summaryrefslogtreecommitdiff
path: root/op-mode-definitions/vpn-ipsec.xml.in
diff options
context:
space:
mode:
Diffstat (limited to 'op-mode-definitions/vpn-ipsec.xml.in')
-rw-r--r--op-mode-definitions/vpn-ipsec.xml.in37
1 files changed, 23 insertions, 14 deletions
diff --git a/op-mode-definitions/vpn-ipsec.xml.in b/op-mode-definitions/vpn-ipsec.xml.in
index 3d997c143..803ce4cc2 100644
--- a/op-mode-definitions/vpn-ipsec.xml.in
+++ b/op-mode-definitions/vpn-ipsec.xml.in
@@ -19,16 +19,16 @@
<properties>
<help>Reset a specific tunnel for given peer</help>
</properties>
- <command>sudo ${vyos_op_scripts_dir}/vpn_ipsec.py --action="reset-peer" --name="$4" --tunnel="$6"</command>
+ <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$4" --tunnel="$6"</command>
</tagNode>
<node name="vti">
<properties>
<help>Reset the VTI tunnel for given peer</help>
</properties>
- <command>sudo ${vyos_op_scripts_dir}/vpn_ipsec.py --action="reset-peer" --name="$4" --tunnel="vti"</command>
+ <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$4" --tunnel="vti"</command>
</node>
</children>
- <command>sudo ${vyos_op_scripts_dir}/vpn_ipsec.py --action="reset-peer" --name="$4" --tunnel="all"</command>
+ <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$4" --tunnel="all"</command>
</tagNode>
<tagNode name="ipsec-profile">
<properties>
@@ -55,9 +55,9 @@
<children>
<node name="vpn">
<properties>
- <help>Restart IPSec VPN</help>
+ <help>Restart the IPsec VPN process</help>
</properties>
- <command>if pgrep charon >/dev/null ; then sudo ipsec restart ; sleep 3 ; sudo swanctl -q ; else echo "IPSec process not running" ; fi</command>
+ <command>if pgrep charon >/dev/null ; then sudo ipsec restart ; sleep 3 ; sudo swanctl -q ; else echo "IPsec process not running" ; fi</command>
</node>
</children>
</node>
@@ -76,6 +76,9 @@
<tagNode name="peer">
<properties>
<help>Show debugging information for a peer</help>
+ <completionHelp>
+ <path>vpn ipsec site-to-site peer</path>
+ </completionHelp>
</properties>
<children>
<tagNode name="tunnel">
@@ -131,9 +134,15 @@
</node>
<node name="ipsec">
<properties>
- <help>Show Internet Protocol Security (IPSec) information</help>
+ <help>Show Internet Protocol Security (IPsec) information</help>
</properties>
<children>
+ <node name="connections">
+ <properties>
+ <help>Show VPN connections</help>
+ </properties>
+ <command>sudo ${vyos_op_scripts_dir}/ipsec.py show_connections</command>
+ </node>
<node name="policy">
<properties>
<help>Show the in-kernel crypto policies</help>
@@ -148,19 +157,19 @@
</leafNode>
<node name="sa">
<properties>
- <help>Show all active IPSec Security Associations (SA)</help>
+ <help>Show all active IPsec Security Associations (SA)</help>
</properties>
<children>
<!--
<node name="detail">
<properties>
- <help>Show Detail on all active IPSec Security Associations (SA)</help>
+ <help>Show Detail on all active IPsec Security Associations (SA)</help>
</properties>
<command></command>
</node>
<tagNode name="stats">
<properties>
- <help>Show statistics for all currently active IPSec Security Associations (SA)</help>
+ <help>Show statistics for all currently active IPsec Security Associations (SA)</help>
<valueHelp>
<format>txt</format>
<description>Show Statistics for SAs associated with a specific peer</description>
@@ -179,12 +188,12 @@
-->
<node name="verbose">
<properties>
- <help>Show Verbose Detail on all active IPSec Security Associations (SA)</help>
+ <help>Show Verbose Detail on all active IPsec Security Associations (SA)</help>
</properties>
- <command>if pgrep charon >/dev/null ; then sudo /usr/sbin/ipsec statusall ; else echo "IPSec process not running" ; fi</command>
+ <command>if pgrep charon >/dev/null ; then sudo /usr/sbin/ipsec statusall ; else echo "IPsec process not running" ; fi</command>
</node>
</children>
- <command>if pgrep charon >/dev/null ; then sudo ${vyos_op_scripts_dir}/show_ipsec_sa.py ; else echo "IPSec process not running" ; fi</command>
+ <command>if pgrep charon >/dev/null ; then sudo ${vyos_op_scripts_dir}/ipsec.py show_sa ; else echo "IPsec process not running" ; fi</command>
</node>
<node name="state">
<properties>
@@ -194,9 +203,9 @@
</node>
<node name="status">
<properties>
- <help>Show status of IPSec process</help>
+ <help>Show status of IPsec process</help>
</properties>
- <command>if pgrep charon >/dev/null ; then echo -e "IPSec Process Running: $(pgrep charon)\n$(sudo /usr/sbin/ipsec status)" ; else echo "IPSec process not running" ; fi</command>
+ <command>if pgrep charon >/dev/null ; then echo -e "IPsec Process Running: $(pgrep charon)\n$(sudo /usr/sbin/ipsec status)" ; else echo "IPsec process not running" ; fi</command>
</node>
</children>
</node>