Allow debugging of specific peers and tunnels

author: John Southworth <john.southworth@vyatta.com> 2011-02-04 17:43:57 -0600
committer: John Southworth <john.southworth@vyatta.com> 2011-02-04 17:43:57 -0600
commit: ac1d6ee9b59e7331b23e03235454758c61235f5f (patch)
tree: e792a1f4d72e182e9299eb72e3b453fa593a49e1 /templates/show/vpn
parent: bff0ab020595263e24aa34c93469adba86d875d2 (diff)
download: vyatta-op-vpn-ac1d6ee9b59e7331b23e03235454758c61235f5f.tar.gz
vyatta-op-vpn-ac1d6ee9b59e7331b23e03235454758c61235f5f.zip
4 files changed, 31 insertions, 0 deletions
diff --git a/templates/show/vpn/debug/peer/node.def b/templates/show/vpn/debug/peer/node.def
new file mode 100644
index 0000000..deb1033
--- /dev/null
+++ b/templates/show/vpn/debug/peer/node.def
@@ -0,0 +1 @@
+help: Show debugging information for a peer
diff --git a/templates/show/vpn/debug/peer/node.tag/node.def b/templates/show/vpn/debug/peer/node.tag/node.def
new file mode 100644
index 0000000..a27063a
--- /dev/null
+++ b/templates/show/vpn/debug/peer/node.tag/node.def
@@ -0,0 +1,14 @@
+help: Show debugging information for a peer
+allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-peers-for-cli
+run: if [ -n "$(cli-shell-api returnActiveValues \
+                  vpn ipsec ipsec-interfaces interface)" ]; then
+       if pgrep pluto > /dev/null
+       then
+        /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=show-vpn-debug | grep peer-$5
+       else
+         echo IPsec process not running
+       fi
+     else
+        echo VPN ipsec not configured
+     fi
+
diff --git a/templates/show/vpn/debug/peer/node.tag/tunnel/node.def b/templates/show/vpn/debug/peer/node.tag/tunnel/node.def
new file mode 100644
index 0000000..3b2f196
--- /dev/null
+++ b/templates/show/vpn/debug/peer/node.tag/tunnel/node.def
@@ -0,0 +1,2 @@
+help: Show debugging information for a peer's tunnel
+
diff --git a/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def b/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def
new file mode 100644
index 0000000..c141ac0
--- /dev/null
+++ b/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def
@@ -0,0 +1,14 @@
+help: Show debugging information for a peer's tunnel
+allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[4]}
+run: if [ -n "$(cli-shell-api returnActiveValues \
+                  vpn ipsec ipsec-interfaces interface)" ]; then
+       if pgrep pluto > /dev/null
+       then
+        /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=show-vpn-debug | grep "peer-$5-tunnel-$7"
+       else
+         echo IPsec process not running
+       fi
+     else
+        echo VPN ipsec not configured
+     fi
+
author	John Southworth <john.southworth@vyatta.com>	2011-02-04 17:43:57 -0600
committer	John Southworth <john.southworth@vyatta.com>	2011-02-04 17:43:57 -0600
commit	ac1d6ee9b59e7331b23e03235454758c61235f5f (patch)
tree	e792a1f4d72e182e9299eb72e3b453fa593a49e1 /templates/show/vpn
parent	bff0ab020595263e24aa34c93469adba86d875d2 (diff)
download	vyatta-op-vpn-ac1d6ee9b59e7331b23e03235454758c61235f5f.tar.gz vyatta-op-vpn-ac1d6ee9b59e7331b23e03235454758c61235f5f.zip