Merge pull request #17 from LLC-Technologies-Collier/address-debconf-warnings

vyatta-op-vpn (0.15.0+vyos2+current2+nmu1) UNRELEASED; urgency=low
author: Kim <UnicronNL@users.noreply.github.com> 2016-05-11 09:03:14 +0200
committer: Kim <UnicronNL@users.noreply.github.com> 2016-05-11 09:03:14 +0200
commit: 12f6e2a466fbed1d1385c0c5a91f89590e6e42bd (patch)
tree: 7f2a637e23da8aa98f4849898779ab02e16cccd6 /templates
parent: 62f949c33b285f9f5821ca9cc1dce2ab7a84aaf3 (diff)
parent: b39936ffc4cf89da8fc442eb3ac8bdc7a130b877 (diff)
download: vyatta-op-vpn-12f6e2a466fbed1d1385c0c5a91f89590e6e42bd.tar.gz
vyatta-op-vpn-12f6e2a466fbed1d1385c0c5a91f89590e6e42bd.zip
46 files changed, 89 insertions, 50 deletions
diff --git a/templates/generate/vpn/rsa-key/bits/node.tag/node.def b/templates/generate/vpn/rsa-key/bits/node.tag/node.def.in
index fa2fed2..2eae9cc 100644
--- a/templates/generate/vpn/rsa-key/bits/node.tag/node.def
+++ b/templates/generate/vpn/rsa-key/bits/node.tag/node.def.in
@@ -1,3 +1,3 @@
 help: Generate local RSA key with specified number of bits
-run: sudo /opt/vyatta/bin/sudo-users/gen_local_rsa_key.pl "$5" /dev/random
+run: sudo @SUDOUSRDIR@/gen_local_rsa_key.pl "$5" /dev/random
 allowed: echo -n '<16-4096>'
diff --git a/templates/generate/vpn/rsa-key/bits/node.tag/random/node.tag/node.def b/templates/generate/vpn/rsa-key/bits/node.tag/random/node.tag/node.def.in
index eb11433..81a9633 100644
--- a/templates/generate/vpn/rsa-key/bits/node.tag/random/node.tag/node.def
+++ b/templates/generate/vpn/rsa-key/bits/node.tag/random/node.tag/node.def.in
@@ -1,3 +1,3 @@
 help: Generate local RSA key with specified number of bits and random device
-run: sudo /opt/vyatta/bin/sudo-users/gen_local_rsa_key.pl "$5" "$7"
+run: sudo @SUDOUSRDIR@/gen_local_rsa_key.pl "$5" "$7"
 allowed: echo -n '/dev/random /dev/urandom'
diff --git a/templates/generate/vpn/rsa-key/node.def b/templates/generate/vpn/rsa-key/node.def
deleted file mode 100644
index 60296f2..0000000
--- a/templates/generate/vpn/rsa-key/node.def
+++ /dev/null
@@ -1,2 +0,0 @@
-help: Generate local RSA key (default: bits=2192 device=/dev/random)
-run: sudo /opt/vyatta/bin/sudo-users/gen_local_rsa_key.pl 2192 /dev/random
diff --git a/templates/generate/vpn/rsa-key/node.def.in b/templates/generate/vpn/rsa-key/node.def.in
new file mode 100644
index 0000000..482f32c
--- /dev/null
+++ b/templates/generate/vpn/rsa-key/node.def.in
@@ -0,0 +1,2 @@
+help: Generate local RSA key (default: bits=2192 device=/dev/random)
+run: sudo @SUDOUSRDIR@/gen_local_rsa_key.pl 2192 /dev/random
diff --git a/templates/generate/vpn/x509/key-pair/node.tag/node.def b/templates/generate/vpn/x509/key-pair/node.tag/node.def.in
index dc21935..2c87956 100644
--- a/templates/generate/vpn/x509/key-pair/node.tag/node.def
+++ b/templates/generate/vpn/x509/key-pair/node.tag/node.def.in
@@ -1,4 +1,4 @@
 help: Generate x509 key-pair
 run:
-  sudo /opt/vyatta/sbin/vyatta-gen-x509-keypair $5
+  sudo @SBINDIR@/vyatta-gen-x509-keypair $5
 allowed: echo -n '<common-name>'
diff --git a/templates/reset/vpn/ipsec-peer/node.tag/node.def b/templates/reset/vpn/ipsec-peer/node.tag/node.def
deleted file mode 100644
index fa55d52..0000000
--- a/templates/reset/vpn/ipsec-peer/node.tag/node.def
+++ /dev/null
@@ -1,6 +0,0 @@
-help: Reset all tunnels for given peer
-
-allowed: /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=get-all-peers
-
-run:  /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl \
-      --op=clear-tunnels-for-peer --peer="$4"
diff --git a/templates/reset/vpn/ipsec-peer/node.tag/node.def.in b/templates/reset/vpn/ipsec-peer/node.tag/node.def.in
new file mode 100644
index 0000000..621c40a
--- /dev/null
+++ b/templates/reset/vpn/ipsec-peer/node.tag/node.def.in
@@ -0,0 +1,6 @@
+help: Reset all tunnels for given peer
+
+allowed: @SUDOUSRDIR@/vyatta-vpn-op.pl --op=get-all-peers
+
+run:  @SUDOUSRDIR@/vyatta-vpn-op.pl \
+      --op=clear-tunnels-for-peer --peer="$4"
diff --git a/templates/reset/vpn/ipsec-peer/node.tag/tunnel/node.tag/node.def b/templates/reset/vpn/ipsec-peer/node.tag/tunnel/node.tag/node.def.in
index eecb740..4407515 100644
--- a/templates/reset/vpn/ipsec-peer/node.tag/tunnel/node.tag/node.def
+++ b/templates/reset/vpn/ipsec-peer/node.tag/tunnel/node.tag/node.def.in
@@ -1,10 +1,10 @@
 help: Reset a specific tunnel for given peer
 
-allowed: /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl \
+allowed: @SUDOUSRDIR@/vyatta-vpn-op.pl \
         --op=get-tunnels-for-peer \
         --peer="${COMP_WORDS[COMP_CWORD-2]}"
 
-run: /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl \
+run: @SUDOUSRDIR@/vyatta-vpn-op.pl \
         --op=clear-specific-tunnel-for-peer \
         --peer="$4" \
         --tunnel="$6"
diff --git a/templates/reset/vpn/ipsec-peer/node.tag/vti/node.def b/templates/reset/vpn/ipsec-peer/node.tag/vti/node.def.in
index f0f39a8..2e8e9be 100644
--- a/templates/reset/vpn/ipsec-peer/node.tag/vti/node.def
+++ b/templates/reset/vpn/ipsec-peer/node.tag/vti/node.def.in
@@ -1,5 +1,5 @@
 help: Reset a vti tunnel for given peer
 
-run: /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl \
+run: @SUDOUSRDIR@/vyatta-vpn-op.pl \
         --op=clear-vtis-for-peer \
         --peer="$4"
diff --git a/templates/reset/vpn/ipsec-profile/node.tag/node.def b/templates/reset/vpn/ipsec-profile/node.tag/node.def
deleted file mode 100644
index 639fac3..0000000
--- a/templates/reset/vpn/ipsec-profile/node.tag/node.def
+++ /dev/null
@@ -1,6 +0,0 @@
-help: Reset all tunnels for given profile
-
-allowed: /opt/vyatta/bin/sudo-users/vyatta-dmvpn-op.pl --op=get-all-profiles
-
-run:  /opt/vyatta/bin/sudo-users/vyatta-dmvpn-op.pl \
-      --op=clear-tunnels-for-profile --profile="$4"
diff --git a/templates/reset/vpn/ipsec-profile/node.tag/node.def.in b/templates/reset/vpn/ipsec-profile/node.tag/node.def.in
new file mode 100644
index 0000000..ea90853
--- /dev/null
+++ b/templates/reset/vpn/ipsec-profile/node.tag/node.def.in
@@ -0,0 +1,6 @@
+help: Reset all tunnels for given profile
+
+allowed: @SUDOUSRDIR@/vyatta-dmvpn-op.pl --op=get-all-profiles
+
+run:  @SUDOUSRDIR@/vyatta-dmvpn-op.pl \
+      --op=clear-tunnels-for-profile --profile="$4"
diff --git a/templates/reset/vpn/ipsec-profile/node.tag/tunnel/node.tag/node.def b/templates/reset/vpn/ipsec-profile/node.tag/tunnel/node.tag/node.def.in
index 08e299f..f5eda6c 100644
--- a/templates/reset/vpn/ipsec-profile/node.tag/tunnel/node.tag/node.def
+++ b/templates/reset/vpn/ipsec-profile/node.tag/tunnel/node.tag/node.def.in
@@ -1,10 +1,10 @@
 help: Reset a specific tunnel for given profile
 
-allowed: /opt/vyatta/bin/sudo-users/vyatta-dmvpn-op.pl \
+allowed: @SUDOUSRDIR@/vyatta-dmvpn-op.pl \
         --op=get-tunnels-for-profile \
         --profile="${COMP_WORDS[COMP_CWORD-2]}"
 
-run: /opt/vyatta/bin/sudo-users/vyatta-dmvpn-op.pl \
+run: @SUDOUSRDIR@/vyatta-dmvpn-op.pl \
         --op=clear-specific-tunnel-for-profile \
         --profile="$4" \
         --tunnel="$6"
diff --git a/templates/restart/vpn/node.def b/templates/restart/vpn/node.def.in
index 6d0f50c..4366d19 100644
--- a/templates/restart/vpn/node.def
+++ b/templates/restart/vpn/node.def.in
@@ -3,7 +3,7 @@ run: if [ -n "$(cli-shell-api returnActiveValues \
                   vpn ipsec ipsec-interfaces interface)" ]; then
        if pgrep charon > /dev/null
        then
-        /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=clear-vpn-ipsec-process
+        @SUDOUSRDIR@/vyatta-vpn-op.pl --op=clear-vpn-ipsec-process
        else
          echo IPsec process not running
        fi
diff --git a/templates/show/vpn/debug/detail/node.def b/templates/show/vpn/debug/detail/node.def.in
index 0f88f1e..8eb4e70 100644
--- a/templates/show/vpn/debug/detail/node.def
+++ b/templates/show/vpn/debug/detail/node.def.in
@@ -3,7 +3,7 @@ run: if [ -n "$(cli-shell-api returnActiveValues \
                   vpn ipsec ipsec-interfaces interface)" ]; then
        if pgrep charon > /dev/null
        then
-        /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=show-vpn-debug-detail
+        @SUDOUSRDIR@/vyatta-vpn-op.pl --op=show-vpn-debug-detail
        else
          echo IPsec process not running
        fi
diff --git a/templates/show/vpn/debug/node.def b/templates/show/vpn/debug/node.def.in
index 281228a..6fb98de 100644
--- a/templates/show/vpn/debug/node.def
+++ b/templates/show/vpn/debug/node.def.in
@@ -3,7 +3,7 @@ run: if [ -n "$(cli-shell-api returnActiveValues \
                   vpn ipsec ipsec-interfaces interface)" ]; then
        if pgrep charon > /dev/null
        then
-        /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=show-vpn-debug
+        @SUDOUSRDIR@/vyatta-vpn-op.pl --op=show-vpn-debug
        else
          echo IPsec process not running
        fi
diff --git a/templates/show/vpn/debug/peer/node.tag/node.def b/templates/show/vpn/debug/peer/node.tag/node.def.in
index a3a9573..bd60ed5 100644
--- a/templates/show/vpn/debug/peer/node.tag/node.def
+++ b/templates/show/vpn/debug/peer/node.tag/node.def.in
@@ -1,10 +1,10 @@
 help: Show debugging information for a peer
-allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-peers-for-cli
+allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-peers-for-cli
 run: if [ -n "$(cli-shell-api returnActiveValues \
                   vpn ipsec ipsec-interfaces interface)" ]; then
        if pgrep charon > /dev/null
        then
-        /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=show-vpn-debug | grep peer-$5
+        @SUDOUSRDIR@/vyatta-vpn-op.pl --op=show-vpn-debug | grep peer-$5
        else
          echo IPsec process not running
        fi
diff --git a/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def b/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def.in
index 3c96973..ca422e3 100644
--- a/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def
+++ b/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def.in
@@ -1,10 +1,10 @@
 help: Show debugging information for a peer's tunnel
-allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[4]}
+allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[4]}
 run: if [ -n "$(cli-shell-api returnActiveValues \
                   vpn ipsec ipsec-interfaces interface)" ]; then
        if pgrep charon > /dev/null
        then
-        /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=show-vpn-debug | grep "peer-$5-tunnel-$7"
+        @SUDOUSRDIR@/vyatta-vpn-op.pl --op=show-vpn-debug | grep "peer-$5-tunnel-$7"
        else
          echo IPsec process not running
        fi
diff --git a/templates/show/vpn/ike/rsa-keys/node.def b/templates/show/vpn/ike/rsa-keys/node.def
deleted file mode 100644
index 6d3baa5..0000000
--- a/templates/show/vpn/ike/rsa-keys/node.def
+++ /dev/null
@@ -1,2 +0,0 @@
-help: Show VPN RSA keys
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-show-vpn.pl rsa-keys
diff --git a/templates/show/vpn/ike/rsa-keys/node.def.in b/templates/show/vpn/ike/rsa-keys/node.def.in
new file mode 100644
index 0000000..255ca18
--- /dev/null
+++ b/templates/show/vpn/ike/rsa-keys/node.def.in
@@ -0,0 +1,2 @@
+help: Show VPN RSA keys
+run: sudo @SUDOUSRDIR@/vyatta-show-vpn.pl rsa-keys
diff --git a/templates/show/vpn/ike/sa/nat-traversal/node.def b/templates/show/vpn/ike/sa/nat-traversal/node.def.in
index 3855c49..6c62b12 100644
--- a/templates/show/vpn/ike/sa/nat-traversal/node.def
+++ b/templates/show/vpn/ike/sa/nat-traversal/node.def.in
@@ -1,2 +1,2 @@
 help: Show all currently active IKE Security Associations (SA) that are using NAT Traversal
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ike-sa-natt
+run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ike-sa-natt
diff --git a/templates/show/vpn/ike/sa/node.def b/templates/show/vpn/ike/sa/node.def
deleted file mode 100644
index 051d657..0000000
--- a/templates/show/vpn/ike/sa/node.def
+++ /dev/null
@@ -1,2 +0,0 @@
-help: Show all currently active IKE Security Associations (SA)
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ike-sa
diff --git a/templates/show/vpn/ike/sa/node.def.in b/templates/show/vpn/ike/sa/node.def.in
new file mode 100644
index 0000000..e372ff7
--- /dev/null
+++ b/templates/show/vpn/ike/sa/node.def.in
@@ -0,0 +1,2 @@
+help: Show all currently active IKE Security Associations (SA)
+run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ike-sa
diff --git a/templates/show/vpn/ike/sa/peer/node.tag/node.def b/templates/show/vpn/ike/sa/peer/node.tag/node.def
deleted file mode 100644
index c76b71b..0000000
--- a/templates/show/vpn/ike/sa/peer/node.tag/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Show all currently active IKE Security Associations (SA) for a peer
-allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-peers-for-cli
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ike-sa-peer="$6"
diff --git a/templates/show/vpn/ike/sa/peer/node.tag/node.def.in b/templates/show/vpn/ike/sa/peer/node.tag/node.def.in
new file mode 100644
index 0000000..a9782ad
--- /dev/null
+++ b/templates/show/vpn/ike/sa/peer/node.tag/node.def.in
@@ -0,0 +1,3 @@
+help: Show all currently active IKE Security Associations (SA) for a peer
+allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-peers-for-cli
+run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ike-sa-peer="$6"
diff --git a/templates/show/vpn/ike/secrets/node.def b/templates/show/vpn/ike/secrets/node.def
deleted file mode 100644
index ec4073c..0000000
--- a/templates/show/vpn/ike/secrets/node.def
+++ /dev/null
@@ -1,2 +0,0 @@
-help: Show all the pre-shared key secrets
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ike-secrets
diff --git a/templates/show/vpn/ike/secrets/node.def.in b/templates/show/vpn/ike/secrets/node.def.in
new file mode 100644
index 0000000..3d1a32d
--- /dev/null
+++ b/templates/show/vpn/ike/secrets/node.def.in
@@ -0,0 +1,2 @@
+help: Show all the pre-shared key secrets
+run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ike-secrets
diff --git a/templates/show/vpn/ike/status/node.def b/templates/show/vpn/ike/status/node.def
deleted file mode 100644
index e74a741..0000000
--- a/templates/show/vpn/ike/status/node.def
+++ /dev/null
@@ -1,2 +0,0 @@
-help: Show summary of IKE process information
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ike-status
diff --git a/templates/show/vpn/ike/status/node.def.in b/templates/show/vpn/ike/status/node.def.in
new file mode 100644
index 0000000..7cc9b10
--- /dev/null
+++ b/templates/show/vpn/ike/status/node.def.in
@@ -0,0 +1,2 @@
+help: Show summary of IKE process information
+run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ike-status
diff --git a/templates/show/vpn/ipsec/sa/detail/node.def.in b/templates/show/vpn/ipsec/sa/detail/node.def.in
new file mode 100644
index 0000000..781d61b
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/detail/node.def.in
@@ -0,0 +1,3 @@
+help: Show details for all active IPsec Security Associations (SA)
+run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-detail
+     sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-detail
diff --git a/templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def.in
new file mode 100644
index 0000000..659acfa
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def.in
@@ -0,0 +1,3 @@
+help: Show details for all active IPsec Security Associations (SA) for a peer
+allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-peers-for-cli
+run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-peer-detail="$7"
diff --git a/templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.tag/node.def.in
new file mode 100644
index 0000000..5c121c3
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.tag/node.def.in
@@ -0,0 +1,3 @@
+help: Show details for the active IPsec Security Associations (SA) for a peer's tunnel
+allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[6]}
+run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-conn-detail $7 $9
diff --git a/templates/show/vpn/ipsec/sa/detail/profile/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/detail/profile/node.tag/node.def.in
new file mode 100644
index 0000000..bcbc520
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/detail/profile/node.tag/node.def.in
@@ -0,0 +1,3 @@
+help: Show details for all active IPsec Security Associations (SA) for a profile
+allowed: @SUDOUSRDIR@/vyatta-op-vpnprof.pl --get-profiles-for-cli
+run: sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-profile-detail="$7"
diff --git a/templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.tag/node.def.in
new file mode 100644
index 0000000..e31b008
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.tag/node.def.in
@@ -0,0 +1,3 @@
+help: Show details for the active IPsec Security Associations (SA) for a tunnel bound to profile
+allowed: @SUDOUSRDIR@/vyatta-op-vpnprof.pl --get-conn-for-cli=${COMP_WORDS[6]}
+run: sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-conn-detail $7 $9
diff --git a/templates/show/vpn/ipsec/sa/nat-traversal/node.def.in b/templates/show/vpn/ipsec/sa/nat-traversal/node.def.in
new file mode 100644
index 0000000..f3bbe87
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/nat-traversal/node.def.in
@@ -0,0 +1,2 @@
+help: Show all active IPsec Security Associations (SA) that are using NAT Traversal
+run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-natt
diff --git a/templates/show/vpn/ipsec/sa/node.def b/templates/show/vpn/ipsec/sa/node.def
deleted file mode 100644
index be8f108..0000000
--- a/templates/show/vpn/ipsec/sa/node.def
+++ /dev/null
@@ -1,8 +0,0 @@
-help: Show all active IPsec Security Associations (SA)
-
-run: if pgrep charon >&/dev/null; then
-        sudo /usr/sbin/swanctl --list-sas
-     else
-        echo -e "IPSec Process NOT Running\n"
-     fi
-
diff --git a/templates/show/vpn/ipsec/sa/node.def.in b/templates/show/vpn/ipsec/sa/node.def.in
new file mode 100644
index 0000000..036a1d7
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/node.def.in
@@ -0,0 +1,3 @@
+help: Show all active IPsec Security Associations (SA)
+run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa
+     sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa
diff --git a/templates/show/vpn/ipsec/sa/peer/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/peer/node.tag/node.def.in
new file mode 100644
index 0000000..1cae596
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/peer/node.tag/node.def.in
@@ -0,0 +1,3 @@
+help: Show all active IPsec Security Associations (SA) for a peer
+allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-peers-for-cli
+run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-peer="$6"
diff --git a/templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.tag/node.def.in
new file mode 100644
index 0000000..8cc8a9c
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.tag/node.def.in
@@ -0,0 +1,3 @@
+help: Show the active IPsec Security Association (SA) for a peer's tunnel
+allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[5]}
+run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-conn $6 $8
diff --git a/templates/show/vpn/ipsec/sa/profile/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/profile/node.tag/node.def.in
new file mode 100644
index 0000000..30ed853
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/profile/node.tag/node.def.in
@@ -0,0 +1,3 @@
+help: Show all active IPsec Security Associations (SA) for a profile
+allowed: @SUDOUSRDIR@/vyatta-op-vpnprof.pl --get-profiles-for-cli
+run: sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-profile="$6"
diff --git a/templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.tag/node.def.in
new file mode 100644
index 0000000..3d643bc
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.tag/node.def.in
@@ -0,0 +1,3 @@
+help: Show the active IPsec Security Association (SA) for a profile's tunnel
+allowed: @SUDOUSRDIR@/vyatta-op-vpnprof.pl --get-conn-for-cli=${COMP_WORDS[5]}
+run: sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-conn $6 $8
diff --git a/templates/show/vpn/ipsec/sa/statistics/node.def.in b/templates/show/vpn/ipsec/sa/statistics/node.def.in
new file mode 100644
index 0000000..5832f1a
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/statistics/node.def.in
@@ -0,0 +1,3 @@
+help: Show statistics of all active tunnels that have IPsec Security Associations (SA)
+run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-stats
+     sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-stats
diff --git a/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/node.def.in
new file mode 100644
index 0000000..8b72451
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/node.def.in
@@ -0,0 +1,3 @@
+help: Show stats for all active IPsec Security Associations (SA) for a peer
+allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-peers-for-cli
+run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-stats-peer="$7"
diff --git a/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.tag/node.def.in
new file mode 100644
index 0000000..6566a44
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.tag/node.def.in
@@ -0,0 +1,3 @@
+help: Show stats for the active IPsec Security Association (SA) for a peer's tunnel
+allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[6]}
+run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-stats-conn $7 $9
diff --git a/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/node.def.in
new file mode 100644
index 0000000..1bc76d6
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/node.def.in
@@ -0,0 +1,3 @@
+help: Show stats for all active IPsec Security Associations (SA) for a profile
+allowed: @SUDOUSRDIR@/vyatta-op-vpnprof.pl --get-profiles-for-cli
+run: sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-stats-profile="$7"
diff --git a/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.tag/node.def.in
new file mode 100644
index 0000000..9ae35c8
--- /dev/null
+++ b/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.tag/node.def.in
@@ -0,0 +1,3 @@
+help: Show stats for the active IPsec Security Association (SA) for a tunnel bound to profile
+allowed: @SUDOUSRDIR@/vyatta-op-vpnprof.pl --get-conn-for-cli=${COMP_WORDS[6]}
+run: sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-stats-conn $7 $9
diff --git a/templates/show/vpn/ipsec/status/node.def b/templates/show/vpn/ipsec/status/node.def.in
index 3c48c60..838a133 100644
--- a/templates/show/vpn/ipsec/status/node.def
+++ b/templates/show/vpn/ipsec/status/node.def.in
@@ -1,6 +1,6 @@
 help: Show status of IPsec process
 run: if pgrep charon >&/dev/null; then
-        /opt/vyatta/bin/sudo-users/vyatta-show-ipsec-status.pl
+        @SUDOUSRDIR@/vyatta-show-ipsec-status.pl
      else
         echo -e "IPSec Process NOT Running\n"
      fi
author	Kim <UnicronNL@users.noreply.github.com>	2016-05-11 09:03:14 +0200
committer	Kim <UnicronNL@users.noreply.github.com>	2016-05-11 09:03:14 +0200
commit	12f6e2a466fbed1d1385c0c5a91f89590e6e42bd (patch)
tree	7f2a637e23da8aa98f4849898779ab02e16cccd6 /templates
parent	62f949c33b285f9f5821ca9cc1dce2ab7a84aaf3 (diff)
parent	b39936ffc4cf89da8fc442eb3ac8bdc7a130b877 (diff)
download	vyatta-op-vpn-12f6e2a466fbed1d1385c0c5a91f89590e6e42bd.tar.gz vyatta-op-vpn-12f6e2a466fbed1d1385c0c5a91f89590e6e42bd.zip