
-
-.. code-block:: none
-
- [edit]
- vyos@vyos# show firewall
- Configuration under specified path is empty
- [edit]
- vyos@vyos# merge default-firewall.config
- Loading configuration from '/config/default-firewall.config'...
-
- Merge complete. Use 'commit' to make changes active.
-
- vyos@vyos# show firewall
- +all-ping enable
- +broadcast-ping disable
- +config-trap disable
- +ipv6-receive-redirects disable
- +ipv6-src-route disable
- +ip-src-route disable
- +log-martians enable
- +name WAN {
- + default-action drop
- + rule 1 {
- + action accept
- + source {
- + address 10.1.0.0/24
- + }
- + }
- + rule 2 {
- + action accept
- + source {
- + address 10.1.0.0/24
- + }
- ......
-
-
-Rename
-^^^^^^
-
-The ``rename`` command allows you to rename or move a configuration object.
-
-See here how to move the configuration entrys from vlanid 3 to 2
-
-.. code-block:: none
-
- [edit interfaces ethernet eth1]
- vyos@vyos# show
- duplex auto
- hw-id 00:53:22:81:c6:59
- smp-affinity auto
- speed auto
- vif 3 {
- address 10.4.4.4/32
- }
- [edit interfaces ethernet eth1]
- vyos@vyos# rename vif 3 to vif 2
- [edit interfaces ethernet eth1]
- vyos@vyos# show
- duplex auto
- hw-id 00:53:22:81:c6:59
- smp-affinity auto
- speed auto
- +vif 2 {
- + address 10.4.4.4/32
- +}
- -vif 3 {
- - address 10.4.4.4/32
- -}
- [edit interfaces ethernet eth1]
-
-
-Rollback
-^^^^^^^^
-
-You can ``rollback`` configuration using the rollback command, however this command will currently trigger a system reboot.
-Use the compare command to verify the configuration you want to rollback to.
-
-.. code-block:: none
-
- vyos@vyos# compare 1
- [edit system]
- >host-name vyos-1
- [edit]
- vyos@vyos# rollback 1
- Proceed with reboot? [confirm][y]
-
- Broadcast message from root@vyos-1 (pts/0) (Tue Dec 17 21:07:45 2018):
-
- The system is going down for reboot NOW!
-
-Run
-^^^
-
-The ``run`` command allows you to execute any operational mode commands without exiting the configuration session.
-
-.. code-block:: none
-
- [edit]
- vyos@vyos# run show interfaces
- Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
- Interface IP Address S/L Description
- --------- ---------- --- -----------
- eth0 10.1.1.1/24 u/u
-
-
-Save
-^^^^
-
-The ``save`` command saves the current configuration to non-volatile storage. VyOS also supports saving and loading configuration remotely using SCP, FTP, or TFTP.
-
-.. code-block:: none
-
- <Enter> Save to system config file
- <file> Save to file on local machine
- scp://<user>:<passwd>@<host>/<file> Save to file on remote machine
- sftp://<user>:<passwd>@<host>/<file> Save to file on remote machine
- ftp://<user>:<passwd>@<host>/<file> Save to file on remote machine
- tftp://<host>/<file> Save to file on remote machine
-
-Set
-^^^
-
-The ``set`` command create all configuration entrys
-
-.. code-block:: none
-
- [edit]
- vyos@vyos# set protocols static route 0.0.0.0/0 next-hop 192.168.1.1
-
-Show
-^^^^
-
-The ``show`` command in the configuration mode displays the configuration and show uncommitted changes.
-
-Show the hole config, the address and description of eth1 is moving to vlan 2 if you commit the changes.
-
-.. code-block:: none
-
- [edit]
- vyos@vyos# show
- interfaces {
- dummy dum0 {
- address 10.3.3.3/24
- }
- ethernet eth0 {
- address dhcp
- duplex auto
- hw-id 00:53:22:2b:c0:0b
- smp-affinity auto
- speed auto
- }
- ethernet eth1 {
- - address 10.1.1.1/32
- - description "MGMT Interface"
- duplex auto
- hw-id 00:53:22:81:c6:59
- smp-affinity auto
- speed auto
- + vif 2 {
- + address 10.1.1.1/32
- + description "MGMT Interface"
- + }
- }
- loopback lo {
- }
- }
- service {
- ssh {
- port 22
- ......
generated by cgit v1.2.3 (git 2.39.1) at 2025-11-04 15:15:37 +0000