op-mode: T4395: Extend show vpn debug

Get more VPN IPSec information with swanctl and iproute2 commands
author: Viacheslav Hletenko <v.gletenko@vyos.io> 2022-04-25 09:25:11 +0000
committer: Viacheslav Hletenko <v.gletenko@vyos.io> 2022-04-25 09:25:11 +0000
commit: 73ac84619e6a71933d0f4cd3432f066a2a731128 (patch)
tree: d2744849dc5fd10c5ec192911e2cb8730e83c8be /src/op_mode
parent: fd9f82f96041b137885c99c526ac6efe2c4abc57 (diff)
download: vyos-1x-73ac84619e6a71933d0f4cd3432f066a2a731128.tar.gz
vyos-1x-73ac84619e6a71933d0f4cd3432f066a2a731128.zip
1 files changed, 16 insertions, 1 deletions
diff --git a/src/op_mode/vpn_ipsec.py b/src/op_mode/vpn_ipsec.py
index 40854fa8f..8955e5a59 100755
--- a/src/op_mode/vpn_ipsec.py
+++ b/src/op_mode/vpn_ipsec.py
@@ -88,7 +88,22 @@ def reset_profile(profile, tunnel):
 
 def debug_peer(peer, tunnel):
     if not peer or peer == "all":
-        call('sudo /usr/sbin/ipsec statusall')
+        debug_commands = [
+            "sudo ipsec statusall",
+            "sudo swanctl -L",
+            "sudo swanctl -l",
+            "sudo swanctl -P",
+            "sudo ip x sa show",
+            "sudo ip x policy show",
+            "sudo ip tunnel show",
+            "sudo ip address",
+            "sudo ip rule show",
+            "sudo ip route | head -100",
+            "sudo ip route show table 220"
+        ]
+        for debug_cmd in debug_commands:
+            print(f'\n### {debug_cmd} ###')
+            call(debug_cmd)
         return
 
     if not tunnel or tunnel == 'all':
author	Viacheslav Hletenko <v.gletenko@vyos.io>	2022-04-25 09:25:11 +0000
committer	Viacheslav Hletenko <v.gletenko@vyos.io>	2022-04-25 09:25:11 +0000
commit	73ac84619e6a71933d0f4cd3432f066a2a731128 (patch)
tree	d2744849dc5fd10c5ec192911e2cb8730e83c8be /src/op_mode
parent	fd9f82f96041b137885c99c526ac6efe2c4abc57 (diff)
download	vyos-1x-73ac84619e6a71933d0f4cd3432f066a2a731128.tar.gz vyos-1x-73ac84619e6a71933d0f4cd3432f066a2a731128.zip