summaryrefslogtreecommitdiff
path: root/op-mode-definitions
diff options
context:
space:
mode:
Diffstat (limited to 'op-mode-definitions')
-rw-r--r--op-mode-definitions/generate-ipsec-profile.xml.in111
-rw-r--r--op-mode-definitions/generate-wireguard.xml.in6
-rw-r--r--op-mode-definitions/include/bgp/afi-common.xml.i19
-rw-r--r--op-mode-definitions/include/vtysh-generic-wide.xml.i8
-rw-r--r--op-mode-definitions/show-bgp.xml.in75
-rw-r--r--op-mode-definitions/show-vpn.xml.in20
-rw-r--r--op-mode-definitions/vpn-ipsec.xml.in8
7 files changed, 203 insertions, 44 deletions
diff --git a/op-mode-definitions/generate-ipsec-profile.xml.in b/op-mode-definitions/generate-ipsec-profile.xml.in
index d1e5efd20..be9227971 100644
--- a/op-mode-definitions/generate-ipsec-profile.xml.in
+++ b/op-mode-definitions/generate-ipsec-profile.xml.in
@@ -7,33 +7,49 @@
<help>Generate IPsec related configurations</help>
</properties>
<children>
- <tagNode name="mac-ios-profile">
+ <node name="profile">
<properties>
- <help>Generate Apple iOS profile from IPsec connection profile</help>
- <completionHelp>
- <path>vpn ipsec remote-access connection</path>
- </completionHelp>
+ <help>Generate IKEv2 IPSec remote-access VPN profiles</help>
</properties>
<children>
- <tagNode name="remote">
+ <tagNode name="ios-remote-access">
<properties>
- <help>Remote address where the client will connect to</help>
+ <help>Generate iOS profile for specified remote-access connection name</help>
<completionHelp>
- <list>&lt;fqdn&gt;</list>
- <script>${vyos_completion_dir}/list_local_ips.sh --both</script>
+ <path>vpn ipsec remote-access connection</path>
</completionHelp>
</properties>
- <command>${vyos_op_scripts_dir}/ikev2_profile_generator.py --connection "$4" --remote "$6"</command>
<children>
- <tagNode name="name">
+ <tagNode name="remote">
<properties>
- <help>Connection name as seen in the VPN application</help>
+ <help>Remote address where the client will connect to</help>
<completionHelp>
- <list>&lt;name&gt;</list>
+ <list>&lt;fqdn&gt;</list>
+ <script>${vyos_completion_dir}/list_local_ips.sh --both</script>
</completionHelp>
</properties>
- <command>${vyos_op_scripts_dir}/ikev2_profile_generator.py --connection "$4" --remote "$6" --name "$8"</command>
+ <command>${vyos_op_scripts_dir}/ikev2_profile_generator.py --os ios --connection "$5" --remote "$7"</command>
<children>
+ <tagNode name="name">
+ <properties>
+ <help>Connection name as seen in the VPN application</help>
+ <completionHelp>
+ <list>&lt;name&gt;</list>
+ </completionHelp>
+ </properties>
+ <command>${vyos_op_scripts_dir}/ikev2_profile_generator.py --os ios --connection "$5" --remote "$7" --name "$9"</command>
+ <children>
+ <tagNode name="profile">
+ <properties>
+ <help>Profile name as seen under system profiles</help>
+ <completionHelp>
+ <list>&lt;name&gt;</list>
+ </completionHelp>
+ </properties>
+ <command>${vyos_op_scripts_dir}/ikev2_profile_generator.py --os ios --connection "$5" --remote "$7" --name "$9" --profile "${11}"</command>
+ </tagNode>
+ </children>
+ </tagNode>
<tagNode name="profile">
<properties>
<help>Profile name as seen under system profiles</help>
@@ -41,18 +57,40 @@
<list>&lt;name&gt;</list>
</completionHelp>
</properties>
- <command>${vyos_op_scripts_dir}/ikev2_profile_generator.py --connection "$4" --remote "$6" --name "$8" --profile "${10}"</command>
+ <command>${vyos_op_scripts_dir}/ikev2_profile_generator.py --os ios --connection "$5" --remote "$7" --profile "$9"</command>
+ <children>
+ <tagNode name="name">
+ <properties>
+ <help>Connection name as seen in the VPN application</help>
+ <completionHelp>
+ <list>&lt;name&gt;</list>
+ </completionHelp>
+ </properties>
+ <command>${vyos_op_scripts_dir}/ikev2_profile_generator.py --os ios --connection "$5" --remote "$7" --profile "$9" --name "${11}"</command>
+ </tagNode>
+ </children>
</tagNode>
</children>
</tagNode>
- <tagNode name="profile">
+ </children>
+ </tagNode>
+ <tagNode name="windows-remote-access">
+ <properties>
+ <help>Generate iOS profile for specified remote-access connection name</help>
+ <completionHelp>
+ <path>vpn ipsec remote-access connection</path>
+ </completionHelp>
+ </properties>
+ <children>
+ <tagNode name="remote">
<properties>
- <help>Profile name as seen under system profiles</help>
+ <help>Remote address where the client will connect to</help>
<completionHelp>
- <list>&lt;name&gt;</list>
+ <list>&lt;fqdn&gt;</list>
+ <script>${vyos_completion_dir}/list_local_ips.sh --both</script>
</completionHelp>
</properties>
- <command>${vyos_op_scripts_dir}/ikev2_profile_generator.py --connection "$4" --remote "$6" --profile "$8"</command>
+ <command>${vyos_op_scripts_dir}/ikev2_profile_generator.py --os windows --connection "$5" --remote "$7"</command>
<children>
<tagNode name="name">
<properties>
@@ -61,14 +99,45 @@
<list>&lt;name&gt;</list>
</completionHelp>
</properties>
- <command>${vyos_op_scripts_dir}/ikev2_profile_generator.py --connection "$4" --remote "$6" --profile "$8" --name "${10}"</command>
+ <command>${vyos_op_scripts_dir}/ikev2_profile_generator.py --os windows --connection "$5" --remote "$7" --name "$9"</command>
+ <children>
+ <tagNode name="profile">
+ <properties>
+ <help>Profile name as seen under system profiles</help>
+ <completionHelp>
+ <list>&lt;name&gt;</list>
+ </completionHelp>
+ </properties>
+ <command>${vyos_op_scripts_dir}/ikev2_profile_generator.py --os windows --connection "$5" --remote "$7" --name "$9" --profile "${11}"</command>
+ </tagNode>
+ </children>
+ </tagNode>
+ <tagNode name="profile">
+ <properties>
+ <help>Profile name as seen under system profiles</help>
+ <completionHelp>
+ <list>&lt;name&gt;</list>
+ </completionHelp>
+ </properties>
+ <command>${vyos_op_scripts_dir}/ikev2_profile_generator.py --os windows --connection "$5" --remote "$7" --profile "$9"</command>
+ <children>
+ <tagNode name="name">
+ <properties>
+ <help>Connection name as seen in the VPN application</help>
+ <completionHelp>
+ <list>&lt;name&gt;</list>
+ </completionHelp>
+ </properties>
+ <command>${vyos_op_scripts_dir}/ikev2_profile_generator.py --os windows --connection "$5" --remote "$7" --profile "$9" --name "${11}"</command>
+ </tagNode>
+ </children>
</tagNode>
</children>
</tagNode>
</children>
</tagNode>
</children>
- </tagNode>
+ </node>
</children>
</node>
</children>
diff --git a/op-mode-definitions/generate-wireguard.xml.in b/op-mode-definitions/generate-wireguard.xml.in
index 6f9f62a30..6557b463b 100644
--- a/op-mode-definitions/generate-wireguard.xml.in
+++ b/op-mode-definitions/generate-wireguard.xml.in
@@ -59,6 +59,12 @@
</tagNode>
</children>
</tagNode>
+ <leafNode name="key-pair">
+ <properties>
+ <help>Generate Wireguard key pair for use with server or peer</help>
+ </properties>
+ <command>sudo ${vyos_op_scripts_dir}/pki.py --action generate --wireguard --key "noname"</command>
+ </leafNode>
</children>
</node>
</children>
diff --git a/op-mode-definitions/include/bgp/afi-common.xml.i b/op-mode-definitions/include/bgp/afi-common.xml.i
index e48482282..7fc59f3b0 100644
--- a/op-mode-definitions/include/bgp/afi-common.xml.i
+++ b/op-mode-definitions/include/bgp/afi-common.xml.i
@@ -31,10 +31,25 @@
</properties>
<command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command>
</leafNode>
-<leafNode name="summary">
+<node name="summary">
<properties>
<help>Summary of BGP neighbor status</help>
</properties>
<command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command>
-</leafNode>
+ <children>
+ <leafNode name="established">
+ <properties>
+ <help>Show only sessions in Established state</help>
+ </properties>
+ <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command>
+ </leafNode>
+ <leafNode name="failed">
+ <properties>
+ <help>Show only sessions not in Established state</help>
+ </properties>
+ <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command>
+ </leafNode>
+ </children>
+</node>
+#include <include/vtysh-generic-wide.xml.i>
<!-- included end -->
diff --git a/op-mode-definitions/include/vtysh-generic-wide.xml.i b/op-mode-definitions/include/vtysh-generic-wide.xml.i
new file mode 100644
index 000000000..acc68b4c0
--- /dev/null
+++ b/op-mode-definitions/include/vtysh-generic-wide.xml.i
@@ -0,0 +1,8 @@
+<!-- included start from vtysh-generic-wide.xml.i -->
+<leafNode name="wide">
+ <properties>
+ <help>Increase table width for longer prefixes</help>
+ </properties>
+ <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command>
+</leafNode>
+<!-- included end -->
diff --git a/op-mode-definitions/show-bgp.xml.in b/op-mode-definitions/show-bgp.xml.in
index 36e7062df..c33a9dacf 100644
--- a/op-mode-definitions/show-bgp.xml.in
+++ b/op-mode-definitions/show-bgp.xml.in
@@ -8,7 +8,81 @@
</properties>
<command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command>
<children>
+ <node name="cidr-only">
+ <properties>
+ <help>Display only routes with non-natural netmasks</help>
+ </properties>
+ <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command>
+ <children>
+ #include <include/vtysh-generic-wide.xml.i>
+ </children>
+ </node>
#include <include/bgp/show-bgp-common.xml.i>
+ <node name="mac">
+ <properties>
+ <help>MAC address</help>
+ </properties>
+ <children>
+ <leafNode name="hash">
+ <properties>
+ <help>MAC address database</help>
+ </properties>
+ <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command>
+ </leafNode>
+ </children>
+ </node>
+ <node name="martian">
+ <properties>
+ <help>martian next-hops</help>
+ </properties>
+ <children>
+ <leafNode name="next-hop">
+ <properties>
+ <help>martian next-hop database</help>
+ </properties>
+ <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command>
+ </leafNode>
+ </children>
+ </node>
+ <leafNode name="memory">
+ <properties>
+ <help>Global BGP memory statistics</help>
+ </properties>
+ <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command>
+ </leafNode>
+ <node name="nexthop">
+ <properties>
+ <help>Show BGP nexthop table</help>
+ </properties>
+ <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command>
+ <children>
+ #include <include/vtysh-generic-detail.xml.i>
+ </children>
+ </node>
+ <tagNode name="nexthop">
+ <properties>
+ <help>IPv4/IPv6 nexthop address</help>
+ <completionHelp>
+ <list>&lt;x.x.x.x&gt; &lt;h:h:h:h:h:h:h:h&gt;</list>
+ </completionHelp>
+ </properties>
+ <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command>
+ <children>
+ #include <include/vtysh-generic-detail.xml.i>
+ </children>
+ </tagNode>
+ <leafNode name="statistics">
+ <properties>
+ <help>BGP RIB advertisement statistics</help>
+ </properties>
+ <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command>
+ </leafNode>
+ <leafNode name="statistics-all">
+ <properties>
+ <help>Display number of prefixes for all afi/safi</help>
+ </properties>
+ <command>${vyos_op_scripts_dir}/vtysh_wrapper.sh $@</command>
+ </leafNode>
<leafNode name="vrf">
<properties>
<help>Show BGP VRF information</help>
@@ -28,6 +102,7 @@
#include <include/bgp/show-bgp-common.xml.i>
</children>
</tagNode>
+ #include <include/vtysh-generic-wide.xml.i>
</children>
</node>
</children>
diff --git a/op-mode-definitions/show-vpn.xml.in b/op-mode-definitions/show-vpn.xml.in
deleted file mode 100644
index 3fbc74ad1..000000000
--- a/op-mode-definitions/show-vpn.xml.in
+++ /dev/null
@@ -1,20 +0,0 @@
-<?xml version="1.0"?>
-<interfaceDefinition>
- <node name="show">
- <children>
- <node name="vpn">
- <properties>
- <help>Show active remote access Virtual Private Network (VPN) sessions</help>
- </properties>
- <children>
- <leafNode name="remote-access">
- <properties>
- <help>Show active VPN server sessions</help>
- </properties>
- <command>${vyos_op_scripts_dir}/show_vpn_ra.py</command>
- </leafNode>
- </children>
- </node>
- </children>
- </node>
-</interfaceDefinition>
diff --git a/op-mode-definitions/vpn-ipsec.xml.in b/op-mode-definitions/vpn-ipsec.xml.in
index 20f275e9b..3d997c143 100644
--- a/op-mode-definitions/vpn-ipsec.xml.in
+++ b/op-mode-definitions/vpn-ipsec.xml.in
@@ -140,6 +140,12 @@
</properties>
<command>sudo ip xfrm policy list</command>
</node>
+ <leafNode name="remote-access">
+ <properties>
+ <help>Show active VPN server sessions</help>
+ </properties>
+ <command>${vyos_op_scripts_dir}/show_vpn_ra.py</command>
+ </leafNode>
<node name="sa">
<properties>
<help>Show all active IPSec Security Associations (SA)</help>
@@ -178,7 +184,7 @@
<command>if pgrep charon >/dev/null ; then sudo /usr/sbin/ipsec statusall ; else echo "IPSec process not running" ; fi</command>
</node>
</children>
- <command>if pgrep charon >/dev/null ; then sudo /usr/libexec/vyos/op_mode/show_ipsec_sa.py ; else echo "IPSec process not running" ; fi</command>
+ <command>if pgrep charon >/dev/null ; then sudo ${vyos_op_scripts_dir}/show_ipsec_sa.py ; else echo "IPSec process not running" ; fi</command>
</node>
<node name="state">
<properties>
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-02 01:30:30 +0000