| Age | Commit message (Collapse) | Author |
|---|
|
* firewall: T7370: Add conntrack log commands
Added the following commands:
show log conntrack
show log conntrack event new
show log conntrack event update
show log conntrack event destroy
* firewall: T7370: Add conntrack log commands
Added the following commands:
show log conntrack
show log conntrack event new
show log conntrack event update
show log conntrack event destroy
* firewall: T7370: Add conntrack log commands
Added the following commands:
show log conntrack
show log conntrack event new
show log conntrack event update
show log conntrack event destroy
* Fix capitalization
---------
Co-authored-by: l0crian1 <ryan.claridge13@gmail.com>
Co-authored-by: Daniil Baturin <daniil@baturin.org>
|
|
Global state policies were not matched when typing "show firewall"
|
|
Global state policies were not matched when typing "show firewall"
|
|
ids: T7241: remove Fastnetmon from the base system
|
|
It will eventually be moved to an addon
|
|
The service parses and logs network events for improved monitoring and diagnostics.
Supported event types include:
- `RTM_NEWROUTE`, `RTM_DELROUTE`
- `RTM_NEWLINK`, `RTM_DELLINK`
- `RTM_NEWADDR`, `RTM_DELADDR`
- `RTM_NEWNEIGH`, `RTM_DELNEIGH`, `RTM_GETNEIGH`
- `RTM_NEWRULE`, `RTM_DELRULE`
Added operational mode commands for filtered log retrieval:
- `show log network-event <event-type> <interface>`: Retrieve logs filtered by event type and interface.
- `show interfaces <type> <name> event-log <event-type>`: Display interface-specific logs filtered by event type.
|
|
* op-mode: T6983: add "show log" and "monitor log" commands for vyos-domain-resolver
* firewall: T6983: drop unused variable domain_resolver_usage_nat
* T6983: introduce Python logging module in vyos-domain-resolver
* T6983: treat vyos-domain-resolver as a real service
|
|
|
|
This is pretty usefull to monitor what's going on under the hood
Dec 08 15:27:34 vyos-configd[4324]: Received message: {"type": "init"}
Dec 08 15:27:34 vyos-configd[4324]: config session pid is 4400
Dec 08 15:27:34 vyos-configd[4324]: config session sudo_user is cpo
Dec 08 15:27:34 vyos-configd[4324]: commit_scripts: ['protocols_babel', 'protocols_bfd', 'protocols_bgp']
Dec 08 15:27:34 vyos-configd[4324]: Received message: {"type": "node", "last": false, "data": "/usr/libexec/vyos/conf_mode/protocols_babel.py"}
Dec 08 15:27:34 vyos-configd[4324]: Sending reply: error_code 1 with output
Dec 08 15:27:34 vyos-configd[4324]: Received message: {"type": "node", "last": false, "data": "/usr/libexec/vyos/conf_mode/protocols_bgp.py"}
Dec 08 15:27:34 vyos-configd[4324]: Sending reply: error_code 1 with output
Dec 08 15:27:34 vyos-configd[4324]: Received message: {"type": "node", "last": true, "data": "/usr/libexec/vyos/conf_mode/protocols_bfd.py"}
Dec 08 15:27:34 vyos-configd[4324]: Sending reply: error_code 1 with output
Dec 08 15:27:34 vyos-configd[4324]: scripts_called: ['protocols_babel', 'protocols_bgp', 'protocols_bfd']
Dec 08 15:27:34 vyos-configd[4324]: FRR: Reloading configuration - tries: 1 Python class ID: 139842739583248
Debugging the new FRRender/vyos-config integration
|
|
firewall ..> in order to match all chains/priorities
|
|
OpenFabric is a routing protocol providing link-state routing with efficient flooding for topologies like spine-leaf networks.
FRR implements OpenFabric in a daemon called fabricd
|
|
* monitor log wireless hostapd [interface <name>]
* monitor log wireless wpa-supplicant [interface <name>]
* show log wireless hostapd [interface <name>]
* show log wireless wpa-supplicant [interface <name>]
|
|
Fixed broken logging for "show log nat"
Added the following commands:
show log nat source
show log nat source rule <ruleNum>
show log nat destination nat
show log nat destination nat rule <ruleNum>
show log nat static
show log nat static rule <ruleNum>
|
|
|
|
|
|
|
|
* show log certbot
* monitor log certbot
* renew certbot
|
|
VyOS CLI command
set service ndp-proxy interface eth0 prefix 2001:db8::/64 mode 'static'
Will generate the following NDP proxy configuration
$ cat /run/ndppd/ndppd.conf
# autogenerated by service_ndp-proxy.py
# This tells 'ndppd' how often to reload the route file /proc/net/ipv6_route
route-ttl 30000
# This sets up a listener, that will listen for any Neighbor Solicitation
# messages, and respond to them according to a set of rules
proxy eth0 {
# Turn on or off the router flag for Neighbor Advertisements
router no
# Control how long to wait for a Neighbor Advertisment message before invalidating the entry (milliseconds)
timeout 500
# Control how long a valid or invalid entry remains in the cache (milliseconds)
ttl 30000
# This is a rule that the target address is to match against. If no netmask
# is provided, /128 is assumed. You may have several rule sections, and the
# addresses may or may not overlap.
rule 2001:db8::/64 {
static
}
}
|
|
|
|
|
|
This makes the code more easy to maintain in the future if everyone uses the
same structure when calling journalctl.
|
|
dynamic-protection
|
|
structure; extend command options so it can be used on every layer ; use journalctl to get the logs
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The script completion helper will only show SSTP client interfaces already
created and beeing active in the Kernel. The path completion helper shows the
real CLI deal.
|
|
The script completion helper will only show MACsec interfaces already created
and beeing active in the Kernel. The path completion helper shows the real
CLI deal.
|
|
Some ISPs seem to use the host-uniq flag to authenticate client equipment.
Add CLI option in VyOS to allow specification of the host-uniq flag.
set interfaces pppoe pppoeN host-uniq <value>
|
|
|
|
* Move CLI from "system ntp" -> "service ntp"
* Drop NTP server option preempt as not supported by chrony
|
|
|
|
This reverts commit 6857447bf6acba3537d5e5372cd320aef078b81e.
|
|
|
|
- show log router-advert
- monitor log router-advert
|
|
vyos@vyos# show interfaces sstpc
sstpc sstpc10 {
authentication {
password vyos
user vyos
}
server sstp.vyos.net
ssl {
ca-certificate VyOS-CA
}
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
