summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/OPMode.pm2
-rw-r--r--scripts/vyatta-show-ipsec-status.pl2
-rwxr-xr-xscripts/vyatta-vpn-op.pl27
-rw-r--r--templates/restart/vpn/node.def2
-rw-r--r--templates/show/vpn/debug/detail/node.def2
-rw-r--r--templates/show/vpn/debug/node.def2
-rw-r--r--templates/show/vpn/debug/peer/node.tag/node.def2
-rw-r--r--templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def2
-rw-r--r--templates/show/vpn/ipsec/sa/detail/node.def3
-rw-r--r--templates/show/vpn/ipsec/sa/detail/peer/node.def1
-rw-r--r--templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def3
-rw-r--r--templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.def1
-rw-r--r--templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.tag/node.def3
-rw-r--r--templates/show/vpn/ipsec/sa/detail/profile/node.def1
-rw-r--r--templates/show/vpn/ipsec/sa/detail/profile/node.tag/node.def3
-rw-r--r--templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.def1
-rw-r--r--templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.tag/node.def3
-rw-r--r--templates/show/vpn/ipsec/sa/nat-traversal/node.def2
-rw-r--r--templates/show/vpn/ipsec/sa/node.def9
-rw-r--r--templates/show/vpn/ipsec/sa/peer/node.def1
-rw-r--r--templates/show/vpn/ipsec/sa/peer/node.tag/node.def3
-rw-r--r--templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.def1
-rw-r--r--templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.tag/node.def3
-rw-r--r--templates/show/vpn/ipsec/sa/profile/node.def1
-rw-r--r--templates/show/vpn/ipsec/sa/profile/node.tag/node.def3
-rw-r--r--templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.def1
-rw-r--r--templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.tag/node.def3
-rw-r--r--templates/show/vpn/ipsec/sa/statistics/node.def3
-rw-r--r--templates/show/vpn/ipsec/sa/statistics/peer/node.def1
-rw-r--r--templates/show/vpn/ipsec/sa/statistics/peer/node.tag/node.def3
-rw-r--r--templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.def1
-rw-r--r--templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.tag/node.def3
-rw-r--r--templates/show/vpn/ipsec/sa/statistics/profile/node.def1
-rw-r--r--templates/show/vpn/ipsec/sa/statistics/profile/node.tag/node.def3
-rw-r--r--templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.def1
-rw-r--r--templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.tag/node.def3
-rw-r--r--templates/show/vpn/ipsec/status/node.def2
37 files changed, 20 insertions, 88 deletions
diff --git a/lib/OPMode.pm b/lib/OPMode.pm
index fa51c66..ed57ea2 100644
--- a/lib/OPMode.pm
+++ b/lib/OPMode.pm
@@ -869,7 +869,7 @@ sub show_ipsec_sa_natt
display_ipsec_sa_brief(\%tmphash);
}
sub show_ike_status{
- my $process_id = `sudo cat /var/run/pluto.pid`;
+ my $process_id = `sudo cat /var/run/charon.pid`;
chomp $process_id;
print <<EOS;
diff --git a/scripts/vyatta-show-ipsec-status.pl b/scripts/vyatta-show-ipsec-status.pl
index faa931e..a96d1dd 100644
--- a/scripts/vyatta-show-ipsec-status.pl
+++ b/scripts/vyatta-show-ipsec-status.pl
@@ -97,7 +97,7 @@ sub relate_intfs_with_localips {
# main
#
-my $process_id = `sudo cat /var/run/pluto.pid`;
+my $process_id = `sudo cat /var/run/charon.pid`;
my $active_tunnels = `sudo ipsec status 2>/dev/null | grep 'newest IPsec SA: #' | grep -v 'newest IPsec SA: #0' | wc -l`;
chomp $process_id;
chomp $active_tunnels;
diff --git a/scripts/vyatta-vpn-op.pl b/scripts/vyatta-vpn-op.pl
index f862ef7..55ea1d5 100755
--- a/scripts/vyatta-vpn-op.pl
+++ b/scripts/vyatta-vpn-op.pl
@@ -44,28 +44,11 @@ sub clear_tunnel {
my $cmd = undef;
print "Resetting tunnel $tunnel with peer $peer...\n";
-
- # back-up ipsec.conf
- `sudo cp /etc/ipsec.conf /etc/ipsec.conf.bak.\$PPID`;
-
- # remove specific connection from ipsec.conf
- `sudo sed -i -e '/conn peer-$peer-tunnel-$tunnel/,/#conn peer-$peer-tunnel-$tunnel/d' /etc/ipsec.conf`;
-
- # update ipsec connections
- `sudo /usr/sbin/ipsec update >&/dev/null`;
-
- # sleep for 1/4th of a second for connection to go down
- `sudo sleep 0.25`;
-
- # move original ipsec.conf back
- `sudo mv /etc/ipsec.conf.bak.\$PPID /etc/ipsec.conf`;
-
- # update ipsec connections
- `sudo /usr/sbin/ipsec update >&/dev/null`;
-
- # sleep for 3/4th of a second for connection to come up
- # this gives us sometime before bringing clearing another tunnel
- `sudo sleep 0.75`;
+
+ # bring down the tunnel
+ `sudo /usr/sbin/ipsec down peer-$peer-tunnel-$tunnel`;
+ # bring up the tunnel
+ `sudo /usr/sbin/ipsec up peer-$peer-tunnel-$tunnel`;
}
if ($op eq '') {
diff --git a/templates/restart/vpn/node.def b/templates/restart/vpn/node.def
index 7cb9387..6d0f50c 100644
--- a/templates/restart/vpn/node.def
+++ b/templates/restart/vpn/node.def
@@ -1,7 +1,7 @@
help: Restart IPsec VPN
run: if [ -n "$(cli-shell-api returnActiveValues \
vpn ipsec ipsec-interfaces interface)" ]; then
- if pgrep pluto > /dev/null
+ if pgrep charon > /dev/null
then
/opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=clear-vpn-ipsec-process
else
diff --git a/templates/show/vpn/debug/detail/node.def b/templates/show/vpn/debug/detail/node.def
index ee3604d..0f88f1e 100644
--- a/templates/show/vpn/debug/detail/node.def
+++ b/templates/show/vpn/debug/detail/node.def
@@ -1,7 +1,7 @@
help: Show detailed VPN debugging information
run: if [ -n "$(cli-shell-api returnActiveValues \
vpn ipsec ipsec-interfaces interface)" ]; then
- if pgrep pluto > /dev/null
+ if pgrep charon > /dev/null
then
/opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=show-vpn-debug-detail
else
diff --git a/templates/show/vpn/debug/node.def b/templates/show/vpn/debug/node.def
index 7a33888..281228a 100644
--- a/templates/show/vpn/debug/node.def
+++ b/templates/show/vpn/debug/node.def
@@ -1,7 +1,7 @@
help: Show VPN debugging information
run: if [ -n "$(cli-shell-api returnActiveValues \
vpn ipsec ipsec-interfaces interface)" ]; then
- if pgrep pluto > /dev/null
+ if pgrep charon > /dev/null
then
/opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=show-vpn-debug
else
diff --git a/templates/show/vpn/debug/peer/node.tag/node.def b/templates/show/vpn/debug/peer/node.tag/node.def
index a27063a..a3a9573 100644
--- a/templates/show/vpn/debug/peer/node.tag/node.def
+++ b/templates/show/vpn/debug/peer/node.tag/node.def
@@ -2,7 +2,7 @@ help: Show debugging information for a peer
allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-peers-for-cli
run: if [ -n "$(cli-shell-api returnActiveValues \
vpn ipsec ipsec-interfaces interface)" ]; then
- if pgrep pluto > /dev/null
+ if pgrep charon > /dev/null
then
/opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=show-vpn-debug | grep peer-$5
else
diff --git a/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def b/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def
index c141ac0..3c96973 100644
--- a/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def
+++ b/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def
@@ -2,7 +2,7 @@ help: Show debugging information for a peer's tunnel
allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[4]}
run: if [ -n "$(cli-shell-api returnActiveValues \
vpn ipsec ipsec-interfaces interface)" ]; then
- if pgrep pluto > /dev/null
+ if pgrep charon > /dev/null
then
/opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=show-vpn-debug | grep "peer-$5-tunnel-$7"
else
diff --git a/templates/show/vpn/ipsec/sa/detail/node.def b/templates/show/vpn/ipsec/sa/detail/node.def
deleted file mode 100644
index 1397817..0000000
--- a/templates/show/vpn/ipsec/sa/detail/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Show details for all active IPsec Security Associations (SA)
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa-detail
- sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --show-ipsec-sa-detail
diff --git a/templates/show/vpn/ipsec/sa/detail/peer/node.def b/templates/show/vpn/ipsec/sa/detail/peer/node.def
deleted file mode 100644
index bbb34b8..0000000
--- a/templates/show/vpn/ipsec/sa/detail/peer/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Show details for all active IPsec Security Associations (SA) for a peer
diff --git a/templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def b/templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def
deleted file mode 100644
index cad43ba..0000000
--- a/templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Show details for all active IPsec Security Associations (SA) for a peer
-allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-peers-for-cli
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa-peer-detail="$7"
diff --git a/templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.def b/templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.def
deleted file mode 100644
index 1bc4f2f..0000000
--- a/templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Show details for the active IPsec Security Association (SA) for a peer's tunnel
diff --git a/templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.tag/node.def b/templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.tag/node.def
deleted file mode 100644
index 470578e..0000000
--- a/templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.tag/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Show details for the active IPsec Security Associations (SA) for a peer's tunnel
-allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[6]}
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa-conn-detail $7 $9
diff --git a/templates/show/vpn/ipsec/sa/detail/profile/node.def b/templates/show/vpn/ipsec/sa/detail/profile/node.def
deleted file mode 100644
index 00a4e7c..0000000
--- a/templates/show/vpn/ipsec/sa/detail/profile/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Show details for all active IPsec Security Associations (SA) for a profile
diff --git a/templates/show/vpn/ipsec/sa/detail/profile/node.tag/node.def b/templates/show/vpn/ipsec/sa/detail/profile/node.tag/node.def
deleted file mode 100644
index fbb6218..0000000
--- a/templates/show/vpn/ipsec/sa/detail/profile/node.tag/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Show details for all active IPsec Security Associations (SA) for a profile
-allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --get-profiles-for-cli
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --show-ipsec-sa-profile-detail="$7"
diff --git a/templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.def b/templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.def
deleted file mode 100644
index 58100d8..0000000
--- a/templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Show details for the active IPsec Security Association (SA) for a tunnel bound to profile
diff --git a/templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.tag/node.def b/templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.tag/node.def
deleted file mode 100644
index ac5fd14..0000000
--- a/templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.tag/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Show details for the active IPsec Security Associations (SA) for a tunnel bound to profile
-allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --get-conn-for-cli=${COMP_WORDS[6]}
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --show-ipsec-sa-conn-detail $7 $9
diff --git a/templates/show/vpn/ipsec/sa/nat-traversal/node.def b/templates/show/vpn/ipsec/sa/nat-traversal/node.def
deleted file mode 100644
index 7ea610b..0000000
--- a/templates/show/vpn/ipsec/sa/nat-traversal/node.def
+++ /dev/null
@@ -1,2 +0,0 @@
-help: Show all active IPsec Security Associations (SA) that are using NAT Traversal
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa-natt
diff --git a/templates/show/vpn/ipsec/sa/node.def b/templates/show/vpn/ipsec/sa/node.def
index 287d489..be8f108 100644
--- a/templates/show/vpn/ipsec/sa/node.def
+++ b/templates/show/vpn/ipsec/sa/node.def
@@ -1,3 +1,8 @@
help: Show all active IPsec Security Associations (SA)
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa
- sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --show-ipsec-sa
+
+run: if pgrep charon >&/dev/null; then
+ sudo /usr/sbin/swanctl --list-sas
+ else
+ echo -e "IPSec Process NOT Running\n"
+ fi
+
diff --git a/templates/show/vpn/ipsec/sa/peer/node.def b/templates/show/vpn/ipsec/sa/peer/node.def
deleted file mode 100644
index 7e5e913..0000000
--- a/templates/show/vpn/ipsec/sa/peer/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Show all active IPsec Security Associations (SA) for a peer
diff --git a/templates/show/vpn/ipsec/sa/peer/node.tag/node.def b/templates/show/vpn/ipsec/sa/peer/node.tag/node.def
deleted file mode 100644
index 559bed5..0000000
--- a/templates/show/vpn/ipsec/sa/peer/node.tag/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Show all active IPsec Security Associations (SA) for a peer
-allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-peers-for-cli
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa-peer="$6"
diff --git a/templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.def b/templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.def
deleted file mode 100644
index 0772ef3..0000000
--- a/templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Show the active IPsec Security Association (SA) for a peer's tunnel
diff --git a/templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.tag/node.def b/templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.tag/node.def
deleted file mode 100644
index 195f37a..0000000
--- a/templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.tag/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Show the active IPsec Security Association (SA) for a peer's tunnel
-allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[5]}
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa-conn $6 $8
diff --git a/templates/show/vpn/ipsec/sa/profile/node.def b/templates/show/vpn/ipsec/sa/profile/node.def
deleted file mode 100644
index a0d7b44..0000000
--- a/templates/show/vpn/ipsec/sa/profile/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Show all active IPsec Security Associations (SA) for a profile
diff --git a/templates/show/vpn/ipsec/sa/profile/node.tag/node.def b/templates/show/vpn/ipsec/sa/profile/node.tag/node.def
deleted file mode 100644
index 76e66a5..0000000
--- a/templates/show/vpn/ipsec/sa/profile/node.tag/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Show all active IPsec Security Associations (SA) for a profile
-allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --get-profiles-for-cli
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --show-ipsec-sa-profile="$6"
diff --git a/templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.def b/templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.def
deleted file mode 100644
index ca0ec72..0000000
--- a/templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Show the active IPsec Security Association (SA) for a profiles's tunnel
diff --git a/templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.tag/node.def b/templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.tag/node.def
deleted file mode 100644
index 3f0af98..0000000
--- a/templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.tag/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Show the active IPsec Security Association (SA) for a profile's tunnel
-allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --get-conn-for-cli=${COMP_WORDS[5]}
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --show-ipsec-sa-conn $6 $8
diff --git a/templates/show/vpn/ipsec/sa/statistics/node.def b/templates/show/vpn/ipsec/sa/statistics/node.def
deleted file mode 100644
index 84fa4b7..0000000
--- a/templates/show/vpn/ipsec/sa/statistics/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Show statistics of all active tunnels that have IPsec Security Associations (SA)
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa-stats
- sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --show-ipsec-sa-stats
diff --git a/templates/show/vpn/ipsec/sa/statistics/peer/node.def b/templates/show/vpn/ipsec/sa/statistics/peer/node.def
deleted file mode 100644
index b104a83..0000000
--- a/templates/show/vpn/ipsec/sa/statistics/peer/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Show stats for all active IPsec Security Associations (SA) for a peer
diff --git a/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/node.def b/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/node.def
deleted file mode 100644
index 758333e..0000000
--- a/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Show stats for all active IPsec Security Associations (SA) for a peer
-allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-peers-for-cli
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa-stats-peer="$7"
diff --git a/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.def b/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.def
deleted file mode 100644
index 561cd42..0000000
--- a/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Show stats for the active IPsec Security Association (SA) for a peer's tunnel
diff --git a/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.tag/node.def b/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.tag/node.def
deleted file mode 100644
index 1902c22..0000000
--- a/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.tag/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Show stats for the active IPsec Security Association (SA) for a peer's tunnel
-allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[6]}
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa-stats-conn $7 $9
diff --git a/templates/show/vpn/ipsec/sa/statistics/profile/node.def b/templates/show/vpn/ipsec/sa/statistics/profile/node.def
deleted file mode 100644
index 7b5e040..0000000
--- a/templates/show/vpn/ipsec/sa/statistics/profile/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Show stats for all active IPsec Security Associations (SA) for a profile
diff --git a/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/node.def b/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/node.def
deleted file mode 100644
index 9d49f44..0000000
--- a/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Show stats for all active IPsec Security Associations (SA) for a profile
-allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --get-profiles-for-cli
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --show-ipsec-sa-stats-profile="$7"
diff --git a/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.def b/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.def
deleted file mode 100644
index 4b131c5..0000000
--- a/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Show stats for the active IPsec Security Association (SA) for a tunnel bound to profile
diff --git a/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.tag/node.def b/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.tag/node.def
deleted file mode 100644
index b8aa7dc..0000000
--- a/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.tag/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Show stats for the active IPsec Security Association (SA) for a tunnel bound to profile
-allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --get-conn-for-cli=${COMP_WORDS[6]}
-run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --show-ipsec-sa-stats-conn $7 $9
diff --git a/templates/show/vpn/ipsec/status/node.def b/templates/show/vpn/ipsec/status/node.def
index bf4ebf7..3c48c60 100644
--- a/templates/show/vpn/ipsec/status/node.def
+++ b/templates/show/vpn/ipsec/status/node.def
@@ -1,5 +1,5 @@
help: Show status of IPsec process
-run: if pgrep pluto >&/dev/null; then
+run: if pgrep charon >&/dev/null; then
/opt/vyatta/bin/sudo-users/vyatta-show-ipsec-status.pl
else
echo -e "IPSec Process NOT Running\n"