From e143e496e28b9d6d5803278fa76a14bf2bc2304e Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Mon, 13 Jan 2025 19:36:41 +0100 Subject: syslog: T6989: convert old configuration format to "advanced" --- src/conf_mode/system_option.py | 2 +- src/conf_mode/system_syslog.py | 14 +++++--------- 2 files changed, 6 insertions(+), 10 deletions(-) (limited to 'src/conf_mode') diff --git a/src/conf_mode/system_option.py b/src/conf_mode/system_option.py index e2832cde6..064a1aa91 100755 --- a/src/conf_mode/system_option.py +++ b/src/conf_mode/system_option.py @@ -86,7 +86,7 @@ def verify(options): if 'source_address' in config: if not is_addr_assigned(config['source_address']): - raise ConfigError('No interface with give address specified!') + raise ConfigError('No interface with given address specified!') if 'ssh_client' in options: config = options['ssh_client'] diff --git a/src/conf_mode/system_syslog.py b/src/conf_mode/system_syslog.py index eb2f02eb3..78840a5f5 100755 --- a/src/conf_mode/system_syslog.py +++ b/src/conf_mode/system_syslog.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2018-2024 VyOS maintainers and contributors +# Copyright (C) 2018-2025 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -22,15 +22,15 @@ from vyos.base import Warning from vyos.config import Config from vyos.configdict import is_node_changed from vyos.configverify import verify_vrf +from vyos.utils.network import is_addr_assigned from vyos.utils.process import call from vyos.template import render from vyos import ConfigError from vyos import airbag airbag.enable() -rsyslog_conf = '/etc/rsyslog.d/00-vyos.conf' +rsyslog_conf = '/run/rsyslog/rsyslog.conf' logrotate_conf = '/etc/logrotate.d/vyos-rsyslog' -systemd_override = r'/run/systemd/system/rsyslog.service.d/override.conf' def get_config(config=None): if config: @@ -70,8 +70,8 @@ def verify(syslog): if not syslog: return None - if 'host' in syslog: - for host, host_options in syslog['host'].items(): + if 'remote' in syslog: + for host, host_options in syslog['remote'].items(): if 'protocol' in host_options and host_options['protocol'] == 'udp': if 'format' in host_options and 'octet_counted' in host_options['format']: Warning(f'Syslog UDP transport for "{host}" should not use octet-counted format!') @@ -88,11 +88,7 @@ def generate(syslog): return None render(rsyslog_conf, 'rsyslog/rsyslog.conf.j2', syslog) - render(systemd_override, 'rsyslog/override.conf.j2', syslog) render(logrotate_conf, 'rsyslog/logrotate.j2', syslog) - - # Reload systemd manager configuration - call('systemctl daemon-reload') return None def apply(syslog): -- cgit v1.2.3 From 04d296a3446fa8488add17ce1ec7931d43c4a4d0 Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Mon, 13 Jan 2025 19:39:50 +0100 Subject: syslog: T6989: add new source-address CLI option for outgoing connections --- data/templates/rsyslog/rsyslog.conf.j2 | 4 ++++ interface-definitions/system_syslog.xml.in | 1 + src/conf_mode/system_syslog.py | 7 +++++++ 3 files changed, 12 insertions(+) (limited to 'src/conf_mode') diff --git a/data/templates/rsyslog/rsyslog.conf.j2 b/data/templates/rsyslog/rsyslog.conf.j2 index efb23ca7d..779ae8d04 100644 --- a/data/templates/rsyslog/rsyslog.conf.j2 +++ b/data/templates/rsyslog/rsyslog.conf.j2 @@ -113,6 +113,10 @@ if prifilt("{{ tmp | join(',') }}") then { template="SyslogProtocol23Format" {% endif %} TCP_Framing="{{ 'octed-counted' if remote_options.format.octet_counted is vyos_defined else 'traditional' }}" +{% if source_address is vyos_defined %} + # Sender IP address + Address="{{ source_address }}" +{% endif %} {% if vrf is vyos_defined %} Device="{{ vrf }}" {% endif %} diff --git a/interface-definitions/system_syslog.xml.in b/interface-definitions/system_syslog.xml.in index acc7b4747..f47a95f09 100644 --- a/interface-definitions/system_syslog.xml.in +++ b/interface-definitions/system_syslog.xml.in @@ -100,6 +100,7 @@ #include + #include #include diff --git a/src/conf_mode/system_syslog.py b/src/conf_mode/system_syslog.py index 78840a5f5..ce806a540 100755 --- a/src/conf_mode/system_syslog.py +++ b/src/conf_mode/system_syslog.py @@ -78,6 +78,13 @@ def verify(syslog): verify_vrf(syslog) + if 'source_address' in syslog: + syslog_vrf = None + if 'vrf' in syslog: + syslog_vrf = syslog['vrf'] + if not is_addr_assigned(syslog['source_address'], syslog_vrf): + raise ConfigError('No interface with given address specified!') + def generate(syslog): if not syslog: if os.path.exists(rsyslog_conf): -- cgit v1.2.3 From 20ab585a68982c4635c4e5a1ee5bbcc219feaebc Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Wed, 15 Jan 2025 20:38:43 +0100 Subject: syslog: T6989: move up "global preserve-fqdn" one level in CLI Move "global preserve-fqdn" one CLI level up, as it relates to all logging targets (console, global and remote). --- data/templates/rsyslog/rsyslog.conf.j2 | 8 ++++---- interface-definitions/system_syslog.xml.in | 24 ++++++++++++------------ smoketest/config-tests/basic-vyos | 2 +- smoketest/config-tests/bgp-big-as-cloud | 2 +- smoketest/scripts/cli/test_system_syslog.py | 2 +- src/conf_mode/system_syslog.py | 23 +++++++++++++---------- src/migration-scripts/system/28-to-29 | 7 +++++++ 7 files changed, 39 insertions(+), 29 deletions(-) (limited to 'src/conf_mode') diff --git a/data/templates/rsyslog/rsyslog.conf.j2 b/data/templates/rsyslog/rsyslog.conf.j2 index 779ae8d04..bc98329b2 100644 --- a/data/templates/rsyslog/rsyslog.conf.j2 +++ b/data/templates/rsyslog/rsyslog.conf.j2 @@ -51,13 +51,13 @@ global(workDirectory="/var/spool/rsyslog") # Load the immark module for periodic --MARK-- message capability module(load="immark" interval="{{ global.marker.interval }}") {% endif %} -{% if global.preserve_fqdn is vyos_defined %} +{% if preserve_fqdn is vyos_defined %} # Preserve the fully qualified domain name (FQDN) in log messages global(preserveFQDN="on") -{% endif %} -{% if global.local_host_name is vyos_defined %} +{% if preserve_fqdn.host_name is vyos_defined and preserve_fqdn.domain_name is vyos_defined %} # Set the local hostname for log messages -global(localHostname="{{ global.local_host_name }}") +global(localHostname="{{ preserve_fqdn.host_name }}.{{ preserve_fqdn.domain_name }}") +{% endif %} {% endif %} #### GLOBAL LOGGING #### diff --git a/interface-definitions/system_syslog.xml.in b/interface-definitions/system_syslog.xml.in index f47a95f09..09cfd3dd4 100644 --- a/interface-definitions/system_syslog.xml.in +++ b/interface-definitions/system_syslog.xml.in @@ -8,6 +8,14 @@ 400 + + + Log to system console (/dev/console) + + + #include + + Log to remote host @@ -84,22 +92,14 @@ - - - uses FQDN for logging - - - - + - Log to system console (/dev/console) + Always include domain portion in hostname + - - #include - - + #include #include diff --git a/smoketest/config-tests/basic-vyos b/smoketest/config-tests/basic-vyos index b6bb6ac67..eaa61c56d 100644 --- a/smoketest/config-tests/basic-vyos +++ b/smoketest/config-tests/basic-vyos @@ -95,7 +95,7 @@ set system syslog console facility mail level 'info' set system syslog global facility all level 'info' set system syslog global facility auth level 'info' set system syslog global facility local7 level 'debug' -set system syslog global preserve-fqdn +set system syslog preserve-fqdn set system syslog remote syslog.vyos.net facility auth level 'warning' set system syslog remote syslog.vyos.net facility local7 level 'notice' set system syslog remote syslog.vyos.net format octet-counted diff --git a/smoketest/config-tests/bgp-big-as-cloud b/smoketest/config-tests/bgp-big-as-cloud index d6c17b3d2..ff7549957 100644 --- a/smoketest/config-tests/bgp-big-as-cloud +++ b/smoketest/config-tests/bgp-big-as-cloud @@ -848,5 +848,5 @@ set system sflow interface 'eth0.4088' set system sflow interface 'eth0.4089' set system sflow server 1.2.3.4 port '1234' set system syslog global facility all level 'all' -set system syslog global preserve-fqdn +set system syslog preserve-fqdn set system time-zone 'Europe/Zurich' diff --git a/smoketest/scripts/cli/test_system_syslog.py b/smoketest/scripts/cli/test_system_syslog.py index de2e9b260..b1aaa53a5 100755 --- a/smoketest/scripts/cli/test_system_syslog.py +++ b/smoketest/scripts/cli/test_system_syslog.py @@ -86,7 +86,7 @@ class TestRSYSLOGService(VyOSUnitTestSHIM.TestCase): self.cli_set(['system', 'host-name', hostname]) self.cli_set(['system', 'domain-name', domain_name]) - self.cli_set(base_path + ['global', 'preserve-fqdn']) + self.cli_set(base_path + ['preserve-fqdn']) for tmp, tmp_options in facility.items(): level = tmp_options['level'] diff --git a/src/conf_mode/system_syslog.py b/src/conf_mode/system_syslog.py index ce806a540..6f6546fd1 100755 --- a/src/conf_mode/system_syslog.py +++ b/src/conf_mode/system_syslog.py @@ -53,16 +53,13 @@ def get_config(config=None): if syslog.from_defaults(['global']): del syslog['global'] - if ( - 'global' in syslog - and 'preserve_fqdn' in syslog['global'] - and conf.exists(['system', 'host-name']) - and conf.exists(['system', 'domain-name']) - ): - hostname = conf.return_value(['system', 'host-name']) - domain = conf.return_value(['system', 'domain-name']) - fqdn = f'{hostname}.{domain}' - syslog['global']['local_host_name'] = fqdn + if 'preserve_fqdn' in syslog: + if conf.exists(['system', 'host-name']): + tmp = conf.return_value(['system', 'host-name']) + syslog['preserve_fqdn']['host_name'] = tmp + if conf.exists(['system', 'domain-name']): + tmp = conf.return_value(['system', 'domain-name']) + syslog['preserve_fqdn']['domain_name'] = tmp return syslog @@ -70,6 +67,12 @@ def verify(syslog): if not syslog: return None + if 'preserve_fqdn' in syslog: + if 'host_name' not in syslog['preserve_fqdn']: + Warning('No "system host-name" defined - cannot set syslog FQDN!') + if 'domain_name' not in syslog['preserve_fqdn']: + Warning('No "system domain-name" defined - cannot set syslog FQDN!') + if 'remote' in syslog: for host, host_options in syslog['remote'].items(): if 'protocol' in host_options and host_options['protocol'] == 'udp': diff --git a/src/migration-scripts/system/28-to-29 b/src/migration-scripts/system/28-to-29 index 1addad035..dadfc994a 100644 --- a/src/migration-scripts/system/28-to-29 +++ b/src/migration-scripts/system/28-to-29 @@ -16,6 +16,7 @@ # T6989: # - remove syslog arbitrary file logging # - remove syslog user console logging +# - move "global preserve-fqdn" one CLI level up # - rename "host" to "remote" from vyos.configtree import ConfigTree @@ -34,6 +35,12 @@ def migrate(config: ConfigTree) -> None: if config.exists(base + ['user']): config.delete(base + ['user']) + # Move "global preserve-fqdn" one CLI level up, as it relates to all + # logging targets (console, global and remote) + if config.exists(base + ['global', 'preserve-fqdn']): + config.delete(base + ['global', 'preserve-fqdn']) + config.set(base + ['preserve-fqdn']) + # Rename host x.x.x.x -> remote x.x.x.x if config.exists(base + ['host']): config.set(base + ['remote']) -- cgit v1.2.3 From 211bc4a767564d1eb28b431e1529eb719bb721a9 Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Wed, 22 Jan 2025 20:52:52 +0100 Subject: syslog: T6989: rename "global" to "local" The previously "global" options actually were only relevant for the local logging to /var/log/messages. --- data/templates/rsyslog/rsyslog.conf.j2 | 6 +++--- interface-definitions/system_syslog.xml.in | 2 +- smoketest/config-tests/basic-api-service | 4 ++-- smoketest/config-tests/basic-vyos | 7 ++++--- smoketest/config-tests/basic-vyos-no-ntp | 4 ++-- smoketest/config-tests/bgp-azure-ipsec-gateway | 4 ++-- smoketest/config-tests/bgp-bfd-communities | 4 ++-- smoketest/config-tests/bgp-big-as-cloud | 2 +- smoketest/config-tests/bgp-dmvpn-hub | 4 ++-- smoketest/config-tests/bgp-dmvpn-spoke | 4 ++-- smoketest/config-tests/bgp-evpn-l2vpn-leaf | 4 ++-- smoketest/config-tests/bgp-evpn-l2vpn-spine | 4 ++-- smoketest/config-tests/bgp-evpn-l3vpn-pe-router | 4 ++-- smoketest/config-tests/bgp-medium-confederation | 4 ++-- smoketest/config-tests/bgp-rpki | 4 ++-- smoketest/config-tests/bgp-small-internet-exchange | 4 ++-- smoketest/config-tests/bgp-small-ipv4-unicast | 4 ++-- smoketest/config-tests/cluster-basic | 4 ++-- smoketest/config-tests/dialup-router-complex | 4 ++-- smoketest/config-tests/dialup-router-medium-vpn | 2 +- smoketest/config-tests/dialup-router-wireguard-ipv6 | 4 ++-- smoketest/config-tests/egp-igp-route-maps | 2 +- smoketest/config-tests/igmp-pim-small | 4 ++-- smoketest/config-tests/ipoe-server | 4 ++-- smoketest/config-tests/ipv6-disable | 4 ++-- smoketest/config-tests/isis-small | 4 ++-- smoketest/config-tests/nat-basic | 4 ++-- smoketest/config-tests/ospf-simple | 4 ++-- smoketest/config-tests/ospf-small | 4 ++-- smoketest/config-tests/pppoe-server | 4 ++-- smoketest/config-tests/qos-basic | 4 ++-- smoketest/config-tests/rip-router | 4 ++-- smoketest/config-tests/rpki-only | 4 ++-- smoketest/config-tests/static-route-basic | 4 ++-- smoketest/config-tests/tunnel-broker | 4 ++-- smoketest/config-tests/vpn-openconnect-sstp | 4 ++-- smoketest/config-tests/vrf-basic | 4 ++-- smoketest/config-tests/vrf-bgp-pppoe-underlay | 4 ++-- smoketest/config-tests/vrf-ospf | 4 ++-- smoketest/config-tests/wireless-basic | 4 ++-- smoketest/configs/basic-vyos | 1 + smoketest/scripts/cli/test_system_syslog.py | 2 +- src/conf_mode/system_syslog.py | 4 ++-- src/migration-scripts/system/28-to-29 | 10 ++++++++-- 44 files changed, 91 insertions(+), 83 deletions(-) (limited to 'src/conf_mode') diff --git a/data/templates/rsyslog/rsyslog.conf.j2 b/data/templates/rsyslog/rsyslog.conf.j2 index 26d62a23f..c2cb8a1ca 100644 --- a/data/templates/rsyslog/rsyslog.conf.j2 +++ b/data/templates/rsyslog/rsyslog.conf.j2 @@ -61,10 +61,10 @@ global(localHostname="{{ preserve_fqdn.host_name }}.{{ preserve_fqdn.domain_name {% endif %} #### GLOBAL LOGGING #### -{% if global.facility is vyos_defined %} +{% if local.facility is vyos_defined %} {% set tmp = [] %} -{% if global.facility is vyos_defined %} -{% for facility, facility_options in global.facility.items() %} +{% if local.facility is vyos_defined %} +{% for facility, facility_options in local.facility.items() %} {% set _ = tmp.append(facility.replace('all', '*') ~ "." ~ facility_options.level.replace('all', 'debug')) %} {% endfor %} if prifilt("{{ tmp | join(',') }}") then { diff --git a/interface-definitions/system_syslog.xml.in b/interface-definitions/system_syslog.xml.in index 1ee5a7687..0dbf5d497 100644 --- a/interface-definitions/system_syslog.xml.in +++ b/interface-definitions/system_syslog.xml.in @@ -65,7 +65,7 @@ - + Log to standard system location /var/log/messages diff --git a/smoketest/config-tests/basic-api-service b/smoketest/config-tests/basic-api-service index 3f796f35d..ca10cf4e9 100644 --- a/smoketest/config-tests/basic-api-service +++ b/smoketest/config-tests/basic-api-service @@ -24,5 +24,5 @@ set system console device ttyS0 speed '115200' set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$2Ta6TWHd/U$NmrX0x9kexCimeOcYK1MfhMpITF9ELxHcaBU/znBq.X2ukQOj61fVI2UYP/xBzP4QtiTcdkgs7WOQMHWsRymO/' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' diff --git a/smoketest/config-tests/basic-vyos b/smoketest/config-tests/basic-vyos index 94a4d139e..4793e069e 100644 --- a/smoketest/config-tests/basic-vyos +++ b/smoketest/config-tests/basic-vyos @@ -92,13 +92,14 @@ set system login user vyos authentication plaintext-password '' set system name-server '192.168.0.1' set system syslog console facility all level 'emerg' set system syslog console facility mail level 'info' -set system syslog global facility all level 'info' -set system syslog global facility auth level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility auth level 'info' +set system syslog local facility local7 level 'debug' set system syslog marker interval '1000' set system syslog preserve-fqdn set system syslog remote syslog.vyos.net facility auth level 'warning' set system syslog remote syslog.vyos.net facility local7 level 'notice' set system syslog remote syslog.vyos.net format octet-counted set system syslog remote syslog.vyos.net port '8000' +set system syslog remote syslog.vyos.net protocol 'tcp' set system time-zone 'Europe/Berlin' diff --git a/smoketest/config-tests/basic-vyos-no-ntp b/smoketest/config-tests/basic-vyos-no-ntp index a18260108..f00dea5d4 100644 --- a/smoketest/config-tests/basic-vyos-no-ntp +++ b/smoketest/config-tests/basic-vyos-no-ntp @@ -48,6 +48,6 @@ set system host-name 'no-ntp' set system login user vyos authentication encrypted-password '$6$r/Yw/07NXNY$/ZB.Rjf9jxEV.BYoDyLdH.kH14rU52pOBtrX.4S34qlPt77chflCHvpTCq9a6huLzwaMR50rEICzA5GoIRZlM0' set system login user vyos authentication plaintext-password '' set system name-server '172.16.254.30' -set system syslog global facility all level 'debug' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'debug' +set system syslog local facility local7 level 'debug' set system time-zone 'Europe/Berlin' diff --git a/smoketest/config-tests/bgp-azure-ipsec-gateway b/smoketest/config-tests/bgp-azure-ipsec-gateway index 91ec057a9..0d683c921 100644 --- a/smoketest/config-tests/bgp-azure-ipsec-gateway +++ b/smoketest/config-tests/bgp-azure-ipsec-gateway @@ -135,8 +135,8 @@ set system login user vyos authentication plaintext-password '' set system logs logrotate messages max-size '20' set system logs logrotate messages rotate '10' set system name-server '192.0.2.254' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' set system syslog remote 10.0.9.188 facility all level 'info' set system syslog remote 10.0.9.188 protocol 'udp' set system time-zone 'Europe/Berlin' diff --git a/smoketest/config-tests/bgp-bfd-communities b/smoketest/config-tests/bgp-bfd-communities index 6eee0137e..06e412c55 100644 --- a/smoketest/config-tests/bgp-bfd-communities +++ b/smoketest/config-tests/bgp-bfd-communities @@ -196,6 +196,6 @@ set system console device ttyS0 speed '115200' set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$2Ta6TWHd/U$NmrX0x9kexCimeOcYK1MfhMpITF9ELxHcaBU/znBq.X2ukQOj61fVI2UYP/xBzP4QtiTcdkgs7WOQMHWsRymO/' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' set system time-zone 'Europe/Berlin' diff --git a/smoketest/config-tests/bgp-big-as-cloud b/smoketest/config-tests/bgp-big-as-cloud index ff7549957..f71a51be3 100644 --- a/smoketest/config-tests/bgp-big-as-cloud +++ b/smoketest/config-tests/bgp-big-as-cloud @@ -847,6 +847,6 @@ set system name-server '192.0.2.2' set system sflow interface 'eth0.4088' set system sflow interface 'eth0.4089' set system sflow server 1.2.3.4 port '1234' -set system syslog global facility all level 'all' +set system syslog local facility all level 'all' set system syslog preserve-fqdn set system time-zone 'Europe/Zurich' diff --git a/smoketest/config-tests/bgp-dmvpn-hub b/smoketest/config-tests/bgp-dmvpn-hub index 99f3799a4..f9ceba11c 100644 --- a/smoketest/config-tests/bgp-dmvpn-hub +++ b/smoketest/config-tests/bgp-dmvpn-hub @@ -50,8 +50,8 @@ set system login user vyos authentication plaintext-password '' set system name-server '1.1.1.1' set system name-server '8.8.8.8' set system name-server '9.9.9.9' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' set vpn ipsec esp-group ESP-DMVPN lifetime '1800' set vpn ipsec esp-group ESP-DMVPN mode 'transport' set vpn ipsec esp-group ESP-DMVPN pfs 'dh-group2' diff --git a/smoketest/config-tests/bgp-dmvpn-spoke b/smoketest/config-tests/bgp-dmvpn-spoke index e4fb82a0e..a98275ba4 100644 --- a/smoketest/config-tests/bgp-dmvpn-spoke +++ b/smoketest/config-tests/bgp-dmvpn-spoke @@ -56,8 +56,8 @@ set system login user vyos authentication plaintext-password '' set system name-server '1.1.1.1' set system name-server '8.8.8.8' set system name-server '9.9.9.9' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' set vpn ipsec esp-group ESP-DMVPN lifetime '1800' set vpn ipsec esp-group ESP-DMVPN mode 'transport' set vpn ipsec esp-group ESP-DMVPN pfs 'dh-group2' diff --git a/smoketest/config-tests/bgp-evpn-l2vpn-leaf b/smoketest/config-tests/bgp-evpn-l2vpn-leaf index 315cb9e06..5e42a269e 100644 --- a/smoketest/config-tests/bgp-evpn-l2vpn-leaf +++ b/smoketest/config-tests/bgp-evpn-l2vpn-leaf @@ -48,8 +48,8 @@ set system console device ttyS0 speed '115200' set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' set vrf name MGMT protocols static route 0.0.0.0/0 next-hop 192.0.2.62 set vrf name MGMT protocols static route6 ::/0 next-hop 2001:db8::1 set vrf name MGMT table '1000' diff --git a/smoketest/config-tests/bgp-evpn-l2vpn-spine b/smoketest/config-tests/bgp-evpn-l2vpn-spine index dee29e021..e6d876af6 100644 --- a/smoketest/config-tests/bgp-evpn-l2vpn-spine +++ b/smoketest/config-tests/bgp-evpn-l2vpn-spine @@ -41,8 +41,8 @@ set system console device ttyS0 speed '115200' set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' set vrf name MGMT protocols static route 0.0.0.0/0 next-hop 192.0.2.62 set vrf name MGMT protocols static route6 ::/0 next-hop 2001:db8::1 set vrf name MGMT table '1000' diff --git a/smoketest/config-tests/bgp-evpn-l3vpn-pe-router b/smoketest/config-tests/bgp-evpn-l3vpn-pe-router index 7a2ec9f91..f867c221e 100644 --- a/smoketest/config-tests/bgp-evpn-l3vpn-pe-router +++ b/smoketest/config-tests/bgp-evpn-l3vpn-pe-router @@ -101,8 +101,8 @@ set system login user vyos authentication plaintext-password '' set system name-server '192.0.2.251' set system name-server '192.0.2.252' set system name-server '2001:db8::1' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' set vrf name blue protocols bgp address-family ipv4-unicast redistribute connected set vrf name blue protocols bgp address-family l2vpn-evpn advertise ipv4 unicast set vrf name blue protocols bgp system-as '100' diff --git a/smoketest/config-tests/bgp-medium-confederation b/smoketest/config-tests/bgp-medium-confederation index 582e28047..71797fe93 100644 --- a/smoketest/config-tests/bgp-medium-confederation +++ b/smoketest/config-tests/bgp-medium-confederation @@ -69,5 +69,5 @@ set system host-name 'vyos' set system ip protocol bgp route-map 'DEFAULT-ZEBRA-IN' set system login user vyos authentication encrypted-password '$6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'notice' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'notice' +set system syslog local facility local7 level 'debug' diff --git a/smoketest/config-tests/bgp-rpki b/smoketest/config-tests/bgp-rpki index 44e95ae98..587de67c6 100644 --- a/smoketest/config-tests/bgp-rpki +++ b/smoketest/config-tests/bgp-rpki @@ -39,5 +39,5 @@ set system console device ttyS0 speed '115200' set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$2Ta6TWHd/U$NmrX0x9kexCimeOcYK1MfhMpITF9ELxHcaBU/znBq.X2ukQOj61fVI2UYP/xBzP4QtiTcdkgs7WOQMHWsRymO/' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' diff --git a/smoketest/config-tests/bgp-small-internet-exchange b/smoketest/config-tests/bgp-small-internet-exchange index a9dce4dd5..2adb3fbb5 100644 --- a/smoketest/config-tests/bgp-small-internet-exchange +++ b/smoketest/config-tests/bgp-small-internet-exchange @@ -205,5 +205,5 @@ set system console device ttyS0 speed '115200' set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$2Ta6TWHd/U$NmrX0x9kexCimeOcYK1MfhMpITF9ELxHcaBU/znBq.X2ukQOj61fVI2UYP/xBzP4QtiTcdkgs7WOQMHWsRymO/' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' diff --git a/smoketest/config-tests/bgp-small-ipv4-unicast b/smoketest/config-tests/bgp-small-ipv4-unicast index b8c0e1246..f8820cb3c 100644 --- a/smoketest/config-tests/bgp-small-ipv4-unicast +++ b/smoketest/config-tests/bgp-small-ipv4-unicast @@ -28,5 +28,5 @@ set system domain-name 'vyos.net' set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'notice' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'notice' +set system syslog local facility local7 level 'debug' diff --git a/smoketest/config-tests/cluster-basic b/smoketest/config-tests/cluster-basic index 744c117eb..871b40bbb 100644 --- a/smoketest/config-tests/cluster-basic +++ b/smoketest/config-tests/cluster-basic @@ -16,6 +16,6 @@ set system console device ttyS0 speed '115200' set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' set system time-zone 'Antarctica/South_Pole' diff --git a/smoketest/config-tests/dialup-router-complex b/smoketest/config-tests/dialup-router-complex index 404bf342c..c356c73c0 100644 --- a/smoketest/config-tests/dialup-router-complex +++ b/smoketest/config-tests/dialup-router-complex @@ -734,7 +734,7 @@ set system name-server '172.16.254.30' set system option ctrl-alt-delete 'ignore' set system option reboot-on-panic set system option startup-beep -set system syslog global facility all level 'debug' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'debug' +set system syslog local facility local7 level 'debug' set system syslog remote 172.16.100.1 facility all level 'warning' set system time-zone 'Europe/Berlin' diff --git a/smoketest/config-tests/dialup-router-medium-vpn b/smoketest/config-tests/dialup-router-medium-vpn index b7187887b..ba3ed29f4 100644 --- a/smoketest/config-tests/dialup-router-medium-vpn +++ b/smoketest/config-tests/dialup-router-medium-vpn @@ -314,7 +314,7 @@ set system static-host-mapping host-name host107.vyos.net inet '192.168.0.107' set system static-host-mapping host-name host109.vyos.net inet '192.168.0.109' set system sysctl parameter net.core.default_qdisc value 'fq' set system sysctl parameter net.ipv4.tcp_congestion_control value 'bbr' -set system syslog global facility all level 'info' +set system syslog local facility all level 'info' set system syslog remote 192.168.0.252 facility all level 'debug' set system syslog remote 192.168.0.252 protocol 'udp' set system task-scheduler task Update-Blacklists executable path '/config/scripts/vyos-foo-update.script' diff --git a/smoketest/config-tests/dialup-router-wireguard-ipv6 b/smoketest/config-tests/dialup-router-wireguard-ipv6 index e4b8bcac4..269e9d722 100644 --- a/smoketest/config-tests/dialup-router-wireguard-ipv6 +++ b/smoketest/config-tests/dialup-router-wireguard-ipv6 @@ -691,7 +691,7 @@ set system option ctrl-alt-delete 'ignore' set system option performance 'network-latency' set system option reboot-on-panic set system option startup-beep -set system syslog global facility all level 'debug' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'debug' +set system syslog local facility local7 level 'debug' set system syslog remote 172.16.100.1 facility all level 'warning' set system time-zone 'Europe/Berlin' diff --git a/smoketest/config-tests/egp-igp-route-maps b/smoketest/config-tests/egp-igp-route-maps index fc46d25ff..222325cd7 100644 --- a/smoketest/config-tests/egp-igp-route-maps +++ b/smoketest/config-tests/egp-igp-route-maps @@ -42,5 +42,5 @@ set system login user vyos authentication plaintext-password '' set system logs logrotate messages max-size '1' set system logs logrotate messages rotate '5' set system name-server '192.168.0.1' -set system syslog global facility all level 'info' +set system syslog local facility all level 'info' set system time-zone 'Europe/Berlin' diff --git a/smoketest/config-tests/igmp-pim-small b/smoketest/config-tests/igmp-pim-small index 909c3d67b..06051af41 100644 --- a/smoketest/config-tests/igmp-pim-small +++ b/smoketest/config-tests/igmp-pim-small @@ -32,6 +32,6 @@ set system domain-name 'vyos.io' set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$2Ta6TWHd/U$NmrX0x9kexCimeOcYK1MfhMpITF9ELxHcaBU/znBq.X2ukQOj61fVI2UYP/xBzP4QtiTcdkgs7WOQMHWsRymO/' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' set system time-zone 'Europe/Berlin' diff --git a/smoketest/config-tests/ipoe-server b/smoketest/config-tests/ipoe-server index f4a12f502..c21495ab2 100644 --- a/smoketest/config-tests/ipoe-server +++ b/smoketest/config-tests/ipoe-server @@ -44,5 +44,5 @@ set system console device ttyS0 speed '115200' set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' diff --git a/smoketest/config-tests/ipv6-disable b/smoketest/config-tests/ipv6-disable index 40e34fa0c..5f906b5f7 100644 --- a/smoketest/config-tests/ipv6-disable +++ b/smoketest/config-tests/ipv6-disable @@ -27,5 +27,5 @@ set system login user vyos authentication encrypted-password '$6$2Ta6TWHd/U$NmrX set system login user vyos authentication plaintext-password '' set system name-server '172.16.254.20' set system name-server '172.16.254.30' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' diff --git a/smoketest/config-tests/isis-small b/smoketest/config-tests/isis-small index b322f4e29..e61d0362e 100644 --- a/smoketest/config-tests/isis-small +++ b/smoketest/config-tests/isis-small @@ -39,6 +39,6 @@ set system login user vyos authentication plaintext-password '' set service ntp server time1.vyos.net set service ntp server time2.vyos.net set service ntp server time3.vyos.net -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' set system time-zone 'Europe/Berlin' diff --git a/smoketest/config-tests/nat-basic b/smoketest/config-tests/nat-basic index 471add3b3..ba2b1b838 100644 --- a/smoketest/config-tests/nat-basic +++ b/smoketest/config-tests/nat-basic @@ -84,5 +84,5 @@ set system login user vyos authentication encrypted-password '$6$2Ta6TWHd/U$NmrX set system login user vyos authentication plaintext-password '' set system name-server '1.1.1.1' set system name-server '9.9.9.9' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' diff --git a/smoketest/config-tests/ospf-simple b/smoketest/config-tests/ospf-simple index 355709448..4273e4b8f 100644 --- a/smoketest/config-tests/ospf-simple +++ b/smoketest/config-tests/ospf-simple @@ -20,5 +20,5 @@ set system console device ttyS0 speed '115200' set system host-name 'lab-vyos-r1' set system login user vyos authentication encrypted-password '$6$R.OnGzfXSfl6J$Iba/hl9bmjBs0VPtZ2zdW.Snh/nHuvxUwi0R6ruypgW63iKEbicJH.uUst8xZCyByURblxRtjAC1lAnYfIt.b0' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' diff --git a/smoketest/config-tests/ospf-small b/smoketest/config-tests/ospf-small index a7f8b682c..af69e5702 100644 --- a/smoketest/config-tests/ospf-small +++ b/smoketest/config-tests/ospf-small @@ -77,6 +77,6 @@ set system sysctl parameter net.ipv4.igmp_max_memberships value '5' set system sysctl parameter net.ipv4.ipfrag_time value '4' set system sysctl parameter net.mpls.default_ttl value '10' set system sysctl parameter net.mpls.ip_ttl_propagate value '0' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' set system time-zone 'Europe/Berlin' diff --git a/smoketest/config-tests/pppoe-server b/smoketest/config-tests/pppoe-server index 34fbea215..e488fc746 100644 --- a/smoketest/config-tests/pppoe-server +++ b/smoketest/config-tests/pppoe-server @@ -43,5 +43,5 @@ set system console device ttyS0 speed '115200' set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' diff --git a/smoketest/config-tests/qos-basic b/smoketest/config-tests/qos-basic index 0e198b80c..655a5794e 100644 --- a/smoketest/config-tests/qos-basic +++ b/smoketest/config-tests/qos-basic @@ -71,5 +71,5 @@ set system console device ttyS0 speed '115200' set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$r/Yw/07NXNY$/ZB.Rjf9jxEV.BYoDyLdH.kH14rU52pOBtrX.4S34qlPt77chflCHvpTCq9a6huLzwaMR50rEICzA5GoIRZlM0' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' diff --git a/smoketest/config-tests/rip-router b/smoketest/config-tests/rip-router index 829aafbd5..d22f424a5 100644 --- a/smoketest/config-tests/rip-router +++ b/smoketest/config-tests/rip-router @@ -79,5 +79,5 @@ set system console device ttyS0 speed '115200' set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' diff --git a/smoketest/config-tests/rpki-only b/smoketest/config-tests/rpki-only index dcbc7673d..f3e2a74b9 100644 --- a/smoketest/config-tests/rpki-only +++ b/smoketest/config-tests/rpki-only @@ -38,5 +38,5 @@ set system console device ttyS0 speed '115200' set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$r/Yw/07NXNY$/ZB.Rjf9jxEV.BYoDyLdH.kH14rU52pOBtrX.4S34qlPt77chflCHvpTCq9a6huLzwaMR50rEICzA5GoIRZlM0' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'debug' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'debug' +set system syslog local facility local7 level 'debug' diff --git a/smoketest/config-tests/static-route-basic b/smoketest/config-tests/static-route-basic index d2d33d043..a6135d2c4 100644 --- a/smoketest/config-tests/static-route-basic +++ b/smoketest/config-tests/static-route-basic @@ -32,6 +32,6 @@ set system console device ttyS0 speed '115200' set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' set system time-zone 'Asia/Macau' diff --git a/smoketest/config-tests/tunnel-broker b/smoketest/config-tests/tunnel-broker index ee6301c85..5518c303b 100644 --- a/smoketest/config-tests/tunnel-broker +++ b/smoketest/config-tests/tunnel-broker @@ -71,5 +71,5 @@ set system console device ttyS0 speed '115200' set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' diff --git a/smoketest/config-tests/vpn-openconnect-sstp b/smoketest/config-tests/vpn-openconnect-sstp index 28d7d5daa..e7969f633 100644 --- a/smoketest/config-tests/vpn-openconnect-sstp +++ b/smoketest/config-tests/vpn-openconnect-sstp @@ -16,8 +16,8 @@ set system console device ttyS0 speed '115200' set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$2Ta6TWHd/U$NmrX0x9kexCimeOcYK1MfhMpITF9ELxHcaBU/znBq.X2ukQOj61fVI2UYP/xBzP4QtiTcdkgs7WOQMHWsRymO/' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' set vpn openconnect authentication local-users username test password 'test' set vpn openconnect authentication mode local 'password' set vpn openconnect network-settings client-ip-settings subnet '192.168.160.0/24' diff --git a/smoketest/config-tests/vrf-basic b/smoketest/config-tests/vrf-basic index 1d2874a60..0c4e49c52 100644 --- a/smoketest/config-tests/vrf-basic +++ b/smoketest/config-tests/vrf-basic @@ -35,8 +35,8 @@ set system console device ttyS0 speed '115200' set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' set system time-zone 'Europe/Berlin' set vrf name green protocols static route 20.0.0.0/8 next-hop 1.1.1.1 interface 'eth1' set vrf name green protocols static route 20.0.0.0/8 next-hop 1.1.1.1 vrf 'default' diff --git a/smoketest/config-tests/vrf-bgp-pppoe-underlay b/smoketest/config-tests/vrf-bgp-pppoe-underlay index bd64c914a..e3c765a9a 100644 --- a/smoketest/config-tests/vrf-bgp-pppoe-underlay +++ b/smoketest/config-tests/vrf-bgp-pppoe-underlay @@ -143,8 +143,8 @@ set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0' set system login user vyos authentication plaintext-password '' set system name-server '192.168.0.1' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' set system time-zone 'Europe/Berlin' set vrf bind-to-all set vrf name vyos-test-01 protocols bgp address-family ipv4-unicast network 100.64.50.0/23 diff --git a/smoketest/config-tests/vrf-ospf b/smoketest/config-tests/vrf-ospf index fd14615e0..53207d565 100644 --- a/smoketest/config-tests/vrf-ospf +++ b/smoketest/config-tests/vrf-ospf @@ -28,8 +28,8 @@ set system console device ttyS0 speed '115200' set system host-name 'vyos' set system login user vyos authentication encrypted-password '$6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0' set system login user vyos authentication plaintext-password '' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' set system time-zone 'Europe/Berlin' set vrf name blue protocols ospf area 0 network '172.18.201.0/24' set vrf name blue protocols ospf interface eth2 authentication md5 key-id 30 md5-key 'vyoskey456' diff --git a/smoketest/config-tests/wireless-basic b/smoketest/config-tests/wireless-basic index d9e6c8fac..e424b2b0f 100644 --- a/smoketest/config-tests/wireless-basic +++ b/smoketest/config-tests/wireless-basic @@ -20,6 +20,6 @@ set system console device ttyS0 speed '115200' set system domain-name 'dev.vyos.net' set system host-name 'WR1' set system login user vyos authentication encrypted-password '$6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0' -set system syslog global facility all level 'info' -set system syslog global facility local7 level 'debug' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' set system wireless country-code 'es' diff --git a/smoketest/configs/basic-vyos b/smoketest/configs/basic-vyos index 527e620da..a6cd3b6e1 100644 --- a/smoketest/configs/basic-vyos +++ b/smoketest/configs/basic-vyos @@ -254,6 +254,7 @@ system { format { octet-counted } + protocol tcp port 8000 } } diff --git a/smoketest/scripts/cli/test_system_syslog.py b/smoketest/scripts/cli/test_system_syslog.py index 1233bf12b..5a09fab18 100755 --- a/smoketest/scripts/cli/test_system_syslog.py +++ b/smoketest/scripts/cli/test_system_syslog.py @@ -89,7 +89,7 @@ class TestRSYSLOGService(VyOSUnitTestSHIM.TestCase): for tmp, tmp_options in facility.items(): level = tmp_options['level'] - self.cli_set(base_path + ['global', 'facility', tmp, 'level', level]) + self.cli_set(base_path + ['local', 'facility', tmp, 'level', level]) self.cli_commit() diff --git a/src/conf_mode/system_syslog.py b/src/conf_mode/system_syslog.py index 6f6546fd1..f27c27e0b 100755 --- a/src/conf_mode/system_syslog.py +++ b/src/conf_mode/system_syslog.py @@ -50,8 +50,8 @@ def get_config(config=None): if tmp: syslog.update({'restart_required': {}}) syslog = conf.merge_defaults(syslog, recursive=True) - if syslog.from_defaults(['global']): - del syslog['global'] + if syslog.from_defaults(['local']): + del syslog['local'] if 'preserve_fqdn' in syslog: if conf.exists(['system', 'host-name']): diff --git a/src/migration-scripts/system/28-to-29 b/src/migration-scripts/system/28-to-29 index 9716e9e90..2ccd4b9c0 100644 --- a/src/migration-scripts/system/28-to-29 +++ b/src/migration-scripts/system/28-to-29 @@ -37,8 +37,9 @@ def migrate(config: ConfigTree) -> None: # Move "global preserve-fqdn" one CLI level up, as it relates to all # logging targets (console, global and remote) - if config.exists(base + ['global', 'preserve-fqdn']): - config.delete(base + ['global', 'preserve-fqdn']) + preserve_fqdn_base = base + ['global', 'preserve-fqdn'] + if config.exists(preserve_fqdn_base): + config.delete(preserve_fqdn_base) config.set(base + ['preserve-fqdn']) # Move "global marker" one CLI level up, as it relates to all @@ -48,6 +49,11 @@ def migrate(config: ConfigTree) -> None: config.copy(marker_base, base + ['marker']) config.delete(marker_base) + # Rename "global" -> "local" as this describes what is logged locally + # on the router to a file on the filesystem + if config.exists(base + ['global']): + config.rename(base + ['global'], 'local') + # Rename host x.x.x.x -> remote x.x.x.x if config.exists(base + ['host']): config.set(base + ['remote']) -- cgit v1.2.3 From 5a7a9f3a20e19a52572ce1b9b214528b6ce958ce Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Sat, 18 Jan 2025 20:28:16 +0100 Subject: syslog: T6989: add possibility to define VRF per remote Rsyslog supports individual VRFs per omfwd remote entry - so we should support this, too. --- data/templates/rsyslog/rsyslog.conf.j2 | 10 ++--- interface-definitions/system_syslog.xml.in | 14 +++--- smoketest/config-tests/basic-syslog | 25 +++++++++++ smoketest/configs/basic-syslog | 70 +++++++++++++++++++++++++++++ smoketest/scripts/cli/test_system_syslog.py | 65 ++++++++++++++++++++++++++- src/conf_mode/system_syslog.py | 46 +++++++++---------- src/migration-scripts/system/28-to-29 | 7 +++ 7 files changed, 201 insertions(+), 36 deletions(-) create mode 100644 smoketest/config-tests/basic-syslog create mode 100644 smoketest/configs/basic-syslog (limited to 'src/conf_mode') diff --git a/data/templates/rsyslog/rsyslog.conf.j2 b/data/templates/rsyslog/rsyslog.conf.j2 index daaafa6d1..45742b073 100644 --- a/data/templates/rsyslog/rsyslog.conf.j2 +++ b/data/templates/rsyslog/rsyslog.conf.j2 @@ -106,12 +106,11 @@ if prifilt("{{ tmp | join(',') }}") then { template="SyslogProtocol23Format" {% endif %} TCP_Framing="{{ 'octed-counted' if remote_options.format.octet_counted is vyos_defined else 'traditional' }}" -{% if source_address is vyos_defined %} - # Sender IP address - Address="{{ source_address }}" +{% if remote_options.source_address is vyos_defined %} + Address="{{ remote_options.source_address }}" {% endif %} -{% if vrf is vyos_defined %} - Device="{{ vrf }}" +{% if remote_options.vrf is vyos_defined %} + Device="{{ remote_options.vrf }}" {% endif %} ) } @@ -121,3 +120,4 @@ if prifilt("{{ tmp | join(',') }}") then { # Include all configuration files in /etc/rsyslog.d/ include(file="/etc/rsyslog.d/*.conf") + diff --git a/interface-definitions/system_syslog.xml.in b/interface-definitions/system_syslog.xml.in index 0dbf5d497..91fb680e0 100644 --- a/interface-definitions/system_syslog.xml.in +++ b/interface-definitions/system_syslog.xml.in @@ -38,11 +38,6 @@ - #include - - 514 - - #include #include @@ -63,6 +58,13 @@ + #include + + 514 + + #include + #include + #include @@ -100,8 +102,6 @@ - #include - #include diff --git a/smoketest/config-tests/basic-syslog b/smoketest/config-tests/basic-syslog new file mode 100644 index 000000000..349d642fd --- /dev/null +++ b/smoketest/config-tests/basic-syslog @@ -0,0 +1,25 @@ +set interfaces ethernet eth0 duplex 'auto' +set interfaces ethernet eth0 speed 'auto' +set interfaces ethernet eth1 address '172.16.33.154/24' +set interfaces ethernet eth1 duplex 'auto' +set interfaces ethernet eth1 speed 'auto' +set interfaces ethernet eth1 vrf 'red' +set system console device ttyS0 speed '115200' +set system domain-name 'vyos-ci-test.net' +set system host-name 'vyos' +set system login user vyos authentication encrypted-password '$6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0' +set system login user vyos authentication plaintext-password '' +set system syslog local facility all level 'info' +set system syslog local facility local7 level 'debug' +set system syslog marker interval '999' +set system syslog preserve-fqdn +set system syslog remote syslog01.vyos.net facility local7 level 'notice' +set system syslog remote syslog01.vyos.net port '8000' +set system syslog remote syslog01.vyos.net vrf 'red' +set system syslog remote syslog02.vyos.net facility all level 'debug' +set system syslog remote syslog02.vyos.net format include-timezone +set system syslog remote syslog02.vyos.net format octet-counted +set system syslog remote syslog02.vyos.net port '8001' +set system syslog remote syslog02.vyos.net protocol 'tcp' +set system syslog remote syslog02.vyos.net vrf 'red' +set vrf name red table '12321' diff --git a/smoketest/configs/basic-syslog b/smoketest/configs/basic-syslog new file mode 100644 index 000000000..9336b73bc --- /dev/null +++ b/smoketest/configs/basic-syslog @@ -0,0 +1,70 @@ +interfaces { + ethernet eth0 { + duplex "auto" + speed "auto" + } + ethernet eth1 { + address 172.16.33.154/24 + duplex auto + speed auto + vrf red + } +} +system { + console { + device ttyS0 { + speed 115200 + } + } + domain-name vyos-ci-test.net + host-name vyos + login { + user vyos { + authentication { + encrypted-password $6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0 + plaintext-password "" + } + } + } + syslog { + global { + facility all { + level info + } + facility local7 { + level debug + } + marker { + interval 999 + } + preserve-fqdn + } + host syslog01.vyos.net { + facility local7 { + level notice + } + port 8000 + } + host syslog02.vyos.net { + facility all { + level debug + } + format { + include-timezone + octet-counted + } + protocol tcp + port 8001 + } + vrf red + } +} +vrf { + name red { + table 12321 + } +} + +// Warning: Do not remove the following line. +// vyos-config-version: "bgp@5:broadcast-relay@1:cluster@2:config-management@1:conntrack@5:conntrack-sync@2:container@2:dhcp-relay@2:dhcp-server@8:dhcpv6-server@1:dns-dynamic@4:dns-forwarding@4:firewall@15:flow-accounting@1:https@6:ids@1:interfaces@32:ipoe-server@3:ipsec@13:isis@3:l2tp@9:lldp@2:mdns@1:monitoring@1:nat@8:nat66@3:ntp@3:openconnect@3:ospf@2:pim@1:policy@8:pppoe-server@10:pptp@5:qos@2:quagga@11:reverse-proxy@1:rip@1:rpki@2:salt@1:snmp@3:ssh@2:sstp@6:system@27:vrf@3:vrrp@4:vyos-accel-ppp@2:wanloadbalance@3:webproxy@2" +// Release version: 1.4.0 diff --git a/smoketest/scripts/cli/test_system_syslog.py b/smoketest/scripts/cli/test_system_syslog.py index 5a09fab18..bf6d3134d 100755 --- a/smoketest/scripts/cli/test_system_syslog.py +++ b/smoketest/scripts/cli/test_system_syslog.py @@ -14,7 +14,6 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . -import re import unittest from base_vyostest_shim import VyOSUnitTestSHIM @@ -47,6 +46,7 @@ class TestRSYSLOGService(VyOSUnitTestSHIM.TestCase): # ensure we can also run this test on a live system - so lets clean # out the current configuration :) cls.cli_delete(cls, base_path) + cls.cli_delete(cls, ['vrf']) def tearDown(self): # Check for running process @@ -204,5 +204,68 @@ class TestRSYSLOGService(VyOSUnitTestSHIM.TestCase): else: self.assertIn( ' TCP_Framing="traditional"', config) + def test_vrf_source_address(self): + rhosts = { + '169.254.0.10': { }, + '169.254.0.11': { + 'vrf': {'name' : 'red', 'table' : '12321'}, + 'source_address' : '169.254.0.11', + }, + '169.254.0.12': { + 'vrf': {'name' : 'green', 'table' : '12322'}, + 'source_address' : '169.254.0.12', + }, + '169.254.0.13': { + 'vrf': {'name' : 'blue', 'table' : '12323'}, + 'source_address' : '169.254.0.13', + }, + } + + for remote, remote_options in rhosts.items(): + remote_base = base_path + ['remote', remote] + self.cli_set(remote_base + ['facility', 'all']) + + vrf = None + if 'vrf' in remote_options: + vrf = remote_options['vrf']['name'] + self.cli_set(['vrf', 'name', vrf, 'table', remote_options['vrf']['table']]) + self.cli_set(remote_base + ['vrf', vrf]) + + if 'source_address' in remote_options: + source_address = remote_options['source_address'] + self.cli_set(remote_base + ['source-address', source_address]) + + idx = source_address.split('.')[-1] + self.cli_set(['interfaces', 'dummy', f'dum{idx}', 'address', f'{source_address}/32']) + if vrf: + self.cli_set(['interfaces', 'dummy', f'dum{idx}', 'vrf', vrf]) + + + self.cli_commit() + config = read_file(RSYSLOG_CONF) + + for remote, remote_options in rhosts.items(): + config = get_config(f'# Remote syslog to {remote}') + + self.assertIn(f'target="{remote}"', config) + if 'vrf' in remote_options: + vrf = remote_options['vrf']['name'] + self.assertIn(f'Device="{vrf}"', config) + + if 'source_address' in remote_options: + source_address = remote_options['source_address'] + self.assertIn(f'Address="{source_address}"', config) + + # Cleanup VRF/Dummy interfaces + for remote, remote_options in rhosts.items(): + if 'vrf' in remote_options: + vrf = remote_options['vrf']['name'] + self.cli_delete(['vrf', 'name', vrf]) + + if 'source_address' in remote_options: + source_address = remote_options['source_address'] + idx = source_address.split('.')[-1] + self.cli_delete(['interfaces', 'dummy', f'dum{idx}']) + if __name__ == '__main__': unittest.main(verbosity=2) diff --git a/src/conf_mode/system_syslog.py b/src/conf_mode/system_syslog.py index f27c27e0b..00c571ea9 100755 --- a/src/conf_mode/system_syslog.py +++ b/src/conf_mode/system_syslog.py @@ -20,11 +20,12 @@ from sys import exit from vyos.base import Warning from vyos.config import Config -from vyos.configdict import is_node_changed from vyos.configverify import verify_vrf from vyos.utils.network import is_addr_assigned from vyos.utils.process import call from vyos.template import render +from vyos.template import is_ipv4 +from vyos.template import is_ipv6 from vyos import ConfigError from vyos import airbag airbag.enable() @@ -46,9 +47,6 @@ def get_config(config=None): syslog.update({ 'logrotate' : logrotate_conf }) - tmp = is_node_changed(conf, base + ['vrf']) - if tmp: syslog.update({'restart_required': {}}) - syslog = conf.merge_defaults(syslog, recursive=True) if syslog.from_defaults(['local']): del syslog['local'] @@ -74,19 +72,26 @@ def verify(syslog): Warning('No "system domain-name" defined - cannot set syslog FQDN!') if 'remote' in syslog: - for host, host_options in syslog['remote'].items(): - if 'protocol' in host_options and host_options['protocol'] == 'udp': - if 'format' in host_options and 'octet_counted' in host_options['format']: - Warning(f'Syslog UDP transport for "{host}" should not use octet-counted format!') - - verify_vrf(syslog) - - if 'source_address' in syslog: - syslog_vrf = None - if 'vrf' in syslog: - syslog_vrf = syslog['vrf'] - if not is_addr_assigned(syslog['source_address'], syslog_vrf): - raise ConfigError('No interface with given address specified!') + for remote, remote_options in syslog['remote'].items(): + if 'protocol' in remote_options and remote_options['protocol'] == 'udp': + if 'format' in remote_options and 'octet_counted' in remote_options['format']: + Warning(f'Syslog UDP transport for "{remote}" should not use octet-counted format!') + + if 'vrf' in remote_options: + verify_vrf(remote_options) + + if 'source_address' in remote_options: + vrf = None + if 'vrf' in remote_options: + vrf = remote_options['vrf'] + if not is_addr_assigned(remote_options['source_address'], vrf): + raise ConfigError('No interface with given address specified!') + + source_address = remote_options['source_address'] + if ((is_ipv4(remote) and is_ipv6(source_address)) or + (is_ipv6(remote) and is_ipv4(source_address))): + raise ConfigError(f'Source-address "{source_address}" does not match '\ + f'address-family of remote "{remote}"!') def generate(syslog): if not syslog: @@ -108,12 +113,7 @@ def apply(syslog): call(f'systemctl stop {systemd_service} {systemd_socket}') return None - # we need to restart the service if e.g. the VRF name changed - systemd_action = 'reload-or-restart' - if 'restart_required' in syslog: - systemd_action = 'restart' - - call(f'systemctl {systemd_action} {systemd_service}') + call(f'systemctl reload-or-restart {systemd_service}') return None if __name__ == '__main__': diff --git a/src/migration-scripts/system/28-to-29 b/src/migration-scripts/system/28-to-29 index 2ccd4b9c0..ccf7056c4 100644 --- a/src/migration-scripts/system/28-to-29 +++ b/src/migration-scripts/system/28-to-29 @@ -54,6 +54,11 @@ def migrate(config: ConfigTree) -> None: if config.exists(base + ['global']): config.rename(base + ['global'], 'local') + vrf = '' + if config.exists(base + ['vrf']): + vrf = config.return_value(base + ['vrf']) + config.delete(base + ['vrf']) + # Rename host x.x.x.x -> remote x.x.x.x if config.exists(base + ['host']): config.set(base + ['remote']) @@ -61,4 +66,6 @@ def migrate(config: ConfigTree) -> None: for remote in config.list_nodes(base + ['host']): config.copy(base + ['host', remote], base + ['remote', remote]) config.set_tag(base + ['remote']) + if vrf: + config.set(base + ['remote', remote, 'vrf'], value=vrf) config.delete(base + ['host']) -- cgit v1.2.3 From cf7721f7d5345e484e0c57b643913d2353dca6f5 Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Sun, 2 Feb 2025 21:40:46 +0100 Subject: defaults: T6989: provide single source of systemd services Some systemd services are re-used over multiple configuration files. Keep a single source of the real systemd names and only reference them by dictionary keys. --- python/vyos/defaults.py | 7 ++++++- src/conf_mode/service_snmp.py | 3 ++- src/conf_mode/system_host-name.py | 9 ++++++--- src/conf_mode/system_syslog.py | 6 ++++-- 4 files changed, 18 insertions(+), 7 deletions(-) (limited to 'src/conf_mode') diff --git a/python/vyos/defaults.py b/python/vyos/defaults.py index 9757a34df..89e51707b 100644 --- a/python/vyos/defaults.py +++ b/python/vyos/defaults.py @@ -1,4 +1,4 @@ -# Copyright 2018-2024 VyOS maintainers and contributors +# Copyright 2018-2025 VyOS maintainers and contributors # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public @@ -40,6 +40,11 @@ directories = { 'ca_certificates' : '/usr/local/share/ca-certificates/vyos' } +systemd_services = { + 'rsyslog' : 'rsyslog.service', + 'snmpd' : 'snmpd.service', +} + config_status = '/tmp/vyos-config-status' api_config_state = '/run/http-api-state' frr_debug_enable = '/tmp/vyos.frr.debug' diff --git a/src/conf_mode/service_snmp.py b/src/conf_mode/service_snmp.py index 1174b1238..d85f20820 100755 --- a/src/conf_mode/service_snmp.py +++ b/src/conf_mode/service_snmp.py @@ -22,6 +22,7 @@ from vyos.base import Warning from vyos.config import Config from vyos.configdict import dict_merge from vyos.configverify import verify_vrf +from vyos.defaults import systemd_services from vyos.snmpv3_hashgen import plaintext_to_md5 from vyos.snmpv3_hashgen import plaintext_to_sha1 from vyos.snmpv3_hashgen import random @@ -43,7 +44,7 @@ config_file_access = r'/usr/share/snmp/snmpd.conf' config_file_user = r'/var/lib/snmp/snmpd.conf' default_script_dir = r'/config/user-data/' systemd_override = r'/run/systemd/system/snmpd.service.d/override.conf' -systemd_service = 'snmpd.service' +systemd_service = systemd_services['snmpd'] def get_config(config=None): if config: diff --git a/src/conf_mode/system_host-name.py b/src/conf_mode/system_host-name.py index 3f245f166..fef034d1c 100755 --- a/src/conf_mode/system_host-name.py +++ b/src/conf_mode/system_host-name.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2018-2024 VyOS maintainers and contributors +# Copyright (C) 2018-2025 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -23,6 +23,7 @@ import vyos.hostsd_client from vyos.base import Warning from vyos.config import Config from vyos.configdict import leaf_node_changed +from vyos.defaults import systemd_services from vyos.ifconfig import Section from vyos.template import is_ip from vyos.utils.process import cmd @@ -174,11 +175,13 @@ def apply(config): # Restart services that use the hostname if hostname_new != hostname_old: - call("systemctl restart rsyslog.service") + tmp = systemd_services['rsyslog'] + call(f'systemctl restart {tmp}') # If SNMP is running, restart it too if process_named_running('snmpd') and config['snmpd_restart_reqired']: - call('systemctl restart snmpd.service') + tmp = systemd_services['snmpd'] + call(f'systemctl restart {tmp}') return None diff --git a/src/conf_mode/system_syslog.py b/src/conf_mode/system_syslog.py index 00c571ea9..414bd4b6b 100755 --- a/src/conf_mode/system_syslog.py +++ b/src/conf_mode/system_syslog.py @@ -21,6 +21,7 @@ from sys import exit from vyos.base import Warning from vyos.config import Config from vyos.configverify import verify_vrf +from vyos.defaults import systemd_services from vyos.utils.network import is_addr_assigned from vyos.utils.process import call from vyos.template import render @@ -33,6 +34,9 @@ airbag.enable() rsyslog_conf = '/run/rsyslog/rsyslog.conf' logrotate_conf = '/etc/logrotate.d/vyos-rsyslog' +systemd_socket = 'syslog.socket' +systemd_service = systemd_services['rsyslog'] + def get_config(config=None): if config: conf = config @@ -107,8 +111,6 @@ def generate(syslog): return None def apply(syslog): - systemd_socket = 'syslog.socket' - systemd_service = 'syslog.service' if not syslog: call(f'systemctl stop {systemd_service} {systemd_socket}') return None -- cgit v1.2.3