summaryrefslogtreecommitdiff
path: root/templates/show/vpn/ipsec
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@baturin.org>2018-06-24 13:35:44 +0200
committerDaniil Baturin <daniil@baturin.org>2018-06-24 13:35:44 +0200
commitc2f8d1a44defeadefcda560ba8a3883e25e24831 (patch)
tree1eead2a9118b556932ca10e398d8d94f510b70ac /templates/show/vpn/ipsec
parenta88aa2e1a16e1ac1af1fa3b19cb2b88c7783af37 (diff)
parent9324923d31d389110e2ab882a035982e2b269417 (diff)
downloadvyatta-op-vpn-lithium.tar.gz
vyatta-op-vpn-lithium.zip
Merge branch 'current' into lithiumlithium
Conflicts: lib/OPMode.pm scripts/vyatta-show-ipsec-status.pl templates/show/vpn/ipsec/sa/node.def templates/show/vpn/ipsec/sa/peer/node.def templates/show/vpn/ipsec/status/node.def
Diffstat (limited to 'templates/show/vpn/ipsec')
-rw-r--r--templates/show/vpn/ipsec/sa/detail/node.def.in6
-rw-r--r--templates/show/vpn/ipsec/sa/node.def4
-rw-r--r--templates/show/vpn/ipsec/sa/peer/node.tag/detail/node.def.in3
-rw-r--r--templates/show/vpn/ipsec/sa/peer/node.tag/node.def.in3
-rw-r--r--templates/show/vpn/ipsec/sa/stats/node.def.in3
-rw-r--r--templates/show/vpn/ipsec/sa/stats/node.tag/node.def.in3
-rw-r--r--templates/show/vpn/ipsec/sa/stats/node.tag/tunnel/node.def1
-rw-r--r--templates/show/vpn/ipsec/sa/stats/node.tag/tunnel/node.tag/node.def.in10
-rw-r--r--templates/show/vpn/ipsec/sa/verbose/node.def7
-rw-r--r--templates/show/vpn/ipsec/status/node.def.in6
10 files changed, 43 insertions, 3 deletions
diff --git a/templates/show/vpn/ipsec/sa/detail/node.def.in b/templates/show/vpn/ipsec/sa/detail/node.def.in
new file mode 100644
index 0000000..3362e9b
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/detail/node.def.in
@@ -0,0 +1,6 @@
+help: Show Detail on all active IPsec Security Associations (SA)
+run: if pgrep charon >&/dev/null; then
+ @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa
+ else
+ echo -e "IPSec Process NOT Running\n"
+ fi
diff --git a/templates/show/vpn/ipsec/sa/node.def b/templates/show/vpn/ipsec/sa/node.def
index be8f108..7f569bd 100644
--- a/templates/show/vpn/ipsec/sa/node.def
+++ b/templates/show/vpn/ipsec/sa/node.def
@@ -1,8 +1,6 @@
help: Show all active IPsec Security Associations (SA)
-
run: if pgrep charon >&/dev/null; then
- sudo /usr/sbin/swanctl --list-sas
+ sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa
else
echo -e "IPSec Process NOT Running\n"
fi
-
diff --git a/templates/show/vpn/ipsec/sa/peer/node.tag/detail/node.def.in b/templates/show/vpn/ipsec/sa/peer/node.tag/detail/node.def.in
new file mode 100644
index 0000000..e05a3c4
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/peer/node.tag/detail/node.def.in
@@ -0,0 +1,3 @@
+help: Show detail on all currently active IPSec Security Associations (SA) for a peer
+allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-peers-for-cli
+run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-peer-detail="$6"
diff --git a/templates/show/vpn/ipsec/sa/peer/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/peer/node.tag/node.def.in
new file mode 100644
index 0000000..4b23f44
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/peer/node.tag/node.def.in
@@ -0,0 +1,3 @@
+help: Show all currently active IPSec Security Associations (SA) for a peer
+allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-peers-for-cli
+run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-peer="$6"
diff --git a/templates/show/vpn/ipsec/sa/stats/node.def.in b/templates/show/vpn/ipsec/sa/stats/node.def.in
new file mode 100644
index 0000000..d1d6ad0
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/stats/node.def.in
@@ -0,0 +1,3 @@
+help: Show statistics for alll currently active IPSec Security Associations (SA)
+run: @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-stats
+
diff --git a/templates/show/vpn/ipsec/sa/stats/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/stats/node.tag/node.def.in
new file mode 100644
index 0000000..9426469
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/stats/node.tag/node.def.in
@@ -0,0 +1,3 @@
+help: Show Statistics for SAs associated with a specific peer
+allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-peers-for-cli
+#run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-peer="$6"
diff --git a/templates/show/vpn/ipsec/sa/stats/node.tag/tunnel/node.def b/templates/show/vpn/ipsec/sa/stats/node.tag/tunnel/node.def
new file mode 100644
index 0000000..0429324
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/stats/node.tag/tunnel/node.def
@@ -0,0 +1 @@
+help: Get Stats for a specific tunnel
diff --git a/templates/show/vpn/ipsec/sa/stats/node.tag/tunnel/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/stats/node.tag/tunnel/node.tag/node.def.in
new file mode 100644
index 0000000..92a8572
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/stats/node.tag/tunnel/node.tag/node.def.in
@@ -0,0 +1,10 @@
+help: Reset a specific tunnel for given peer
+
+allowed: @SUDOUSRDIR@/vyatta-vpn-op.pl \
+ --op=get-tunnels-for-peer \
+ --peer="${COMP_WORDS[COMP_CWORD-2]}"
+
+run: @SUDOUSRDIR@/vyatta-op-vpn.pl \
+ --op=show-ipsec-sa-stats-conn \
+ --peer="$6" \
+ --tunnel="$8"
diff --git a/templates/show/vpn/ipsec/sa/verbose/node.def b/templates/show/vpn/ipsec/sa/verbose/node.def
new file mode 100644
index 0000000..fac77a3
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/verbose/node.def
@@ -0,0 +1,7 @@
+help: Show Verbose Detail on all active IPsec Security Associations (SA)
+run: if pgrep charon >&/dev/null; then
+ /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa-detail
+ else
+ echo -e "IPSec Process NOT Running\n"
+ fi
+
diff --git a/templates/show/vpn/ipsec/status/node.def.in b/templates/show/vpn/ipsec/status/node.def.in
new file mode 100644
index 0000000..838a133
--- /dev/null
+++ b/templates/show/vpn/ipsec/status/node.def.in
@@ -0,0 +1,6 @@
+help: Show status of IPsec process
+run: if pgrep charon >&/dev/null; then
+ @SUDOUSRDIR@/vyatta-show-ipsec-status.pl
+ else
+ echo -e "IPSec Process NOT Running\n"
+ fi
generated by cgit v1.2.3 (git 2.39.1) at 2025-09-08 17:28:59 +0000