diff options
Diffstat (limited to 'templates')
46 files changed, 89 insertions, 50 deletions
diff --git a/templates/generate/vpn/rsa-key/bits/node.tag/node.def b/templates/generate/vpn/rsa-key/bits/node.tag/node.def.in index fa2fed2..2eae9cc 100644 --- a/templates/generate/vpn/rsa-key/bits/node.tag/node.def +++ b/templates/generate/vpn/rsa-key/bits/node.tag/node.def.in @@ -1,3 +1,3 @@ help: Generate local RSA key with specified number of bits -run: sudo /opt/vyatta/bin/sudo-users/gen_local_rsa_key.pl "$5" /dev/random +run: sudo @SUDOUSRDIR@/gen_local_rsa_key.pl "$5" /dev/random allowed: echo -n '<16-4096>' diff --git a/templates/generate/vpn/rsa-key/bits/node.tag/random/node.tag/node.def b/templates/generate/vpn/rsa-key/bits/node.tag/random/node.tag/node.def.in index eb11433..81a9633 100644 --- a/templates/generate/vpn/rsa-key/bits/node.tag/random/node.tag/node.def +++ b/templates/generate/vpn/rsa-key/bits/node.tag/random/node.tag/node.def.in @@ -1,3 +1,3 @@ help: Generate local RSA key with specified number of bits and random device -run: sudo /opt/vyatta/bin/sudo-users/gen_local_rsa_key.pl "$5" "$7" +run: sudo @SUDOUSRDIR@/gen_local_rsa_key.pl "$5" "$7" allowed: echo -n '/dev/random /dev/urandom' diff --git a/templates/generate/vpn/rsa-key/node.def b/templates/generate/vpn/rsa-key/node.def deleted file mode 100644 index 60296f2..0000000 --- a/templates/generate/vpn/rsa-key/node.def +++ /dev/null @@ -1,2 +0,0 @@ -help: Generate local RSA key (default: bits=2192 device=/dev/random) -run: sudo /opt/vyatta/bin/sudo-users/gen_local_rsa_key.pl 2192 /dev/random diff --git a/templates/generate/vpn/rsa-key/node.def.in b/templates/generate/vpn/rsa-key/node.def.in new file mode 100644 index 0000000..482f32c --- /dev/null +++ b/templates/generate/vpn/rsa-key/node.def.in @@ -0,0 +1,2 @@ +help: Generate local RSA key (default: bits=2192 device=/dev/random) +run: sudo @SUDOUSRDIR@/gen_local_rsa_key.pl 2192 /dev/random diff --git a/templates/generate/vpn/x509/key-pair/node.tag/node.def b/templates/generate/vpn/x509/key-pair/node.tag/node.def.in index dc21935..2c87956 100644 --- a/templates/generate/vpn/x509/key-pair/node.tag/node.def +++ b/templates/generate/vpn/x509/key-pair/node.tag/node.def.in @@ -1,4 +1,4 @@ help: Generate x509 key-pair run: - sudo /opt/vyatta/sbin/vyatta-gen-x509-keypair $5 + sudo @SBINDIR@/vyatta-gen-x509-keypair $5 allowed: echo -n '<common-name>' diff --git a/templates/reset/vpn/ipsec-peer/node.tag/node.def b/templates/reset/vpn/ipsec-peer/node.tag/node.def deleted file mode 100644 index fa55d52..0000000 --- a/templates/reset/vpn/ipsec-peer/node.tag/node.def +++ /dev/null @@ -1,6 +0,0 @@ -help: Reset all tunnels for given peer - -allowed: /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=get-all-peers - -run: /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl \ - --op=clear-tunnels-for-peer --peer="$4" diff --git a/templates/reset/vpn/ipsec-peer/node.tag/node.def.in b/templates/reset/vpn/ipsec-peer/node.tag/node.def.in new file mode 100644 index 0000000..621c40a --- /dev/null +++ b/templates/reset/vpn/ipsec-peer/node.tag/node.def.in @@ -0,0 +1,6 @@ +help: Reset all tunnels for given peer + +allowed: @SUDOUSRDIR@/vyatta-vpn-op.pl --op=get-all-peers + +run: @SUDOUSRDIR@/vyatta-vpn-op.pl \ + --op=clear-tunnels-for-peer --peer="$4" diff --git a/templates/reset/vpn/ipsec-peer/node.tag/tunnel/node.tag/node.def b/templates/reset/vpn/ipsec-peer/node.tag/tunnel/node.tag/node.def.in index eecb740..4407515 100644 --- a/templates/reset/vpn/ipsec-peer/node.tag/tunnel/node.tag/node.def +++ b/templates/reset/vpn/ipsec-peer/node.tag/tunnel/node.tag/node.def.in @@ -1,10 +1,10 @@ help: Reset a specific tunnel for given peer -allowed: /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl \ +allowed: @SUDOUSRDIR@/vyatta-vpn-op.pl \ --op=get-tunnels-for-peer \ --peer="${COMP_WORDS[COMP_CWORD-2]}" -run: /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl \ +run: @SUDOUSRDIR@/vyatta-vpn-op.pl \ --op=clear-specific-tunnel-for-peer \ --peer="$4" \ --tunnel="$6" diff --git a/templates/reset/vpn/ipsec-peer/node.tag/vti/node.def b/templates/reset/vpn/ipsec-peer/node.tag/vti/node.def.in index f0f39a8..2e8e9be 100644 --- a/templates/reset/vpn/ipsec-peer/node.tag/vti/node.def +++ b/templates/reset/vpn/ipsec-peer/node.tag/vti/node.def.in @@ -1,5 +1,5 @@ help: Reset a vti tunnel for given peer -run: /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl \ +run: @SUDOUSRDIR@/vyatta-vpn-op.pl \ --op=clear-vtis-for-peer \ --peer="$4" diff --git a/templates/reset/vpn/ipsec-profile/node.tag/node.def b/templates/reset/vpn/ipsec-profile/node.tag/node.def deleted file mode 100644 index 639fac3..0000000 --- a/templates/reset/vpn/ipsec-profile/node.tag/node.def +++ /dev/null @@ -1,6 +0,0 @@ -help: Reset all tunnels for given profile - -allowed: /opt/vyatta/bin/sudo-users/vyatta-dmvpn-op.pl --op=get-all-profiles - -run: /opt/vyatta/bin/sudo-users/vyatta-dmvpn-op.pl \ - --op=clear-tunnels-for-profile --profile="$4" diff --git a/templates/reset/vpn/ipsec-profile/node.tag/node.def.in b/templates/reset/vpn/ipsec-profile/node.tag/node.def.in new file mode 100644 index 0000000..ea90853 --- /dev/null +++ b/templates/reset/vpn/ipsec-profile/node.tag/node.def.in @@ -0,0 +1,6 @@ +help: Reset all tunnels for given profile + +allowed: @SUDOUSRDIR@/vyatta-dmvpn-op.pl --op=get-all-profiles + +run: @SUDOUSRDIR@/vyatta-dmvpn-op.pl \ + --op=clear-tunnels-for-profile --profile="$4" diff --git a/templates/reset/vpn/ipsec-profile/node.tag/tunnel/node.tag/node.def b/templates/reset/vpn/ipsec-profile/node.tag/tunnel/node.tag/node.def.in index 08e299f..f5eda6c 100644 --- a/templates/reset/vpn/ipsec-profile/node.tag/tunnel/node.tag/node.def +++ b/templates/reset/vpn/ipsec-profile/node.tag/tunnel/node.tag/node.def.in @@ -1,10 +1,10 @@ help: Reset a specific tunnel for given profile -allowed: /opt/vyatta/bin/sudo-users/vyatta-dmvpn-op.pl \ +allowed: @SUDOUSRDIR@/vyatta-dmvpn-op.pl \ --op=get-tunnels-for-profile \ --profile="${COMP_WORDS[COMP_CWORD-2]}" -run: /opt/vyatta/bin/sudo-users/vyatta-dmvpn-op.pl \ +run: @SUDOUSRDIR@/vyatta-dmvpn-op.pl \ --op=clear-specific-tunnel-for-profile \ --profile="$4" \ --tunnel="$6" diff --git a/templates/restart/vpn/node.def b/templates/restart/vpn/node.def.in index 6d0f50c..4366d19 100644 --- a/templates/restart/vpn/node.def +++ b/templates/restart/vpn/node.def.in @@ -3,7 +3,7 @@ run: if [ -n "$(cli-shell-api returnActiveValues \ vpn ipsec ipsec-interfaces interface)" ]; then if pgrep charon > /dev/null then - /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=clear-vpn-ipsec-process + @SUDOUSRDIR@/vyatta-vpn-op.pl --op=clear-vpn-ipsec-process else echo IPsec process not running fi diff --git a/templates/show/vpn/debug/detail/node.def b/templates/show/vpn/debug/detail/node.def.in index 0f88f1e..8eb4e70 100644 --- a/templates/show/vpn/debug/detail/node.def +++ b/templates/show/vpn/debug/detail/node.def.in @@ -3,7 +3,7 @@ run: if [ -n "$(cli-shell-api returnActiveValues \ vpn ipsec ipsec-interfaces interface)" ]; then if pgrep charon > /dev/null then - /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=show-vpn-debug-detail + @SUDOUSRDIR@/vyatta-vpn-op.pl --op=show-vpn-debug-detail else echo IPsec process not running fi diff --git a/templates/show/vpn/debug/node.def b/templates/show/vpn/debug/node.def.in index 281228a..6fb98de 100644 --- a/templates/show/vpn/debug/node.def +++ b/templates/show/vpn/debug/node.def.in @@ -3,7 +3,7 @@ run: if [ -n "$(cli-shell-api returnActiveValues \ vpn ipsec ipsec-interfaces interface)" ]; then if pgrep charon > /dev/null then - /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=show-vpn-debug + @SUDOUSRDIR@/vyatta-vpn-op.pl --op=show-vpn-debug else echo IPsec process not running fi diff --git a/templates/show/vpn/debug/peer/node.tag/node.def b/templates/show/vpn/debug/peer/node.tag/node.def.in index a3a9573..bd60ed5 100644 --- a/templates/show/vpn/debug/peer/node.tag/node.def +++ b/templates/show/vpn/debug/peer/node.tag/node.def.in @@ -1,10 +1,10 @@ help: Show debugging information for a peer -allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-peers-for-cli +allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-peers-for-cli run: if [ -n "$(cli-shell-api returnActiveValues \ vpn ipsec ipsec-interfaces interface)" ]; then if pgrep charon > /dev/null then - /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=show-vpn-debug | grep peer-$5 + @SUDOUSRDIR@/vyatta-vpn-op.pl --op=show-vpn-debug | grep peer-$5 else echo IPsec process not running fi diff --git a/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def b/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def.in index 3c96973..ca422e3 100644 --- a/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def +++ b/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def.in @@ -1,10 +1,10 @@ help: Show debugging information for a peer's tunnel -allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[4]} +allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[4]} run: if [ -n "$(cli-shell-api returnActiveValues \ vpn ipsec ipsec-interfaces interface)" ]; then if pgrep charon > /dev/null then - /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=show-vpn-debug | grep "peer-$5-tunnel-$7" + @SUDOUSRDIR@/vyatta-vpn-op.pl --op=show-vpn-debug | grep "peer-$5-tunnel-$7" else echo IPsec process not running fi diff --git a/templates/show/vpn/ike/rsa-keys/node.def b/templates/show/vpn/ike/rsa-keys/node.def deleted file mode 100644 index 6d3baa5..0000000 --- a/templates/show/vpn/ike/rsa-keys/node.def +++ /dev/null @@ -1,2 +0,0 @@ -help: Show VPN RSA keys -run: sudo /opt/vyatta/bin/sudo-users/vyatta-show-vpn.pl rsa-keys diff --git a/templates/show/vpn/ike/rsa-keys/node.def.in b/templates/show/vpn/ike/rsa-keys/node.def.in new file mode 100644 index 0000000..255ca18 --- /dev/null +++ b/templates/show/vpn/ike/rsa-keys/node.def.in @@ -0,0 +1,2 @@ +help: Show VPN RSA keys +run: sudo @SUDOUSRDIR@/vyatta-show-vpn.pl rsa-keys diff --git a/templates/show/vpn/ike/sa/nat-traversal/node.def b/templates/show/vpn/ike/sa/nat-traversal/node.def.in index 3855c49..6c62b12 100644 --- a/templates/show/vpn/ike/sa/nat-traversal/node.def +++ b/templates/show/vpn/ike/sa/nat-traversal/node.def.in @@ -1,2 +1,2 @@ help: Show all currently active IKE Security Associations (SA) that are using NAT Traversal -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ike-sa-natt +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ike-sa-natt diff --git a/templates/show/vpn/ike/sa/node.def b/templates/show/vpn/ike/sa/node.def deleted file mode 100644 index 051d657..0000000 --- a/templates/show/vpn/ike/sa/node.def +++ /dev/null @@ -1,2 +0,0 @@ -help: Show all currently active IKE Security Associations (SA) -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ike-sa diff --git a/templates/show/vpn/ike/sa/node.def.in b/templates/show/vpn/ike/sa/node.def.in new file mode 100644 index 0000000..e372ff7 --- /dev/null +++ b/templates/show/vpn/ike/sa/node.def.in @@ -0,0 +1,2 @@ +help: Show all currently active IKE Security Associations (SA) +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ike-sa diff --git a/templates/show/vpn/ike/sa/peer/node.tag/node.def b/templates/show/vpn/ike/sa/peer/node.tag/node.def deleted file mode 100644 index c76b71b..0000000 --- a/templates/show/vpn/ike/sa/peer/node.tag/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Show all currently active IKE Security Associations (SA) for a peer -allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-peers-for-cli -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ike-sa-peer="$6" diff --git a/templates/show/vpn/ike/sa/peer/node.tag/node.def.in b/templates/show/vpn/ike/sa/peer/node.tag/node.def.in new file mode 100644 index 0000000..a9782ad --- /dev/null +++ b/templates/show/vpn/ike/sa/peer/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show all currently active IKE Security Associations (SA) for a peer +allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-peers-for-cli +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ike-sa-peer="$6" diff --git a/templates/show/vpn/ike/secrets/node.def b/templates/show/vpn/ike/secrets/node.def deleted file mode 100644 index ec4073c..0000000 --- a/templates/show/vpn/ike/secrets/node.def +++ /dev/null @@ -1,2 +0,0 @@ -help: Show all the pre-shared key secrets -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ike-secrets diff --git a/templates/show/vpn/ike/secrets/node.def.in b/templates/show/vpn/ike/secrets/node.def.in new file mode 100644 index 0000000..3d1a32d --- /dev/null +++ b/templates/show/vpn/ike/secrets/node.def.in @@ -0,0 +1,2 @@ +help: Show all the pre-shared key secrets +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ike-secrets diff --git a/templates/show/vpn/ike/status/node.def b/templates/show/vpn/ike/status/node.def deleted file mode 100644 index e74a741..0000000 --- a/templates/show/vpn/ike/status/node.def +++ /dev/null @@ -1,2 +0,0 @@ -help: Show summary of IKE process information -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ike-status diff --git a/templates/show/vpn/ike/status/node.def.in b/templates/show/vpn/ike/status/node.def.in new file mode 100644 index 0000000..7cc9b10 --- /dev/null +++ b/templates/show/vpn/ike/status/node.def.in @@ -0,0 +1,2 @@ +help: Show summary of IKE process information +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ike-status diff --git a/templates/show/vpn/ipsec/sa/detail/node.def.in b/templates/show/vpn/ipsec/sa/detail/node.def.in new file mode 100644 index 0000000..781d61b --- /dev/null +++ b/templates/show/vpn/ipsec/sa/detail/node.def.in @@ -0,0 +1,3 @@ +help: Show details for all active IPsec Security Associations (SA) +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-detail + sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-detail diff --git a/templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def.in new file mode 100644 index 0000000..659acfa --- /dev/null +++ b/templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show details for all active IPsec Security Associations (SA) for a peer +allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-peers-for-cli +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-peer-detail="$7" diff --git a/templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.tag/node.def.in new file mode 100644 index 0000000..5c121c3 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show details for the active IPsec Security Associations (SA) for a peer's tunnel +allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[6]} +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-conn-detail $7 $9 diff --git a/templates/show/vpn/ipsec/sa/detail/profile/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/detail/profile/node.tag/node.def.in new file mode 100644 index 0000000..bcbc520 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/detail/profile/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show details for all active IPsec Security Associations (SA) for a profile +allowed: @SUDOUSRDIR@/vyatta-op-vpnprof.pl --get-profiles-for-cli +run: sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-profile-detail="$7" diff --git a/templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.tag/node.def.in new file mode 100644 index 0000000..e31b008 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show details for the active IPsec Security Associations (SA) for a tunnel bound to profile +allowed: @SUDOUSRDIR@/vyatta-op-vpnprof.pl --get-conn-for-cli=${COMP_WORDS[6]} +run: sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-conn-detail $7 $9 diff --git a/templates/show/vpn/ipsec/sa/nat-traversal/node.def.in b/templates/show/vpn/ipsec/sa/nat-traversal/node.def.in new file mode 100644 index 0000000..f3bbe87 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/nat-traversal/node.def.in @@ -0,0 +1,2 @@ +help: Show all active IPsec Security Associations (SA) that are using NAT Traversal +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-natt diff --git a/templates/show/vpn/ipsec/sa/node.def b/templates/show/vpn/ipsec/sa/node.def deleted file mode 100644 index be8f108..0000000 --- a/templates/show/vpn/ipsec/sa/node.def +++ /dev/null @@ -1,8 +0,0 @@ -help: Show all active IPsec Security Associations (SA) - -run: if pgrep charon >&/dev/null; then - sudo /usr/sbin/swanctl --list-sas - else - echo -e "IPSec Process NOT Running\n" - fi - diff --git a/templates/show/vpn/ipsec/sa/node.def.in b/templates/show/vpn/ipsec/sa/node.def.in new file mode 100644 index 0000000..036a1d7 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/node.def.in @@ -0,0 +1,3 @@ +help: Show all active IPsec Security Associations (SA) +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa + sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa diff --git a/templates/show/vpn/ipsec/sa/peer/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/peer/node.tag/node.def.in new file mode 100644 index 0000000..1cae596 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/peer/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show all active IPsec Security Associations (SA) for a peer +allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-peers-for-cli +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-peer="$6" diff --git a/templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.tag/node.def.in new file mode 100644 index 0000000..8cc8a9c --- /dev/null +++ b/templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show the active IPsec Security Association (SA) for a peer's tunnel +allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[5]} +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-conn $6 $8 diff --git a/templates/show/vpn/ipsec/sa/profile/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/profile/node.tag/node.def.in new file mode 100644 index 0000000..30ed853 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/profile/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show all active IPsec Security Associations (SA) for a profile +allowed: @SUDOUSRDIR@/vyatta-op-vpnprof.pl --get-profiles-for-cli +run: sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-profile="$6" diff --git a/templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.tag/node.def.in new file mode 100644 index 0000000..3d643bc --- /dev/null +++ b/templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show the active IPsec Security Association (SA) for a profile's tunnel +allowed: @SUDOUSRDIR@/vyatta-op-vpnprof.pl --get-conn-for-cli=${COMP_WORDS[5]} +run: sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-conn $6 $8 diff --git a/templates/show/vpn/ipsec/sa/statistics/node.def.in b/templates/show/vpn/ipsec/sa/statistics/node.def.in new file mode 100644 index 0000000..5832f1a --- /dev/null +++ b/templates/show/vpn/ipsec/sa/statistics/node.def.in @@ -0,0 +1,3 @@ +help: Show statistics of all active tunnels that have IPsec Security Associations (SA) +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-stats + sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-stats diff --git a/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/node.def.in new file mode 100644 index 0000000..8b72451 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show stats for all active IPsec Security Associations (SA) for a peer +allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-peers-for-cli +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-stats-peer="$7" diff --git a/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.tag/node.def.in new file mode 100644 index 0000000..6566a44 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show stats for the active IPsec Security Association (SA) for a peer's tunnel +allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[6]} +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-stats-conn $7 $9 diff --git a/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/node.def.in new file mode 100644 index 0000000..1bc76d6 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show stats for all active IPsec Security Associations (SA) for a profile +allowed: @SUDOUSRDIR@/vyatta-op-vpnprof.pl --get-profiles-for-cli +run: sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-stats-profile="$7" diff --git a/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.tag/node.def.in new file mode 100644 index 0000000..9ae35c8 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show stats for the active IPsec Security Association (SA) for a tunnel bound to profile +allowed: @SUDOUSRDIR@/vyatta-op-vpnprof.pl --get-conn-for-cli=${COMP_WORDS[6]} +run: sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-stats-conn $7 $9 diff --git a/templates/show/vpn/ipsec/status/node.def b/templates/show/vpn/ipsec/status/node.def.in index 3c48c60..838a133 100644 --- a/templates/show/vpn/ipsec/status/node.def +++ b/templates/show/vpn/ipsec/status/node.def.in @@ -1,6 +1,6 @@ help: Show status of IPsec process run: if pgrep charon >&/dev/null; then - /opt/vyatta/bin/sudo-users/vyatta-show-ipsec-status.pl + @SUDOUSRDIR@/vyatta-show-ipsec-status.pl else echo -e "IPSec Process NOT Running\n" fi |