diff options
Diffstat (limited to 'op-mode-definitions/vpn-ipsec.xml.in')
| -rw-r--r-- | op-mode-definitions/vpn-ipsec.xml.in | 56 |
1 files changed, 28 insertions, 28 deletions
diff --git a/op-mode-definitions/vpn-ipsec.xml.in b/op-mode-definitions/vpn-ipsec.xml.in index 0a8671aeb..af7f12ba8 100644 --- a/op-mode-definitions/vpn-ipsec.xml.in +++ b/op-mode-definitions/vpn-ipsec.xml.in @@ -24,7 +24,7 @@ <properties> <help>Reset a specific tunnel for given DMVPN profile</help> <completionHelp> - <script>sudo ${vyos_completion_dir}/list_ipsec_profile_tunnels.py --profile ${COMP_WORDS[4]}</script> + <script>${vyos_completion_dir}/list_ipsec_profile_tunnels.py --profile ${COMP_WORDS[4]}</script> </completionHelp> </properties> <children> @@ -35,10 +35,10 @@ <list><x.x.x.x> <h:h:h:h:h:h:h:h></list> </completionHelp> </properties> - <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_profile_dst --profile="$5" --tunnel="$7" --nbma-dst="$9"</command> + <command>${vyos_op_scripts_dir}/ipsec.py reset_profile_dst --profile="$5" --tunnel="$7" --nbma-dst="$9"</command> </tagNode> </children> - <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_profile_all --profile="$5" --tunnel="$7"</command> + <command>${vyos_op_scripts_dir}/ipsec.py reset_profile_all --profile="$5" --tunnel="$7"</command> </tagNode> </children> </tagNode> @@ -51,13 +51,13 @@ <properties> <help>Reset all users current remote access IPSec VPN sessions</help> </properties> - <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_ra</command> + <command>${vyos_op_scripts_dir}/ipsec.py reset_ra</command> </node> <tagNode name="user"> <properties> <help>Reset specified user current remote access IPsec VPN session(s)</help> </properties> - <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_ra --user="$6"</command> + <command>${vyos_op_scripts_dir}/ipsec.py reset_ra --user="$6"</command> </tagNode> </children> </node> @@ -70,7 +70,7 @@ <properties> <help>Reset all site-to-site IPSec VPN sessions</help> </properties> - <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_all_peers</command> + <command>${vyos_op_scripts_dir}/ipsec.py reset_all_peers</command> </node> <tagNode name="peer"> <properties> @@ -87,16 +87,16 @@ <path>vpn ipsec site-to-site peer ${COMP_WORDS[5]} tunnel</path> </completionHelp> </properties> - <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$6" --tunnel="$8"</command> + <command>${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$6" --tunnel="$8"</command> </tagNode> <node name="vti"> <properties> <help>Reset the VTI tunnel for given peer</help> </properties> - <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$6" --tunnel="vti"</command> + <command>${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$6" --tunnel="vti"</command> </node> </children> - <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$6"</command> + <command>${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$6"</command> </tagNode> </children> </node> @@ -112,7 +112,7 @@ <properties> <help>Restart the IPsec VPN process</help> </properties> - <command>sudo ${vyos_op_scripts_dir}/restart.py restart_service --name ipsec</command> + <command>${vyos_op_scripts_dir}/restart.py restart_service --name ipsec</command> </node> </children> </node> @@ -140,13 +140,13 @@ <properties> <help>Show debug information for peer tunnel</help> </properties> - <command>sudo ${vyos_op_scripts_dir}/vpn_ipsec.py --action="vpn-debug" --name="$5" --tunnel="$7"</command> + <command>${vyos_op_scripts_dir}/vpn_ipsec.py --action="vpn-debug" --name="$5" --tunnel="$7"</command> </tagNode> </children> - <command>sudo ${vyos_op_scripts_dir}/vpn_ipsec.py --action="vpn-debug" --name="$5" --tunnel="all"</command> + <command>${vyos_op_scripts_dir}/vpn_ipsec.py --action="vpn-debug" --name="$5" --tunnel="all"</command> </tagNode> </children> - <command>sudo ${vyos_op_scripts_dir}/vpn_ipsec.py --action="vpn-debug" --name="all"</command> + <command>${vyos_op_scripts_dir}/vpn_ipsec.py --action="vpn-debug" --name="all"</command> </node> <node name="ike"> <properties> @@ -162,16 +162,16 @@ <properties> <help>Show all currently active IKE Security Associations (SA) that are using NAT Traversal</help> </properties> - <command>sudo ${vyos_op_scripts_dir}/vpn_ike_sa.py --nat="yes"</command> + <command>${vyos_op_scripts_dir}/vpn_ike_sa.py --nat="yes"</command> </node> <tagNode name="peer"> <properties> <help>Show all currently active IKE Security Associations (SA) for a peer</help> </properties> - <command>sudo ${vyos_op_scripts_dir}/vpn_ike_sa.py --peer="$6"</command> + <command>${vyos_op_scripts_dir}/vpn_ike_sa.py --peer="$6"</command> </tagNode> </children> - <command>sudo ${vyos_op_scripts_dir}/vpn_ike_sa.py</command> + <command>${vyos_op_scripts_dir}/vpn_ike_sa.py</command> </node> <node name="secrets"> <properties> @@ -183,7 +183,7 @@ <properties> <help>Show summary of IKE process information</help> </properties> - <command>if systemctl is-active --quiet strongswan ; then systemctl status strongswan ; else echo "Process is not running" ; fi</command> + <command>systemctl status strongswan</command> </node> </children> </node> @@ -196,13 +196,13 @@ <properties> <help>Show VPN connections</help> </properties> - <command>sudo ${vyos_op_scripts_dir}/ipsec.py show_connections</command> + <command>${vyos_op_scripts_dir}/ipsec.py show_connections</command> </node> <node name="policy"> <properties> <help>Show the in-kernel crypto policies</help> </properties> - <command>sudo ip xfrm policy list</command> + <command>ip xfrm policy list</command> </node> <node name="remote-access"> <properties> @@ -213,25 +213,25 @@ <properties> <help>Show detail active IKEv2 RA sessions</help> </properties> - <command>if systemctl is-active --quiet strongswan ; then sudo ${vyos_op_scripts_dir}/ipsec.py show_ra_detail; else echo "IPsec process not running" ; fi</command> + <command>${vyos_op_scripts_dir}/ipsec.py show_ra_detail</command> </node> <tagNode name="connection-id"> <properties> <help>Show detail active IKEv2 RA sessions by connection-id</help> </properties> - <command>if systemctl is-active --quiet strongswan ; then sudo ${vyos_op_scripts_dir}/ipsec.py show_ra_detail --conn-id="$6"; else echo "IPsec process not running" ; fi</command> + <command>${vyos_op_scripts_dir}/ipsec.py show_ra_detail --conn-id="$6"</command> </tagNode> <node name="summary"> <properties> <help>Show active IKEv2 RA sessions summary</help> </properties> - <command>if systemctl is-active --quiet strongswan ; then sudo ${vyos_op_scripts_dir}/ipsec.py show_ra_summary; else echo "IPsec process not running" ; fi</command> + <command>${vyos_op_scripts_dir}/ipsec.py show_ra_summary; else echo "IPsec process not running"</command> </node> <tagNode name="username"> <properties> <help>Show detail active IKEv2 RA sessions by username</help> </properties> - <command>if systemctl is-active --quiet strongswan ; then sudo ${vyos_op_scripts_dir}/ipsec.py show_ra_detail --username="$6"; else echo "IPsec process not running" ; fi</command> + <command>${vyos_op_scripts_dir}/ipsec.py show_ra_detail --username="$6"</command> </tagNode> </children> </node> @@ -268,24 +268,24 @@ --> <node name="detail"> <properties> - <help>Show Verbose Detail on all active IPsec Security Associations (SA)</help> + <help>Show verbose details on all active IPsec security associations (SA)</help> </properties> - <command>if systemctl is-active --quiet strongswan ; then sudo ${vyos_op_scripts_dir}/ipsec.py show_sa_detail ; else echo "IPsec process not running" ; fi</command> + <command>${vyos_op_scripts_dir}/ipsec.py show_sa_detail</command> </node> </children> - <command>if systemctl is-active --quiet strongswan ; then sudo ${vyos_op_scripts_dir}/ipsec.py show_sa ; else echo "IPsec process not running" ; fi</command> + <command>${vyos_op_scripts_dir}/ipsec.py show_sa</command> </node> <node name="state"> <properties> <help>Show the in-kernel crypto state</help> </properties> - <command>sudo ip xfrm state list</command> + <command>ip xfrm state list</command> </node> <node name="status"> <properties> <help>Show status of IPsec process</help> </properties> - <command>if systemctl is-active --quiet strongswan >/dev/null ; then echo -e "IPsec Process Running: $(pgrep charon)\n$(sudo /usr/sbin/ipsec status)" ; else echo "IPsec process not running" ; fi</command> + <command>/usr/sbin/ipsec status</command> </node> </children> </node> |