Merge pull request #1894 from aapostoliuk/T5043-sagitta

ipsec: T5043: Rewritten and fixed 'reset vpn' commands

1 files changed, 68 insertions, 29 deletions

diff --git a/op-mode-definitions/vpn-ipsec.xml.in b/op-mode-definitions/vpn-ipsec.xml.in
index ee006a2d5..5baaec7ce 100644
--- a/op-mode-definitions/vpn-ipsec.xml.in
+++ b/op-mode-definitions/vpn-ipsec.xml.in
@@ -7,49 +7,88 @@
           <help>Reset Virtual Private Network (VPN) information</help>
         </properties>
         <children>
-          <tagNode name="ipsec-peer">
+          <node name="ipsec">
             <properties>
-              <help>Reset all tunnels for given peer</help>
-              <completionHelp>
-                <path>vpn ipsec site-to-site peer</path>
-              </completionHelp>
+              <help>Reset IPSec VPN sessions</help>
             </properties>
             <children>
-              <tagNode name="tunnel">
+              <tagNode name="profile">
                 <properties>
-                  <help>Reset a specific tunnel for given peer</help>
+                  <help>Reset all tunnels for given DMVPN profile</help>
                   <completionHelp>
-                    <path>vpn ipsec site-to-site peer ${COMP_WORDS[3]} tunnel</path>
+                    <path>vpn ipsec profile</path>
                   </completionHelp>
                 </properties>
-                <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$4" --tunnel="$6"</command>
+                <children>
+                  <tagNode name="tunnel">
+                    <properties>
+                      <help>Reset a specific tunnel for given DMVPN profile</help>
+                    </properties>
+                    <command>sudo ${vyos_op_scripts_dir}/vpn_ipsec.py --action="reset-profile" --name="$6" --tunnel="$8"</command>
+                  </tagNode>
+                </children>
+                <command>sudo ${vyos_op_scripts_dir}/vpn_ipsec.py --action="reset-profile" --name="$6" --tunnel="all"</command>
               </tagNode>
-              <node name="vti">
+              <node name="remote-access">
                 <properties>
-                  <help>Reset the VTI tunnel for given peer</help>
+                  <help>Reset remote access IPSec VPN connections</help>
                 </properties>
-                <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$4" --tunnel="vti"</command>
+                <children>
+                  <node name="all">
+                    <properties>
+                      <help>Reset all users current remote access IPSec VPN sessions</help>
+                    </properties>
+                     <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_ra</command>
+                  </node>
+                  <tagNode name="user">
+                    <properties>
+                      <help>Reset specified user current remote access IPsec VPN session(s)</help>
+                    </properties>
+                    <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_ra --user="$6"</command>
+                  </tagNode>
+                </children>
               </node>
-            </children>
-            <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$4"</command>
-          </tagNode>
-          <tagNode name="ipsec-profile">
-            <properties>
-              <help>Reset all tunnels for given DMVPN profile</help>
-              <completionHelp>
-                <path>vpn ipsec profile</path>
-              </completionHelp>
-            </properties>
-            <children>
-              <tagNode name="tunnel">
+              <node name="site-to-site">
                 <properties>
-                  <help>Reset a specific tunnel for given DMVPN profile</help>
+                  <help>Reset site-to-site IPSec VPN connections</help>
                 </properties>
-                <command>sudo ${vyos_op_scripts_dir}/vpn_ipsec.py --action="reset-profile" --name="$4" --tunnel="$6"</command>
-              </tagNode>
+                <children>
+                  <node name="all">
+                    <properties>
+                      <help>Reset all site-to-site IPSec VPN sessions</help>
+                    </properties>
+                     <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_all_peers</command>
+                  </node>
+                  <tagNode name="peer">
+                    <properties>
+                      <help>Reset all tunnels for given peer</help>
+                      <completionHelp>
+                        <path>vpn ipsec site-to-site peer</path>
+                      </completionHelp>
+                    </properties>
+                    <children>
+                      <tagNode name="tunnel">
+                        <properties>
+                          <help>Reset a specific tunnel for given peer</help>
+                          <completionHelp>
+                            <path>vpn ipsec site-to-site peer ${COMP_WORDS[5]} tunnel</path>
+                          </completionHelp>
+                        </properties>
+                        <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$6" --tunnel="$8"</command>
+                      </tagNode>
+                      <node name="vti">
+                        <properties>
+                          <help>Reset the VTI tunnel for given peer</help>
+                        </properties>
+                        <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$6" --tunnel="vti"</command>
+                      </node>
+                    </children>
+                    <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$6"</command>
+                  </tagNode>
+                </children>
+              </node>
             </children>
-            <command>sudo ${vyos_op_scripts_dir}/vpn_ipsec.py --action="reset-profile" --name="$4" --tunnel="all"</command>
-          </tagNode>
+          </node>
         </children>
       </node>
     </children>