diff options
Diffstat (limited to 'op-mode-definitions')
46 files changed, 912 insertions, 301 deletions
diff --git a/op-mode-definitions/clear-dhcp-server-lease.xml.in b/op-mode-definitions/clear-dhcp-server-lease.xml.in new file mode 100644 index 000000000..b1241588c --- /dev/null +++ b/op-mode-definitions/clear-dhcp-server-lease.xml.in @@ -0,0 +1,20 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="clear"> + <children> + <node name="dhcp-server"> + <properties> + <help>clear DHCP server lease</help> + </properties> + <children> + <tagNode name="lease"> + <properties> + <help>DHCP server lease</help> + </properties> + <command>sudo ${vyos_op_scripts_dir}/clear_dhcp_lease.py --ip $4</command> + </tagNode> + </children> + </node> + </children> + </node> +</interfaceDefinition> diff --git a/op-mode-definitions/clear-session.xml.in b/op-mode-definitions/clear-session.xml.in new file mode 100644 index 000000000..bfafe6312 --- /dev/null +++ b/op-mode-definitions/clear-session.xml.in @@ -0,0 +1,16 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="clear"> + <children> + <tagNode name="session"> + <properties> + <help>Terminate TTY or PTS user session</help> + <completionHelp> + <script>who | awk '{print $2}'</script> + </completionHelp> + </properties> + <command>sudo pkill -9 -t $3</command> + </tagNode> + </children> + </node> +</interfaceDefinition> diff --git a/op-mode-definitions/connect.xml.in b/op-mode-definitions/connect.xml.in index 8f19eac70..116cd6231 100644 --- a/op-mode-definitions/connect.xml.in +++ b/op-mode-definitions/connect.xml.in @@ -10,6 +10,7 @@ <help>Connect to device attached to serial console server</help> <completionHelp> <path>service console-server device</path> + <script>${vyos_completion_dir}/list_consoles.sh</script> </completionHelp> </properties> <command>/usr/bin/console "$3"</command> @@ -19,6 +20,7 @@ <help>Bring up a connection-oriented network interface</help> <completionHelp> <path>interfaces pppoe</path> + <path>interfaces sstpc</path> <path>interfaces wwan</path> </completionHelp> </properties> diff --git a/op-mode-definitions/container.xml.in b/op-mode-definitions/container.xml.in index fa66402dc..786bd66d3 100644 --- a/op-mode-definitions/container.xml.in +++ b/op-mode-definitions/container.xml.in @@ -69,7 +69,7 @@ <list><filename></list> </completionHelp> </properties> - <command>sudo podman build --layers --force-rm --tag "$4" $6</command> + <command>sudo podman build --net host --layers --force-rm --tag "$4" $6</command> </tagNode> </children> </tagNode> @@ -100,13 +100,13 @@ <properties> <help>Show containers</help> </properties> - <command>sudo podman ps --all</command> + <command>sudo ${vyos_op_scripts_dir}/container.py show_container</command> <children> <leafNode name="image"> <properties> <help>Show container image</help> </properties> - <command>sudo podman image ls</command> + <command>sudo ${vyos_op_scripts_dir}/container.py show_image</command> </leafNode> <tagNode name="log"> <properties> @@ -121,7 +121,7 @@ <properties> <help>Show available container networks</help> </properties> - <command>sudo podman network ls</command> + <command>sudo ${vyos_op_scripts_dir}/container.py show_network</command> </leafNode> </children> </node> @@ -149,7 +149,7 @@ <path>container name</path> </completionHelp> </properties> - <command>sudo podman restart "$3"</command> + <command>sudo ${vyos_op_scripts_dir}/container.py restart --name="$3"</command> </tagNode> </children> </node> diff --git a/op-mode-definitions/dhcp.xml.in b/op-mode-definitions/dhcp.xml.in index 241cca0ce..ce4026ff4 100644 --- a/op-mode-definitions/dhcp.xml.in +++ b/op-mode-definitions/dhcp.xml.in @@ -16,7 +16,7 @@ <properties> <help>Show DHCP server leases</help> </properties> - <command>sudo ${vyos_op_scripts_dir}/show_dhcp.py --leases</command> + <command>sudo ${vyos_op_scripts_dir}/dhcp.py show_server_leases --family inet</command> <children> <tagNode name="pool"> <properties> @@ -82,7 +82,7 @@ <properties> <help>Show DHCPv6 server leases</help> </properties> - <command>sudo ${vyos_op_scripts_dir}/show_dhcpv6.py --leases</command> + <command>sudo ${vyos_op_scripts_dir}/dhcp.py show_server_leases --family inet6</command> <children> <tagNode name="pool"> <properties> diff --git a/op-mode-definitions/disconnect.xml.in b/op-mode-definitions/disconnect.xml.in index 4415c0ed2..843998c4f 100644 --- a/op-mode-definitions/disconnect.xml.in +++ b/op-mode-definitions/disconnect.xml.in @@ -10,6 +10,7 @@ <help>Take down a connection-oriented network interface</help> <completionHelp> <path>interfaces pppoe</path> + <path>interfaces sstpc</path> <path>interfaces wwan</path> </completionHelp> </properties> diff --git a/op-mode-definitions/dns-forwarding.xml.in b/op-mode-definitions/dns-forwarding.xml.in index 6574f2319..c8ca117be 100644 --- a/op-mode-definitions/dns-forwarding.xml.in +++ b/op-mode-definitions/dns-forwarding.xml.in @@ -1,5 +1,26 @@ <?xml version="1.0"?> <interfaceDefinition> + <node name="monitor"> + <children> + <node name="log"> + <children> + <node name="dns"> + <properties> + <help>Monitor last lines of Domain Name Service (DNS)</help> + </properties> + <children> + <node name="forwarding"> + <properties> + <help>Monitor last lines of DNS forwarding</help> + </properties> + <command>journalctl --no-hostname --follow --boot --unit pdns-recursor.service</command> + </node> + </children> + </node> + </children> + </node> + </children> + </node> <node name="show"> <children> <node name="log"> @@ -13,7 +34,7 @@ <properties> <help>Show log for DNS Forwarding</help> </properties> - <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep -e "pdns_recursor"</command> + <command>journalctl --no-hostname --boot --unit pdns-recursor.service</command> </node> </children> </node> @@ -33,7 +54,7 @@ <properties> <help>Show DNS forwarding statistics</help> </properties> - <command>sudo ${vyos_op_scripts_dir}/dns_forwarding_statistics.py</command> + <command>sudo ${vyos_op_scripts_dir}/dns.py show_forwarding_statistics</command> </leafNode> </children> </node> diff --git a/op-mode-definitions/generate-ipsec-debug-archive.xml.in b/op-mode-definitions/generate-ipsec-debug-archive.xml.in index f268d5ae5..a9ce113d1 100644 --- a/op-mode-definitions/generate-ipsec-debug-archive.xml.in +++ b/op-mode-definitions/generate-ipsec-debug-archive.xml.in @@ -8,7 +8,7 @@ <properties> <help>Generate IPSec debug-archive</help> </properties> - <command>${vyos_op_scripts_dir}/generate_ipsec_debug_archive.sh</command> + <command>sudo ${vyos_op_scripts_dir}/generate_ipsec_debug_archive.py</command> </node> </children> </node> diff --git a/op-mode-definitions/generate-macsec-key.xml.in b/op-mode-definitions/generate-macsec-key.xml.in index 40d2b9061..d8e514c16 100644 --- a/op-mode-definitions/generate-macsec-key.xml.in +++ b/op-mode-definitions/generate-macsec-key.xml.in @@ -7,17 +7,37 @@ <help>Generate MACsec Key</help> </properties> <children> - <node name="mka-cak"> + <node name="mka"> <properties> - <help>Generate MACsec connectivity association key (CAK)</help> + <help>MACsec Key Agreement (MKA) protocol</help> </properties> - <command>/usr/bin/hexdump -n 16 -e '4/4 "%08x" 1 "\n"' /dev/random</command> - </node> - <node name="mka-ckn"> - <properties> - <help>Generate MACsec connectivity association name (CKN)</help> - </properties> - <command>/usr/bin/hexdump -n 32 -e '8/4 "%08x" 1 "\n"' /dev/random</command> + <children> + <node name="cak"> + <properties> + <help>Generate MACsec connectivity association key (CAK)</help> + </properties> + <children> + <leafNode name="gcm-aes-128"> + <properties> + <help>Generate random key for GCM-AES-128 encryption - 128bit</help> + </properties> + <command>/usr/bin/hexdump -n 16 -e '4/4 "%08x" 1 "\n"' /dev/random</command> + </leafNode> + <leafNode name="gcm-aes-256"> + <properties> + <help>Generate random key for GCM-AES-256 encryption - 256bit</help> + </properties> + <command>/usr/bin/hexdump -n 32 -e '8/4 "%08x" 1 "\n"' /dev/random</command> + </leafNode> + </children> + </node> + <node name="ckn"> + <properties> + <help>Generate MACsec connectivity association name (CKN) - 256bit</help> + </properties> + <command>/usr/bin/hexdump -n 32 -e '8/4 "%08x" 1 "\n"' /dev/random</command> + </node> + </children> </node> </children> </node> diff --git a/op-mode-definitions/geoip.xml.in b/op-mode-definitions/geoip.xml.in new file mode 100644 index 000000000..c1b6e87b9 --- /dev/null +++ b/op-mode-definitions/geoip.xml.in @@ -0,0 +1,13 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="update"> + <children> + <leafNode name="geoip"> + <properties> + <help>Update GeoIP database and firewall sets</help> + </properties> + <command>sudo ${vyos_libexec_dir}/geoip-update.py --force</command> + </leafNode> + </children> + </node> +</interfaceDefinition> diff --git a/op-mode-definitions/include/bgp/afi-ipv4-ipv6-common.xml.i b/op-mode-definitions/include/bgp/afi-ipv4-ipv6-common.xml.i index 084f5da83..7dbc4fde5 100644 --- a/op-mode-definitions/include/bgp/afi-ipv4-ipv6-common.xml.i +++ b/op-mode-definitions/include/bgp/afi-ipv4-ipv6-common.xml.i @@ -151,9 +151,9 @@ </leafNode> <tagNode name="neighbors"> <properties> - <help>Show detailed BGP IPv4 unicast neighbor information</help> + <help>Show BGP information for specified neighbor</help> <completionHelp> - <script>vtysh -c 'show bgp summary' | awk '{print $1'} | grep -e '^[0-9a-f]'</script> + <script>vtysh -c "$(IFS=$' '; echo "${COMP_WORDS[@]:0:${#COMP_WORDS[@]}-2} summary")" | awk '/^[0-9a-f]/ {print $1}'</script> </completionHelp> </properties> <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> diff --git a/op-mode-definitions/include/bgp/reset-bgp-afi-common.xml.i b/op-mode-definitions/include/bgp/reset-bgp-afi-common.xml.i new file mode 100644 index 000000000..2f88daad3 --- /dev/null +++ b/op-mode-definitions/include/bgp/reset-bgp-afi-common.xml.i @@ -0,0 +1,20 @@ +<!-- included start from bgp/reset-bgp-afi-common.xml.i --> +<node name="external"> + <properties> + <help>Reset all external peers</help> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> + <children> + #include <include/bgp/reset-bgp-neighbor-options.xml.i> + </children> +</node> +<tagNode name="1-4294967295"> + <properties> + <help>Reset peers with the AS number</help> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> + <children> + #include <include/bgp/reset-bgp-neighbor-options.xml.i> + </children> +</tagNode> +<!-- included end --> diff --git a/op-mode-definitions/include/bgp/reset-bgp-neighbor-options.xml.i b/op-mode-definitions/include/bgp/reset-bgp-neighbor-options.xml.i new file mode 100644 index 000000000..d9feee18a --- /dev/null +++ b/op-mode-definitions/include/bgp/reset-bgp-neighbor-options.xml.i @@ -0,0 +1,48 @@ +<!-- included start from bgp/reset-bgp-neighbor-options.xml.i --> +<node name="in"> + <properties> + <help>Send route-refresh unless using 'soft-reconfiguration inbound'</help> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> + <children> + <leafNode name="prefix-filter"> + <properties> + <help>Push out prefix-list ORF and do inbound soft reconfig</help> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> + </leafNode> + </children> +</node> +<leafNode name="message-stats"> + <properties> + <help>Reset message statistics</help> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> +</leafNode> +<leafNode name="out"> + <properties> + <help>Resend all outbound updates</help> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> +</leafNode> +<node name="soft"> + <properties> + <help>Soft reconfig inbound and outbound updates</help> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> + <children> + <node name="in"> + <properties> + <help>Send route-refresh unless using 'soft-reconfiguration inbound'</help> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> + </node> + <node name="out"> + <properties> + <help>Resend all outbound updates</help> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> + </node> + </children> +</node> +<!-- included end --> diff --git a/op-mode-definitions/include/bgp/reset-bgp-peer-group-vrf.xml.i b/op-mode-definitions/include/bgp/reset-bgp-peer-group-vrf.xml.i new file mode 100644 index 000000000..c1a24bae2 --- /dev/null +++ b/op-mode-definitions/include/bgp/reset-bgp-peer-group-vrf.xml.i @@ -0,0 +1,14 @@ +<!-- included start from bgp/reset-bgp-peer-group-vrf.xml.i --> +<tagNode name="peer-group"> + <properties> + <help>Reset all members of peer-group</help> + <completionHelp> + <path>vrf name ${COMP_WORDS[4]} protocols bgp peer-group</path> + </completionHelp> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> + <children> + #include <include/bgp/reset-bgp-neighbor-options.xml.i> + </children> +</tagNode> +<!-- included end --> diff --git a/op-mode-definitions/include/bgp/reset-bgp-peer-group.xml.i b/op-mode-definitions/include/bgp/reset-bgp-peer-group.xml.i new file mode 100644 index 000000000..c26e47b47 --- /dev/null +++ b/op-mode-definitions/include/bgp/reset-bgp-peer-group.xml.i @@ -0,0 +1,14 @@ +<!-- included start from bgp/reset-bgp-peer-group.xml.i --> +<tagNode name="peer-group"> + <properties> + <help>Reset all members of peer-group</help> + <completionHelp> + <path>protocols bgp peer-group</path> + </completionHelp> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> + <children> + #include <include/bgp/reset-bgp-neighbor-options.xml.i> + </children> +</tagNode> +<!-- included end --> diff --git a/op-mode-definitions/ipoe-server.xml.in b/op-mode-definitions/ipoe-server.xml.in index 89cefa08d..3aee303dc 100644 --- a/op-mode-definitions/ipoe-server.xml.in +++ b/op-mode-definitions/ipoe-server.xml.in @@ -4,12 +4,12 @@ <children> <node name="ipoe-server"> <properties> - <help>Clear IPoE server sessions or process</help> + <help>IPoE (Internet Protocol over Ethernet) server</help> </properties> <children> <node name="session"> <properties> - <help>Clear IPoE server session</help> + <help>Clear IPoE (Internet Protocol over Ethernet) server session</help> </properties> <children> <tagNode name="username"> @@ -49,7 +49,7 @@ <children> <node name="ipoe-server"> <properties> - <help>Show IPoE server status</help> + <help>Show IPoE (Internet Protocol over Ethernet) server status</help> </properties> <children> <leafNode name="sessions"> @@ -72,7 +72,7 @@ <children> <leafNode name="ipoe-server"> <properties> - <help>Restart IPoE server process</help> + <help>Restart IPoE (Internet Protocol over Ethernet) server process</help> </properties> <command>${vyos_op_scripts_dir}/ipoe-control.py --action="restart"</command> </leafNode> diff --git a/op-mode-definitions/ipv4-route.xml.in b/op-mode-definitions/ipv4-route.xml.in index 8f001d5bb..660b34496 100644 --- a/op-mode-definitions/ipv4-route.xml.in +++ b/op-mode-definitions/ipv4-route.xml.in @@ -39,7 +39,7 @@ <list><x.x.x.x></list> </completionHelp> </properties> - <command>sudo ip neigh flush to "$5"</command> + <command>sudo ${vyos_op_scripts_dir}/neighbor.py reset --family inet --address "$5"</command> </tagNode> <tagNode name="interface"> <properties> @@ -48,8 +48,14 @@ <script>${vyos_completion_dir}/list_interfaces.py</script> </completionHelp> </properties> - <command>sudo ip neigh flush dev "$5"</command> + <command>sudo ${vyos_op_scripts_dir}/neighbor.py reset --family inet --interface "$5"</command> </tagNode> + <node name="table"> + <properties> + <help>Flush the ARP cache completely</help> + </properties> + <command>sudo ${vyos_op_scripts_dir}/neighbor.py reset --family inet</command> + </node> </children> </node> <node name="route"> diff --git a/op-mode-definitions/ipv6-route.xml.in b/op-mode-definitions/ipv6-route.xml.in index 5f20444d4..d75caf308 100644 --- a/op-mode-definitions/ipv6-route.xml.in +++ b/op-mode-definitions/ipv6-route.xml.in @@ -7,7 +7,7 @@ <children> <node name="ipv6"> <properties> - <help>Show IPv6 routing information</help> + <help>Show IPv6 networking information</help> </properties> <children> <leafNode name="groups"> @@ -16,14 +16,32 @@ </properties> <command>netstat -gn6</command> </leafNode> - - <leafNode name="neighbors"> + <node name="neighbors"> <properties> - <help>Show IPv6 Neighbor Discovery (ND) information</help> + <help>Show IPv6 neighbor (NDP) table</help> </properties> - <command>${vyos_op_scripts_dir}/show_neigh.py --family inet6</command> - </leafNode> - + <command>${vyos_op_scripts_dir}/neighbor.py show --family inet6</command> + <children> + <tagNode name="interface"> + <properties> + <help>Show IPv6 neighbor table for specified interface</help> + <completionHelp> + <script>${vyos_completion_dir}/list_interfaces.py -b</script> + </completionHelp> + </properties> + <command>${vyos_op_scripts_dir}/neighbor.py show --family inet6 --interface "$5"</command> + </tagNode> + <tagNode name="state"> + <properties> + <help>Show IPv6 neighbors with specified state</help> + <completionHelp> + <list>reachable stale failed permanent</list> + </completionHelp> + </properties> + <command>${vyos_op_scripts_dir}/neighbor.py show --family inet6 --state "$5"</command> + </tagNode> + </children> + </node> </children> </node> </children> diff --git a/op-mode-definitions/monitor-log.xml.in b/op-mode-definitions/monitor-log.xml.in index 7ecce4f78..1b1f53dc2 100644 --- a/op-mode-definitions/monitor-log.xml.in +++ b/op-mode-definitions/monitor-log.xml.in @@ -8,12 +8,25 @@ </properties> <command>journalctl --no-hostname --follow --boot</command> <children> - <node name="colored"> + <node name="color"> <properties> <help>Output log in a colored fashion</help> </properties> <command>grc journalctl --no-hostname --follow --boot</command> </node> + <node name="ids"> + <properties> + <help>Monitor log for Intrusion Detection System</help> + </properties> + <children> + <leafNode name="ddos-protection"> + <properties> + <help>Monitor last lines of DDOS protection</help> + </properties> + <command>journalctl --no-hostname --follow --boot --unit fastnetmon.service</command> + </leafNode> + </children> + </node> <node name="dhcp"> <properties> <help>Monitor last lines of Dynamic Host Control Protocol (DHCP)</help> @@ -105,13 +118,13 @@ <script>${vyos_completion_dir}/list_interfaces.py -t pppoe</script> </completionHelp> </properties> - <command>journalctl --no-hostname --boot --follow --unit "ppp@$6.service"</command> + <command>journalctl --no-hostname --boot --follow --unit "ppp@$5.service"</command> </tagNode> </children> </node> <node name="protocol"> <properties> - <help>Monitor log for Routing Protocols</help> + <help>Monitor log for Routing Protocol</help> </properties> <children> <leafNode name="ospf"> @@ -182,6 +195,89 @@ </leafNode> </children> </node> + <node name="macsec"> + <properties> + <help>Monitor last lines of MACsec</help> + </properties> + <command>journalctl --no-hostname --boot --follow --unit "wpa_supplicant-macsec@*.service"</command> + <children> + <tagNode name="interface"> + <properties> + <help>Monitor last lines of specific MACsec interface</help> + <completionHelp> + <script>${vyos_completion_dir}/list_interfaces.py -t macsec</script> + </completionHelp> + </properties> + <command>SRC=$(cli-shell-api returnValue interfaces macsec "$5" source-interface); journalctl --no-hostname --boot --follow --unit "wpa_supplicant-macsec@$SRC.service"</command> + </tagNode> + </children> + </node> + <leafNode name="snmp"> + <properties> + <help>Monitor last lines of Simple Network Monitoring Protocol (SNMP)</help> + </properties> + <command>journalctl --no-hostname --boot --follow --unit snmpd.service</command> + </leafNode> + <leafNode name="ssh"> + <properties> + <help>Monitor last lines of Secure Shell (SSH)</help> + </properties> + <command>journalctl --no-hostname --boot --follow --unit ssh.service</command> + </leafNode> + <node name="sstpc"> + <properties> + <help>Monitor last lines of SSTP client log</help> + </properties> + <command>journalctl --no-hostname --boot --follow --unit "ppp@sstpc*.service"</command> + <children> + <tagNode name="interface"> + <properties> + <help>Monitor last lines of SSTP client log for specific interface</help> + <completionHelp> + <script>${vyos_completion_dir}/list_interfaces.py -t sstpc</script> + </completionHelp> + </properties> + <command>journalctl --no-hostname --boot --follow --unit "ppp@$5.service"</command> + </tagNode> + </children> + </node> + <node name="vpn"> + <properties> + <help>Show log for Virtual Private Network (VPN)</help> + </properties> + <children> + <leafNode name="all"> + <properties> + <help>Monitor last lines of ALL VPNs</help> + </properties> + <command>journalctl --no-hostname --boot --follow --unit strongswan-starter.service --unit accel-ppp@*.service</command> + </leafNode> + <leafNode name="ipsec"> + <properties> + <help>Monitor last lines of IPsec</help> + </properties> + <command>journalctl --no-hostname --boot --follow --unit strongswan-starter.service</command> + </leafNode> + <leafNode name="l2tp"> + <properties> + <help>Monitor last lines of L2TP</help> + </properties> + <command>journalctl --no-hostname --boot --follow --unit accel-ppp@l2tp.service</command> + </leafNode> + <leafNode name="pptp"> + <properties> + <help>Monitor last lines of PPTP</help> + </properties> + <command>journalctl --no-hostname --boot --follow --unit accel-ppp@pptp.service</command> + </leafNode> + <leafNode name="sstp"> + <properties> + <help>Monitor last lines of SSTP</help> + </properties> + <command>journalctl --no-hostname --boot --follow --unit accel-ppp@sstp.service</command> + </leafNode> + </children> + </node> </children> </node> </children> diff --git a/op-mode-definitions/nat.xml.in b/op-mode-definitions/nat.xml.in index 084e2e7e3..50abb1555 100644 --- a/op-mode-definitions/nat.xml.in +++ b/op-mode-definitions/nat.xml.in @@ -16,13 +16,13 @@ <properties> <help>Show configured source NAT rules</help> </properties> - <command>${vyos_op_scripts_dir}/show_nat_rules.py --source</command> + <command>${vyos_op_scripts_dir}/nat.py show_rules --direction source --family inet</command> </node> <node name="statistics"> <properties> <help>Show statistics for configured source NAT rules</help> </properties> - <command>${vyos_op_scripts_dir}/show_nat_statistics.py --source</command> + <command>${vyos_op_scripts_dir}/nat.py show_statistics --direction source --family inet</command> </node> <node name="translations"> <properties> @@ -45,7 +45,7 @@ <command>${vyos_op_scripts_dir}/show_nat_translations.py --type=source --verbose</command> </node> </children> - <command>${vyos_op_scripts_dir}/show_nat_translations.py --type=source</command> + <command>${vyos_op_scripts_dir}/nat.py show_translations --direction source --family inet</command> </node> </children> </node> @@ -58,13 +58,13 @@ <properties> <help>Show configured destination NAT rules</help> </properties> - <command>${vyos_op_scripts_dir}/show_nat_rules.py --destination</command> + <command>${vyos_op_scripts_dir}/nat.py show_rules --direction destination --family inet</command> </node> <node name="statistics"> <properties> <help>Show statistics for configured destination NAT rules</help> </properties> - <command>${vyos_op_scripts_dir}/show_nat_statistics.py --destination</command> + <command>${vyos_op_scripts_dir}/nat.py show_statistics --direction destination --family inet</command> </node> <node name="translations"> <properties> @@ -87,7 +87,7 @@ <command>${vyos_op_scripts_dir}/show_nat_translations.py --type=destination --verbose</command> </node> </children> - <command>${vyos_op_scripts_dir}/show_nat_translations.py --type=destination</command> + <command>${vyos_op_scripts_dir}/nat.py show_translations --direction destination --family inet</command> </node> </children> </node> diff --git a/op-mode-definitions/nat66.xml.in b/op-mode-definitions/nat66.xml.in index 1ec46eb11..25aa04d59 100644 --- a/op-mode-definitions/nat66.xml.in +++ b/op-mode-definitions/nat66.xml.in @@ -16,7 +16,7 @@ <properties> <help>Show configured source NAT66 rules</help> </properties> - <command>${vyos_op_scripts_dir}/show_nat66_rules.py --source</command> + <command>${vyos_op_scripts_dir}/nat.py show_rules --direction source --family inet6</command> </node> <node name="statistics"> <properties> @@ -45,7 +45,7 @@ <command>${vyos_op_scripts_dir}/show_nat66_translations.py --type=source --verbose</command> </node> </children> - <command>${vyos_op_scripts_dir}/show_nat66_translations.py --type=source</command> + <command>${vyos_op_scripts_dir}/nat.py show_translations --direction source --family inet6</command> </node> </children> </node> @@ -58,7 +58,7 @@ <properties> <help>Show configured destination NAT66 rules</help> </properties> - <command>${vyos_op_scripts_dir}/show_nat66_rules.py --destination</command> + <command>${vyos_op_scripts_dir}/nat.py show_rules --direction destination --family inet6</command> </node> <node name="statistics"> <properties> @@ -87,7 +87,7 @@ <command>${vyos_op_scripts_dir}/show_nat66_translations.py --type=destination --verbose</command> </node> </children> - <command>${vyos_op_scripts_dir}/show_nat66_translations.py --type=destination</command> + <command>${vyos_op_scripts_dir}/nat.py show_translations --direction destination --family inet6</command> </node> </children> </node> diff --git a/op-mode-definitions/nhrp.xml.in b/op-mode-definitions/nhrp.xml.in index 89508e2be..c10b111a7 100644 --- a/op-mode-definitions/nhrp.xml.in +++ b/op-mode-definitions/nhrp.xml.in @@ -43,7 +43,7 @@ <children> <node name="nhrp"> <properties> - <help>Show NHRP info</help> + <help>Show NHRP (Next Hop Resolution Protocol) information</help> </properties> <children> <leafNode name="interface"> diff --git a/op-mode-definitions/openconnect.xml.in b/op-mode-definitions/openconnect.xml.in index 9343637c0..88e1f9f15 100644 --- a/op-mode-definitions/openconnect.xml.in +++ b/op-mode-definitions/openconnect.xml.in @@ -11,7 +11,7 @@ <properties> <help>Show active OpenConnect server sessions</help> </properties> - <command>${vyos_op_scripts_dir}/openconnect-control.py --action="show_sessions"</command> + <command>${vyos_op_scripts_dir}/openconnect.py show_sessions</command> </leafNode> <tagNode name="user"> <properties> diff --git a/op-mode-definitions/openvpn.xml.in b/op-mode-definitions/openvpn.xml.in index 301688271..aec09fa48 100644 --- a/op-mode-definitions/openvpn.xml.in +++ b/op-mode-definitions/openvpn.xml.in @@ -23,7 +23,7 @@ <script>sudo ${vyos_completion_dir}/list_interfaces.py --type openvpn</script> </completionHelp> </properties> - <command>sudo ${vyos_op_scripts_dir}/reset_openvpn.py $4</command> + <command>sudo ${vyos_op_scripts_dir}/openvpn.py reset --interface $4</command> </tagNode> </children> </node> @@ -109,19 +109,19 @@ <properties> <help>Show tunnel status for OpenVPN client interfaces</help> </properties> - <command>sudo ${vyos_op_scripts_dir}/show_openvpn.py --mode=client</command> + <command>sudo ${vyos_op_scripts_dir}/openvpn.py show --mode client</command> </leafNode> <leafNode name="server"> <properties> <help>Show tunnel status for OpenVPN server interfaces</help> </properties> - <command>sudo ${vyos_op_scripts_dir}/show_openvpn.py --mode=server</command> + <command>sudo ${vyos_op_scripts_dir}/openvpn.py show --mode server</command> </leafNode> <leafNode name="site-to-site"> <properties> <help>Show tunnel status for OpenVPN site-to-site interfaces</help> </properties> - <command>sudo ${vyos_op_scripts_dir}/show_openvpn.py --mode=site-to-site</command> + <command>sudo ${vyos_op_scripts_dir}/openvpn.py show --mode site-to-site</command> </leafNode> </children> </node> diff --git a/op-mode-definitions/pptp-server.xml.in b/op-mode-definitions/pptp-server.xml.in index 59be68611..f6f8104d8 100644 --- a/op-mode-definitions/pptp-server.xml.in +++ b/op-mode-definitions/pptp-server.xml.in @@ -4,7 +4,7 @@ <children> <node name="pptp-server"> <properties> - <help>Show PPTP server information</help> + <help>Show PPTP (Point-to-Point Tunneling Protocol) server information</help> </properties> <children> <leafNode name="sessions"> diff --git a/op-mode-definitions/reset-bgp.xml.in b/op-mode-definitions/reset-bgp.xml.in new file mode 100644 index 000000000..a1d42d4a3 --- /dev/null +++ b/op-mode-definitions/reset-bgp.xml.in @@ -0,0 +1,258 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="reset"> + <children> + <node name="bgp"> + <properties> + <help>Border Gateway Protocol (BGP) information</help> + </properties> + <children> + <leafNode name="all"> + <properties> + <help>Clear all peers</help> + </properties> + <command>vtysh -c "clear bgp *"</command> + </leafNode> + #include <include/bgp/reset-bgp-afi-common.xml.i> + #include <include/bgp/reset-bgp-peer-group.xml.i> + <tagNode name="prefix"> + <properties> + <help>Clear bestpath and re-advertise</help> + <completionHelp> + <list><x.x.x.x/x></list> + </completionHelp> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> + </tagNode> + <node name="ipv4"> + <properties> + <help>IPv4 Address Family</help> + </properties> + <children> + <leafNode name="all"> + <properties> + <help>Clear all peers</help> + </properties> + <command>vtysh -c "clear bgp ipv4 *"</command> + </leafNode> + #include <include/bgp/reset-bgp-afi-common.xml.i> + #include <include/bgp/reset-bgp-peer-group.xml.i> + </children> + </node> + <tagNode name="ipv4"> + <properties> + <help>IPv4 neighbor to clear</help> + <completionHelp> + <script>${vyos_completion_dir}/list_bgp_neighbors.sh --ipv4</script> + </completionHelp> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> + <children> + #include <include/bgp/reset-bgp-neighbor-options.xml.i> + </children> + </tagNode> + <node name="ipv6"> + <properties> + <help>IPv6 Address Family</help> + </properties> + <children> + <leafNode name="all"> + <properties> + <help>Clear all peers</help> + </properties> + <command>vtysh -c "clear bgp ipv6 *"</command> + </leafNode> + #include <include/bgp/reset-bgp-afi-common.xml.i> + #include <include/bgp/reset-bgp-peer-group.xml.i> + </children> + </node> + <tagNode name="ipv6"> + <properties> + <help>IPv6 neighbor to clear</help> + <completionHelp> + <script>${vyos_completion_dir}/list_bgp_neighbors.sh --ipv6</script> + </completionHelp> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> + <children> + #include <include/bgp/reset-bgp-neighbor-options.xml.i> + </children> + </tagNode> + <node name="l2vpn"> + <properties> + <help>Layer 2 Virtual Private Network Address Family</help> + </properties> + <children> + <node name="evpn"> + <properties> + <help>Ethernet Virtual Private Network</help> + </properties> + <children> + <leafNode name="all"> + <properties> + <help>Clear all peers</help> + </properties> + <command>vtysh -c "clear bgp l2vpn evpn *"</command> + </leafNode> + #include <include/bgp/reset-bgp-afi-common.xml.i> + #include <include/bgp/reset-bgp-peer-group.xml.i> + </children> + </node> + <tagNode name="evpn"> + <properties> + <help>BGP IPv4/IPv6 neighbor to clear</help> + <completionHelp> + <script>${vyos_completion_dir}/list_bgp_neighbors.sh --both</script> + </completionHelp> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> + <children> + #include <include/bgp/reset-bgp-neighbor-options.xml.i> + </children> + </tagNode> + </children> + </node> + <tagNode name="vrf"> + <properties> + <help>Virtual Routing and Forwarding (VRF)</help> + <completionHelp> + <path>vrf name</path> + </completionHelp> + </properties> + <children> + <node name="node.tag"> + <properties> + <help>IPv4/IPv6 neighbor to clear</help> + <completionHelp> + <script>${vyos_completion_dir}/list_bgp_neighbors.sh --both --vrf ${COMP_WORDS[3]}</script> + </completionHelp> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> + <children> + #include <include/bgp/reset-bgp-neighbor-options.xml.i> + </children> + </node> + <leafNode name="all"> + <properties> + <help>Clear all peers</help> + </properties> + <command>vtysh -c "clear bgp vrf $4 *"</command> + </leafNode> + #include <include/bgp/reset-bgp-afi-common.xml.i> + #include <include/bgp/reset-bgp-peer-group-vrf.xml.i> + <tagNode name="prefix"> + <properties> + <help>Clear bestpath and re-advertise</help> + <completionHelp> + <list><x.x.x.x/x></list> + </completionHelp> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> + </tagNode> + <node name="ipv4"> + <properties> + <help>IPv4 Address Family</help> + </properties> + <children> + <leafNode name="all"> + <properties> + <help>Clear all peers</help> + </properties> + <command>vtysh -c "clear bgp vrf $4 ipv4 *"</command> + </leafNode> + #include <include/bgp/reset-bgp-afi-common.xml.i> + #include <include/bgp/reset-bgp-peer-group-vrf.xml.i> + </children> + </node> + <tagNode name="ipv4"> + <properties> + <help>IPv4 neighbor to clear</help> + <completionHelp> + <script>${vyos_completion_dir}/list_bgp_neighbors.sh --ipv4 --vrf ${COMP_WORDS[3]}</script> + </completionHelp> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> + <children> + #include <include/bgp/reset-bgp-neighbor-options.xml.i> + </children> + </tagNode> + <node name="ipv6"> + <properties> + <help>IPv6 Address Family</help> + </properties> + <children> + <leafNode name="all"> + <properties> + <help>Clear all peers</help> + </properties> + <command>vtysh -c "clear bgp vrf $4 ipv6 *"</command> + </leafNode> + #include <include/bgp/reset-bgp-afi-common.xml.i> + #include <include/bgp/reset-bgp-peer-group-vrf.xml.i> + </children> + </node> + <tagNode name="ipv6"> + <properties> + <help>IPv6 neighbor to clear</help> + <completionHelp> + <script>${vyos_completion_dir}/list_bgp_neighbors.sh --ipv6 --vrf ${COMP_WORDS[3]}</script> + </completionHelp> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> + <children> + #include <include/bgp/reset-bgp-neighbor-options.xml.i> + </children> + </tagNode> + <node name="l2vpn"> + <properties> + <help>Layer 2 Virtual Private Network Address Family</help> + </properties> + <children> + <node name="evpn"> + <properties> + <help>Ethernet Virtual Private Network</help> + </properties> + <children> + <leafNode name="all"> + <properties> + <help>Clear all peers</help> + </properties> + <command>vtysh -c "clear bgp vrf $4 l2vpn evpn *"</command> + </leafNode> + #include <include/bgp/reset-bgp-afi-common.xml.i> + #include <include/bgp/reset-bgp-peer-group-vrf.xml.i> + </children> + </node> + <tagNode name="evpn"> + <properties> + <help>BGP IPv4/IPv6 neighbor to clear</help> + <completionHelp> + <script>${vyos_completion_dir}/list_bgp_neighbors.sh --both --vrf ${COMP_WORDS[3]}</script> + </completionHelp> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> + <children> + #include <include/bgp/reset-bgp-neighbor-options.xml.i> + </children> + </tagNode> + </children> + </node> + </children> + </tagNode> + </children> + </node> + <tagNode name="bgp"> + <properties> + <help>BGP IPv4/IPv6 neighbor to clear</help> + <completionHelp> + <script>${vyos_completion_dir}/list_bgp_neighbors.sh --both</script> + </completionHelp> + </properties> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> + <children> + #include <include/bgp/reset-bgp-neighbor-options.xml.i> + </children> + </tagNode> + </children> + </node> +</interfaceDefinition> diff --git a/op-mode-definitions/reset-ip-bgp.xml.in b/op-mode-definitions/reset-ip-bgp.xml.in index 931a2a9bc..34a4503d9 100644 --- a/op-mode-definitions/reset-ip-bgp.xml.in +++ b/op-mode-definitions/reset-ip-bgp.xml.in @@ -6,7 +6,7 @@ <children> <node name="bgp"> <properties> - <help>Clear Border Gateway Protocol (BGP) statistics or status</help> + <help>Border Gateway Protocol (BGP) information</help> </properties> <children> <leafNode name="all"> @@ -41,159 +41,45 @@ </leafNode> </children> </tagNode> - <node name="external"> + #include <include/bgp/reset-bgp-afi-common.xml.i> + #include <include/bgp/reset-bgp-peer-group.xml.i> + <tagNode name="vrf"> <properties> - <help>Clear all external peers</help> + <help>Clear BGP statistics or status for vrf</help> <completionHelp> - <list>WORD</list> + <path>vrf name</path> </completionHelp> </properties> - <command>vtysh -c "clear bgp ipv4 external"</command> <children> - <node name="in"> + <leafNode name="all"> <properties> - <help>Send route-refresh unless using 'soft-reconfiguration inbound'</help> + <help>Clear all BGP peering sessions for vrf</help> </properties> - <command>vtysh -c "clear bgp ipv4 external in"</command> - <children> - <leafNode name="prefix-filter"> - <properties> - <help>Push out prefix-list ORF and do inbound soft reconfig</help> - </properties> - <command>vtysh -c "clear bgp ipv4 external in prefix-filter"</command> - </leafNode> - </children> - </node> - <node name="out"> - <properties> - <help>Resend all outbound updates</help> - </properties> - <command>vtysh -c "clear bgp ipv4 external out"</command> - </node> - <node name="soft"> - <properties> - <help>Soft reconfig inbound and outbound updates</help> - </properties> - <command>vtysh -c "clear bgp ipv4 external soft"</command> - <children> - <node name="in"> - <properties> - <help>Clear via soft reconfig of inbound update</help> - </properties> - <command>vtysh -c "clear bgp ipv4 external soft in"</command> - </node> - <node name="out"> - <properties> - <help>Resend all outbound updates</help> - </properties> - <command>vtysh -c "clear bgp ipv4 external soft out"</command> - </node> - </children> - </node> - </children> - </node> - <tagNode name="peer-group"> - <properties> - <help>Clear BGP statistics or status for given peer-group</help> - <completionHelp> - <list>WORD</list> - </completionHelp> - </properties> - <command>vtysh -c "clear bgp ipv4 peer-group $5"</command> - <children> - <node name="in"> - <properties> - <help>Send route-refresh unless using 'soft-reconfiguration inbound'</help> - </properties> - <command>vtysh -c "clear bgp ipv4 peer-group $5 in"</command> - <children> - <leafNode name="prefix-filter"> - <properties> - <help>Push out prefix-list ORF and do inbound soft reconfig</help> - </properties> - <command>vtysh -c "clear bgp ipv4 peer-group $5 in prefix-filter"</command> - </leafNode> - </children> - </node> - <node name="out"> - <properties> - <help>Resend all outbound updates</help> - </properties> - <command>vtysh -c "clear bgp ipv4 peer-group $5 out"</command> - </node> - <node name="soft"> + <command>vtysh -c "clear bgp vrf $5 *"</command> + </leafNode> + <leafNode name="node.tag"> <properties> - <help>Soft reconfig inbound and outbound updates</help> + <help>Clear BGP neighbor IP address</help> + <completionHelp> + <list><x.x.x.x></list> + </completionHelp> </properties> - <command>vtysh -c "clear bgp ipv4 peer-group $5 soft"</command> - <children> - <node name="in"> - <properties> - <help>Clear via soft reconfig of inbound update</help> - </properties> - <command>vtysh -c "clear bgp ipv4 peer-group $5 soft in"</command> - </node> - <node name="out"> - <properties> - <help>Resend all outbound updates</help> - </properties> - <command>vtysh -c "clear bgp ipv4 peer-group $5 soft out"</command> - </node> - </children> - </node> + <command>vtysh -c "clear bgp vrf $5 $6"</command> + </leafNode> </children> </tagNode> </children> </node> <tagNode name="bgp"> <properties> - <help>Clear BGP neighbor IP address</help> + <help>BGP IPv4/IPv6 neighbor to clear</help> <completionHelp> <script>${vyos_completion_dir}/list_bgp_neighbors.sh --ipv4</script> </completionHelp> </properties> - <command>vtysh -c "clear bgp ipv4 $4"</command> + <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> <children> - <node name="in"> - <properties> - <help>Send route-refresh unless using 'soft-reconfiguration inbound'</help> - </properties> - <command>vtysh -c "clear bgp ipv4 $4 in"</command> - <children> - <leafNode name="prefix-filter"> - <properties> - <help>Push out prefix-list ORF and do inbound soft reconfig</help> - </properties> - <command>vtysh -c "clear bgp ipv4 $4 in prefix-filter"</command> - </leafNode> - </children> - </node> - <node name="out"> - <properties> - <help>Resend all outbound updates</help> - </properties> - <command>vtysh -c "clear bgp ipv4 $4 out"</command> - </node> - <node name="soft"> - <properties> - <help>Soft reconfig inbound and outbound updates</help> - </properties> - <command>vtysh -c "clear bgp ipv4 $4 soft"</command> - <children> - <node name="in"> - <properties> - <help>Clear via soft reconfig of inbound update</help> - </properties> - <command>vtysh -c "clear bgp ipv4 $4 soft in"</command> - </node> - <node name="out"> - <properties> - <help>Resend all outbound updates</help> - </properties> - <command>vtysh -c "clear bgp ipv4 $4 soft out"</command> - </node> - </children> - </node> + #include <include/bgp/reset-bgp-neighbor-options.xml.i> </children> </tagNode> </children> diff --git a/op-mode-definitions/reset-ipv6-bgp.xml.in b/op-mode-definitions/reset-ipv6-bgp.xml.in deleted file mode 100644 index 3c4275331..000000000 --- a/op-mode-definitions/reset-ipv6-bgp.xml.in +++ /dev/null @@ -1,62 +0,0 @@ -<?xml version="1.0"?> -<interfaceDefinition> - <node name="reset"> - <children> - <node name="ipv6"> - <children> - <tagNode name="bgp"> - <properties> - <help>Clear BGP neighbor IP address</help> - <completionHelp> - <script>${vyos_completion_dir}/list_bgp_neighbors.sh --ipv6</script> - </completionHelp> - </properties> - <command>vtysh -c "clear bgp ipv6 $4"</command> - <children> - <node name="in"> - <properties> - <help>Send route-refresh unless using 'soft-reconfiguration inbound'</help> - </properties> - <command>vtysh -c "clear bgp ipv6 $4 in"</command> - <children> - <leafNode name="prefix-filter"> - <properties> - <help>Push out prefix-list ORF and do inbound soft reconfig</help> - </properties> - <command>vtysh -c "clear bgp ipv6 $4 in prefix-filter"</command> - </leafNode> - </children> - </node> - <node name="out"> - <properties> - <help>Resend all outbound updates</help> - </properties> - <command>vtysh -c "clear bgp ipv6 $4 out"</command> - </node> - <node name="soft"> - <properties> - <help>Soft reconfig inbound and outbound updates</help> - </properties> - <command>vtysh -c "clear bgp ipv6 $4 soft"</command> - <children> - <node name="in"> - <properties> - <help>Clear via soft reconfig of inbound update</help> - </properties> - <command>vtysh -c "clear bgp ipv6 $4 soft in"</command> - </node> - <node name="out"> - <properties> - <help>Resend all outbound updates</help> - </properties> - <command>vtysh -c "clear bgp ipv6 $4 soft out"</command> - </node> - </children> - </node> - </children> - </tagNode> - </children> - </node> - </children> - </node> -</interfaceDefinition> diff --git a/op-mode-definitions/show-arp.xml.in b/op-mode-definitions/show-arp.xml.in index 12e7d3aa2..8662549fc 100644 --- a/op-mode-definitions/show-arp.xml.in +++ b/op-mode-definitions/show-arp.xml.in @@ -6,7 +6,7 @@ <properties> <help>Show Address Resolution Protocol (ARP) information</help> </properties> - <command>/usr/sbin/arp -e -n</command> + <command>${vyos_op_scripts_dir}/neighbor.py show --family inet</command> <children> <tagNode name="interface"> <properties> @@ -15,7 +15,7 @@ <script>${vyos_completion_dir}/list_interfaces.py -b</script> </completionHelp> </properties> - <command>/usr/sbin/arp -e -n -i "$4"</command> + <command>${vyos_op_scripts_dir}/neighbor.py show --family inet --interface "$4"</command> </tagNode> </children> </node> diff --git a/op-mode-definitions/show-bridge.xml.in b/op-mode-definitions/show-bridge.xml.in index 0f8d3064d..dd2a28931 100644 --- a/op-mode-definitions/show-bridge.xml.in +++ b/op-mode-definitions/show-bridge.xml.in @@ -11,7 +11,7 @@ <properties> <help>View the VLAN filter settings of the bridge</help> </properties> - <command>bridge -c vlan show</command> + <command>${vyos_op_scripts_dir}/bridge.py show_vlan</command> </leafNode> </children> </node> @@ -19,7 +19,7 @@ <properties> <help>Show bridging information</help> </properties> - <command>bridge -c link show</command> + <command>${vyos_op_scripts_dir}/bridge.py show</command> </leafNode> <tagNode name="bridge"> <properties> @@ -34,13 +34,13 @@ <properties> <help>Displays the multicast group database for the bridge</help> </properties> - <command>bridge -c mdb show dev $3</command> + <command>${vyos_op_scripts_dir}/bridge.py show_mdb --interface=$3</command> </leafNode> <leafNode name="fdb"> <properties> <help>Show the forwarding database of the bridge</help> </properties> - <command>bridge -c fdb show br $3</command> + <command>${vyos_op_scripts_dir}/bridge.py show_fdb --interface=$3</command> </leafNode> </children> </tagNode> diff --git a/op-mode-definitions/show-conntrack.xml.in b/op-mode-definitions/show-conntrack.xml.in new file mode 100644 index 000000000..4cdcffcdb --- /dev/null +++ b/op-mode-definitions/show-conntrack.xml.in @@ -0,0 +1,39 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="show"> + <children> + <node name="conntrack"> + <properties> + <help>Show conntrack tables entries</help> + </properties> + <children> + <node name="statistics"> + <properties> + <help>Show conntrack statistics</help> + </properties> + <command>sudo ${vyos_op_scripts_dir}/conntrack.py show_statistics</command> + </node> + <node name="table"> + <properties> + <help>Show conntrack entries for table</help> + </properties> + <children> + <node name="ipv4"> + <properties> + <help>Show conntrack entries for IPv4 protocol</help> + </properties> + <command>sudo ${vyos_op_scripts_dir}/conntrack.py show --family inet</command> + </node> + <node name="ipv6"> + <properties> + <help>Show conntrack entries for IPv6 protocol</help> + </properties> + <command>sudo ${vyos_op_scripts_dir}/conntrack.py show --family inet6</command> + </node> + </children> + </node> + </children> + </node> + </children> + </node> +</interfaceDefinition> diff --git a/op-mode-definitions/show-console-server.xml.in b/op-mode-definitions/show-console-server.xml.in index 253d15498..eae6fd536 100644 --- a/op-mode-definitions/show-console-server.xml.in +++ b/op-mode-definitions/show-console-server.xml.in @@ -8,7 +8,7 @@ <properties> <help>Show log for serial console server</help> </properties> - <command>/usr/bin/journalctl --unit conserver-server.service</command> + <command>journalctl --no-hostname --boot --follow --unit conserver-server.service</command> </leafNode> </children> </node> diff --git a/op-mode-definitions/show-hardware.xml.in b/op-mode-definitions/show-hardware.xml.in index 20fdd753d..ebd806ba5 100644 --- a/op-mode-definitions/show-hardware.xml.in +++ b/op-mode-definitions/show-hardware.xml.in @@ -9,21 +9,21 @@ <children> <node name="cpu"> <properties> - <help>Show CPU info</help> + <help>Show CPU informaion</help> </properties> - <command>lscpu</command> + <command>${vyos_op_scripts_dir}/cpu.py show</command> <children> <node name="detail"> <properties> - <help> Show system CPU details</help> + <help>Show system CPU details</help> </properties> <command>cat /proc/cpuinfo</command> </node> <node name="summary"> <properties> - <help>Show system CPUs</help> + <help>Show system CPUs summary</help> </properties> - <command>${vyos_op_scripts_dir}/cpu_summary.py</command> + <command>${vyos_op_scripts_dir}/cpu.py show_summary</command> </node> </children> </node> diff --git a/op-mode-definitions/show-interfaces-pppoe.xml.in b/op-mode-definitions/show-interfaces-pppoe.xml.in index 767836abf..09608bc04 100644 --- a/op-mode-definitions/show-interfaces-pppoe.xml.in +++ b/op-mode-definitions/show-interfaces-pppoe.xml.in @@ -17,7 +17,7 @@ <properties> <help>Show specified PPPoE interface log</help> </properties> - <command>/usr/bin/journalctl --unit "ppp@$4".service</command> + <command>journalctl --no-hostname --boot --follow --unit "ppp@$4".service</command> </leafNode> <leafNode name="statistics"> <properties> diff --git a/op-mode-definitions/show-interfaces-sstpc.xml.in b/op-mode-definitions/show-interfaces-sstpc.xml.in new file mode 100644 index 000000000..e66d3a0ac --- /dev/null +++ b/op-mode-definitions/show-interfaces-sstpc.xml.in @@ -0,0 +1,51 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="show"> + <children> + <node name="interfaces"> + <children> + <tagNode name="sstpc"> + <properties> + <help>Show specified SSTP client interface information</help> + <completionHelp> + <path>interfaces sstpc</path> + </completionHelp> + </properties> + <command>${vyos_op_scripts_dir}/show_interfaces.py --intf="$4"</command> + <children> + <leafNode name="log"> + <properties> + <help>Show specified SSTP client interface log</help> + </properties> + <command>journalctl --no-hostname --boot --follow --unit "ppp@$4".service</command> + </leafNode> + <leafNode name="statistics"> + <properties> + <help>Show specified SSTP client interface statistics</help> + <completionHelp> + <path>interfaces sstpc</path> + </completionHelp> + </properties> + <command>if [ -d "/sys/class/net/$4" ]; then /usr/sbin/pppstats "$4"; fi</command> + </leafNode> + </children> + </tagNode> + <node name="sstpc"> + <properties> + <help>Show SSTP client interface information</help> + </properties> + <command>${vyos_op_scripts_dir}/show_interfaces.py --intf-type=sstpc --action=show-brief</command> + <children> + <leafNode name="detail"> + <properties> + <help>Show detailed SSTP client interface information</help> + </properties> + <command>${vyos_op_scripts_dir}/show_interfaces.py --intf-type=sstpc --action=show</command> + </leafNode> + </children> + </node> + </children> + </node> + </children> + </node> +</interfaceDefinition> diff --git a/op-mode-definitions/show-interfaces-virtual-ethernet.xml.in b/op-mode-definitions/show-interfaces-virtual-ethernet.xml.in new file mode 100644 index 000000000..c70f1e3d1 --- /dev/null +++ b/op-mode-definitions/show-interfaces-virtual-ethernet.xml.in @@ -0,0 +1,42 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="show"> + <children> + <node name="interfaces"> + <children> + <tagNode name="virtual-ethernet"> + <properties> + <help>Show specified virtual-ethernet interface information</help> + <completionHelp> + <path>interfaces virtual-ethernet</path> + </completionHelp> + </properties> + <command>${vyos_op_scripts_dir}/show_interfaces.py --intf="$4"</command> + <children> + <leafNode name="brief"> + <properties> + <help>Show summary of the specified virtual-ethernet interface information</help> + </properties> + <command>${vyos_op_scripts_dir}/show_interfaces.py --intf="$4" --action=show-brief</command> + </leafNode> + </children> + </tagNode> + <node name="virtual-ethernet"> + <properties> + <help>Show virtual-ethernet interface information</help> + </properties> + <command>${vyos_op_scripts_dir}/show_interfaces.py --intf-type=virtual-ethernet --action=show-brief</command> + <children> + <leafNode name="detail"> + <properties> + <help>Show detailed virtual-ethernet interface information</help> + </properties> + <command>${vyos_op_scripts_dir}/show_interfaces.py --intf-type=virtual-ethernet --action=show</command> + </leafNode> + </children> + </node> + </children> + </node> + </children> + </node> +</interfaceDefinition> diff --git a/op-mode-definitions/show-ip.xml.in b/op-mode-definitions/show-ip.xml.in index 91564440d..0751c50cb 100644 --- a/op-mode-definitions/show-ip.xml.in +++ b/op-mode-definitions/show-ip.xml.in @@ -4,14 +4,34 @@ <children> <node name="ip"> <properties> - <help>Show IPv4 routing information</help> + <help>Show IPv4 networking information</help> </properties> <children> <node name="neighbors"> <properties> - <help>Show IPv4 Neighbor Discovery (ND) information</help> + <help>Show IPv4 neighbor (ARP) table</help> </properties> - <command>${vyos_op_scripts_dir}/show_neigh.py --family inet</command> + <command>${vyos_op_scripts_dir}/neighbor.py show --family inet</command> + <children> + <tagNode name="interface"> + <properties> + <help>Show IPv4 neighbor table for specified interface</help> + <completionHelp> + <script>${vyos_completion_dir}/list_interfaces.py -b</script> + </completionHelp> + </properties> + <command>${vyos_op_scripts_dir}/neighbor.py show --family inet --interface "$5"</command> + </tagNode> + <tagNode name="state"> + <properties> + <help>Show IPv4 neighbors with specified state</help> + <completionHelp> + <list>reachable stale failed permanent</list> + </completionHelp> + </properties> + <command>${vyos_op_scripts_dir}/neighbor.py show --family inet --state "$5"</command> + </tagNode> + </children> </node> </children> </node> diff --git a/op-mode-definitions/show-ipv6.xml.in b/op-mode-definitions/show-ipv6.xml.in index a59c8df0c..66bc2485a 100644 --- a/op-mode-definitions/show-ipv6.xml.in +++ b/op-mode-definitions/show-ipv6.xml.in @@ -4,7 +4,7 @@ <children> <node name="ipv6"> <properties> - <help>Show IPv6 routing information</help> + <help>Show IPv6 networking information</help> </properties> <children> <node name="access-list"> diff --git a/op-mode-definitions/show-log.xml.in b/op-mode-definitions/show-log.xml.in index 76879e5d6..64a54015b 100644 --- a/op-mode-definitions/show-log.xml.in +++ b/op-mode-definitions/show-log.xml.in @@ -32,6 +32,19 @@ </properties> <command>journalctl --no-hostname --boot --unit conntrackd.service</command> </leafNode> + <node name="ids"> + <properties> + <help>Show log for for Intrusion Detection System</help> + </properties> + <children> + <leafNode name="ddos-protection"> + <properties> + <help>Show log for DDOS protection</help> + </properties> + <command>journalctl --no-hostname --boot --unit fastnetmon.service</command> + </leafNode> + </children> + </node> <node name="dhcp"> <properties> <help>Show log for Dynamic Host Control Protocol (DHCP)</help> @@ -207,6 +220,23 @@ </properties> <command>journalctl --no-hostname --boot --unit opennhrp.service</command> </leafNode> + <node name="macsec"> + <properties> + <help>Show log for MACsec</help> + </properties> + <command>journalctl --no-hostname --boot --unit "wpa_supplicant-macsec@*.service"</command> + <children> + <tagNode name="interface"> + <properties> + <help>Show MACsec log on specific interface</help> + <completionHelp> + <script>${vyos_completion_dir}/list_interfaces.py -t macsec</script> + </completionHelp> + </properties> + <command>SRC=$(cli-shell-api returnValue interfaces macsec "$5" source-interface); journalctl --no-hostname --boot --unit "wpa_supplicant-macsec@$SRC.service"</command> + </tagNode> + </children> + </node> <node name="openvpn"> <properties> <help>Show log for OpenVPN</help> @@ -237,13 +267,13 @@ <script>${vyos_completion_dir}/list_interfaces.py -t pppoe</script> </completionHelp> </properties> - <command>journalctl --no-hostname --boot --unit "ppp@$6.service"</command> + <command>journalctl --no-hostname --boot --unit "ppp@$5.service"</command> </tagNode> </children> </node> <node name="protocol"> <properties> - <help>Show log for Routing Protocols</help> + <help>Show log for Routing Protocol</help> </properties> <children> <leafNode name="ospf"> @@ -320,6 +350,29 @@ </properties> <command>journalctl --no-hostname --boot --unit snmpd.service</command> </leafNode> + <leafNode name="ssh"> + <properties> + <help>Show log for Secure Shell (SSH)</help> + </properties> + <command>journalctl --no-hostname --boot --unit ssh.service</command> + </leafNode> + <node name="sstpc"> + <properties> + <help>Show log for SSTP client</help> + </properties> + <command>journalctl --no-hostname --boot --unit "ppp@sstpc*.service"</command> + <children> + <tagNode name="interface"> + <properties> + <help>Show SSTP client log on specific interface</help> + <completionHelp> + <script>${vyos_completion_dir}/list_interfaces.py -t sstpc</script> + </completionHelp> + </properties> + <command>journalctl --no-hostname --boot --unit "ppp@$5.service"</command> + </tagNode> + </children> + </node> <tagNode name="tail"> <properties> <help>Show last n changes to messages</help> @@ -344,19 +397,19 @@ <properties> <help>Show log for ALL</help> </properties> - <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep -e charon -e accel -e pptpd -e ppp</command> + <command>journalctl --no-hostname --boot --unit strongswan-starter.service --unit accel-ppp@*.service</command> </leafNode> <leafNode name="ipsec"> <properties> - <help>Show log for IPSec</help> + <help>Show log for IPsec</help> </properties> - <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep -e charon</command> + <command>journalctl --no-hostname --boot --unit strongswan-starter.service</command> </leafNode> <leafNode name="l2tp"> <properties> <help>Show log for L2TP</help> </properties> - <command>cat $(printf "%s\n" /var/log/messages* | sort -nr) | grep -e remote-access-aaa-win -e remote-access-zzz-mac -e accel-l2tp -e ppp</command> + <command>journalctl --no-hostname --boot --unit accel-ppp@l2tp.service</command> </leafNode> <leafNode name="pptp"> <properties> diff --git a/op-mode-definitions/show-rpki.xml.in b/op-mode-definitions/show-rpki.xml.in index f593e4803..c1902ccec 100644 --- a/op-mode-definitions/show-rpki.xml.in +++ b/op-mode-definitions/show-rpki.xml.in @@ -4,7 +4,7 @@ <children> <node name="rpki"> <properties> - <help>Show RPKI information</help> + <help>Show RPKI (Resource Public Key Infrastructure) information</help> </properties> <children> <leafNode name="cache-connection"> diff --git a/op-mode-definitions/show-system.xml.in b/op-mode-definitions/show-system.xml.in index 68b473bc1..4a0e6c3b2 100644 --- a/op-mode-definitions/show-system.xml.in +++ b/op-mode-definitions/show-system.xml.in @@ -53,7 +53,7 @@ <properties> <help>Show CPU information</help> </properties> - <command>${vyos_op_scripts_dir}/show_cpu.py</command> + <command>${vyos_op_scripts_dir}/cpu.py show</command> </leafNode> <leafNode name="kernel-messages"> <properties> @@ -104,7 +104,7 @@ <properties> <help>Show system memory usage</help> </properties> - <command>${vyos_op_scripts_dir}/show_ram.py</command> + <command>${vyos_op_scripts_dir}/memory.py show</command> <children> <leafNode name="cache"> <properties> @@ -142,7 +142,7 @@ <properties> <help>Show summary of system processes</help> </properties> - <command>${vyos_op_scripts_dir}/show_uptime.py</command> + <command>${vyos_op_scripts_dir}/uptime.py show</command> </leafNode> <leafNode name="tree"> <properties> @@ -162,13 +162,19 @@ <properties> <help>Show filesystem usage</help> </properties> - <command>df -h -x squashfs</command> + <command>${vyos_op_scripts_dir}/storage.py show</command> + </leafNode> + <leafNode name="updates"> + <properties> + <help>Show system available updates</help> + </properties> + <command>${vyos_op_scripts_dir}/system.py show_update</command> </leafNode> <leafNode name="uptime"> <properties> <help>Show system uptime and load averages</help> </properties> - <command>${vyos_op_scripts_dir}/show_uptime.py</command> + <command>${vyos_op_scripts_dir}/uptime.py show</command> </leafNode> </children> </node> diff --git a/op-mode-definitions/show-version.xml.in b/op-mode-definitions/show-version.xml.in index 8b7cc7e58..d9c4738af 100644 --- a/op-mode-definitions/show-version.xml.in +++ b/op-mode-definitions/show-version.xml.in @@ -6,13 +6,13 @@ <properties> <help>Show system version information</help> </properties> - <command>sudo ${vyos_op_scripts_dir}/show_version.py</command> + <command>sudo ${vyos_op_scripts_dir}/version.py show</command> <children> <leafNode name="funny"> <properties> <help>Show system version and some fun stuff</help> </properties> - <command>sudo ${vyos_op_scripts_dir}/show_version.py --funny</command> + <command>sudo ${vyos_op_scripts_dir}/version.py show --funny</command> </leafNode> <leafNode name="all"> <properties> diff --git a/op-mode-definitions/show-vrf.xml.in b/op-mode-definitions/show-vrf.xml.in index 9c38c30fe..9728eb1fa 100644 --- a/op-mode-definitions/show-vrf.xml.in +++ b/op-mode-definitions/show-vrf.xml.in @@ -4,9 +4,9 @@ <children> <node name="vrf"> <properties> - <help>Show VRF information</help> + <help>Show VRF (Virtual Routing and Forwarding) information</help> </properties> - <command>${vyos_op_scripts_dir}/show_vrf.py -e</command> + <command>${vyos_op_scripts_dir}/vrf.py show</command> </node> <tagNode name="vrf"> <properties> @@ -15,7 +15,7 @@ <path>vrf name</path> </completionHelp> </properties> - <command>${vyos_op_scripts_dir}/show_vrf.py -e "$3"</command> + <command>${vyos_op_scripts_dir}/vrf.py show --name="$3"</command> <children> <leafNode name="processes"> <properties> diff --git a/op-mode-definitions/show-zebra.xml.in b/op-mode-definitions/show-zebra.xml.in index b0ad37f49..69991a1d5 100644 --- a/op-mode-definitions/show-zebra.xml.in +++ b/op-mode-definitions/show-zebra.xml.in @@ -4,7 +4,7 @@ <children> <node name="zebra"> <properties> - <help>Zebra routing information</help> + <help>Show Zebra routing information</help> </properties> <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command> <children> diff --git a/op-mode-definitions/vpn-ipsec.xml.in b/op-mode-definitions/vpn-ipsec.xml.in index 3d997c143..803ce4cc2 100644 --- a/op-mode-definitions/vpn-ipsec.xml.in +++ b/op-mode-definitions/vpn-ipsec.xml.in @@ -19,16 +19,16 @@ <properties> <help>Reset a specific tunnel for given peer</help> </properties> - <command>sudo ${vyos_op_scripts_dir}/vpn_ipsec.py --action="reset-peer" --name="$4" --tunnel="$6"</command> + <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$4" --tunnel="$6"</command> </tagNode> <node name="vti"> <properties> <help>Reset the VTI tunnel for given peer</help> </properties> - <command>sudo ${vyos_op_scripts_dir}/vpn_ipsec.py --action="reset-peer" --name="$4" --tunnel="vti"</command> + <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$4" --tunnel="vti"</command> </node> </children> - <command>sudo ${vyos_op_scripts_dir}/vpn_ipsec.py --action="reset-peer" --name="$4" --tunnel="all"</command> + <command>sudo ${vyos_op_scripts_dir}/ipsec.py reset_peer --peer="$4" --tunnel="all"</command> </tagNode> <tagNode name="ipsec-profile"> <properties> @@ -55,9 +55,9 @@ <children> <node name="vpn"> <properties> - <help>Restart IPSec VPN</help> + <help>Restart the IPsec VPN process</help> </properties> - <command>if pgrep charon >/dev/null ; then sudo ipsec restart ; sleep 3 ; sudo swanctl -q ; else echo "IPSec process not running" ; fi</command> + <command>if pgrep charon >/dev/null ; then sudo ipsec restart ; sleep 3 ; sudo swanctl -q ; else echo "IPsec process not running" ; fi</command> </node> </children> </node> @@ -76,6 +76,9 @@ <tagNode name="peer"> <properties> <help>Show debugging information for a peer</help> + <completionHelp> + <path>vpn ipsec site-to-site peer</path> + </completionHelp> </properties> <children> <tagNode name="tunnel"> @@ -131,9 +134,15 @@ </node> <node name="ipsec"> <properties> - <help>Show Internet Protocol Security (IPSec) information</help> + <help>Show Internet Protocol Security (IPsec) information</help> </properties> <children> + <node name="connections"> + <properties> + <help>Show VPN connections</help> + </properties> + <command>sudo ${vyos_op_scripts_dir}/ipsec.py show_connections</command> + </node> <node name="policy"> <properties> <help>Show the in-kernel crypto policies</help> @@ -148,19 +157,19 @@ </leafNode> <node name="sa"> <properties> - <help>Show all active IPSec Security Associations (SA)</help> + <help>Show all active IPsec Security Associations (SA)</help> </properties> <children> <!-- <node name="detail"> <properties> - <help>Show Detail on all active IPSec Security Associations (SA)</help> + <help>Show Detail on all active IPsec Security Associations (SA)</help> </properties> <command></command> </node> <tagNode name="stats"> <properties> - <help>Show statistics for all currently active IPSec Security Associations (SA)</help> + <help>Show statistics for all currently active IPsec Security Associations (SA)</help> <valueHelp> <format>txt</format> <description>Show Statistics for SAs associated with a specific peer</description> @@ -179,12 +188,12 @@ --> <node name="verbose"> <properties> - <help>Show Verbose Detail on all active IPSec Security Associations (SA)</help> + <help>Show Verbose Detail on all active IPsec Security Associations (SA)</help> </properties> - <command>if pgrep charon >/dev/null ; then sudo /usr/sbin/ipsec statusall ; else echo "IPSec process not running" ; fi</command> + <command>if pgrep charon >/dev/null ; then sudo /usr/sbin/ipsec statusall ; else echo "IPsec process not running" ; fi</command> </node> </children> - <command>if pgrep charon >/dev/null ; then sudo ${vyos_op_scripts_dir}/show_ipsec_sa.py ; else echo "IPSec process not running" ; fi</command> + <command>if pgrep charon >/dev/null ; then sudo ${vyos_op_scripts_dir}/ipsec.py show_sa ; else echo "IPsec process not running" ; fi</command> </node> <node name="state"> <properties> @@ -194,9 +203,9 @@ </node> <node name="status"> <properties> - <help>Show status of IPSec process</help> + <help>Show status of IPsec process</help> </properties> - <command>if pgrep charon >/dev/null ; then echo -e "IPSec Process Running: $(pgrep charon)\n$(sudo /usr/sbin/ipsec status)" ; else echo "IPSec process not running" ; fi</command> + <command>if pgrep charon >/dev/null ; then echo -e "IPsec Process Running: $(pgrep charon)\n$(sudo /usr/sbin/ipsec status)" ; else echo "IPsec process not running" ; fi</command> </node> </children> </node> diff --git a/op-mode-definitions/webproxy.xml.in b/op-mode-definitions/webproxy.xml.in index f8ec8fb0a..5ae1577d8 100644 --- a/op-mode-definitions/webproxy.xml.in +++ b/op-mode-definitions/webproxy.xml.in @@ -12,7 +12,7 @@ <properties> <help>Monitor the last lines of the squid access log</help> </properties> - <command>if [ -f /var/log/squid3/access.log ]; then sudo tail --follow=name /var/log/squid3/access.log; else echo "WebProxy cache-log does not exist"; fi</command> + <command>if [ -f /var/log/squid/access.log ]; then sudo tail --follow=name /var/log/squid/access.log; else echo "WebProxy access-log does not exist"; fi</command> </node> <node name="background"> <properties> @@ -37,7 +37,7 @@ <properties> <help>Monitor the last lines of the squid cache log</help> </properties> - <command>if [ -f /var/log/squid3/cache.log ]; then sudo tail --follow=name /var/log/squid3/cache.log; else echo "WebProxy cache-log does not exist"; fi</command> + <command>if [ -f /var/log/squid/cache.log ]; then sudo tail --follow=name /var/log/squid/cache.log; else echo "WebProxy cache-log does not exist"; fi</command> </node> </children> </node> |