Rewrite op-mode IPsec commands to vyos.opmode format
show vpn ipsec sa
Rewrite op-mode IPsec commands to vyos.opmode format
show vpn ipsec sa
Status | Subtype | Assigned | Task | ||
---|---|---|---|---|---|
Open | FEATURE REQUEST | None | T4564 Root task for rewriting [op-mode] to vyos.opmode format | ||
Resolved | FEATURE REQUEST | Viacheslav | T4594 Rewrite op-mode IPsec to vyos.opmode format |
PR https://github.com/vyos/vyos-1x/pull/1458
Formatted output
vyos@r14:~$ show vpn ipsec sa Connection State Uptime Bytes In/Out Packets In/Out Remote address Remote ID Proposal ------------------------- ------- -------- -------------- ---------------- ---------------- ----------- --------------------------------------- peer_2001-db8--2_tunnel_0 up 9m15s 0B/0B 0/0 2001:db8::2 2001:db8::2 AES_CBC_256/HMAC_SHA2_256_128/MODP_2048 peer_2001-db8--2_tunnel_0 up 24m9s 0B/0B 0/0 2001:db8::2 2001:db8::2 AES_CBC_256/HMAC_SHA2_256_128/MODP_2048 vyos@r14:~$
Raw data:
vyos@r14:~$ sudo /usr/libexec/vyos/op_mode/ipsec.py show_sa --raw [ { "peer_2001-db8--2": { "uniqueid": "3", "version": "2", "state": "ESTABLISHED", "local-host": "2001:db8::1", "local-port": "500", "local-id": "2001:db8::1", "remote-host": "2001:db8::2", "remote-port": "500", "remote-id": "2001:db8::2", "initiator-spi": "ea83139761112ad3", "responder-spi": "d6889910a3089834", "encr-alg": "AES_CBC", "encr-keysize": "256", "integ-alg": "HMAC_SHA2_256_128", "prf-alg": "PRF_HMAC_SHA2_256", "dh-group": "MODP_2048", "established": "1683", "rekey-time": "77805", "child-sas": { "peer_2001-db8--2_tunnel_0-826": { "name": "peer_2001-db8--2_tunnel_0", "uniqueid": "826", "reqid": "1", "state": "INSTALLED", "mode": "TUNNEL", "protocol": "ESP", "spi-in": "c8470a07", "spi-out": "cd671026", "encr-alg": "AES_CBC", "encr-keysize": "256", "integ-alg": "HMAC_SHA2_256_128", "dh-group": "MODP_2048", "bytes-in": "0", "packets-in": "0", "bytes-out": "0", "packets-out": "0", "rekey-time": "1164", "life-time": "27303", "install-time": "1497", "local-ts": [ "2001:db8:1111::/64" ], "remote-ts": [ "2001:db8:2222::/64" ] }, "peer_2001-db8--2_tunnel_0-961": { "name": "peer_2001-db8--2_tunnel_0", "uniqueid": "961", "reqid": "1", "state": "INSTALLED", "mode": "TUNNEL", "protocol": "ESP", "spi-in": "c0f1d7ac", "spi-out": "c079e41f", "encr-alg": "AES_CBC", "encr-keysize": "256", "integ-alg": "HMAC_SHA2_256_128", "dh-group": "MODP_2048", "bytes-in": "0", "packets-in": "0", "bytes-out": "0", "packets-out": "0", "rekey-time": "1810", "life-time": "28197", "install-time": "603", "local-ts": [ "2001:db8:1111::/64" ], "remote-ts": [ "2001:db8:2222::/64" ] } } } } ] vyos@r14:~$
Graphql query:
curl --raw 'https://localhost/graphql' \ -H 'Content-Type: application/json' \ -d '{"query":" {ShowSaIpsec (data: {key: \"foo\"}) {success errors data {result}}}"}' {"data":{"ShowSaIpsec":{"success":true,"errors":null,"data":{"result":[{"peer_2001-db8--2":{"uniqueid":"3","version":"2","state":"ESTABLISHED","local-host":"2001:db8::1","local-port":"500","local-id":"2001:db8::1","remote-host":"2001:db8::2","remote-port":"500","remote-id":"2001:db8::2","initiator-spi":"ea83139761112ad3","responder-spi":"d6889910a3089834","encr-alg":"AES_CBC","encr-keysize":"256","integ-alg":"HMAC_SHA2_256_128","prf-alg":"PRF_HMAC_SHA2_256","dh-group":"MODP_2048","established":"931","rekey-time":"78557","child-sas":{"peer_2001-db8--2_tunnel_0-783":{"name":"peer_2001-db8--2_tunnel_0","uniqueid":"783","reqid":"1","state":"INSTALLED","mode":"TUNNEL","protocol":"ESP","spi-in":"cee3bc5c","spi-out":"c856f615","encr-alg":"AES_CBC","encr-keysize":"256","integ-alg":"HMAC_SHA2_256_128","dh-group":"MODP_2048","bytes-in":"0","packets-in":"0","bytes-out":"0","packets-out":"0","rekey-time":"3","life-time":"27959","install-time":"841","local-ts":["2001:db8:1111::/64"],"remote-ts":["2001:db8:2222::/64"]},"peer_2001-db8--2_tunnel_0-826":{"name":"peer_2001-db8--2_tunnel_0","uniqueid":"826","reqid":"1","state":"INSTALLED","mode":"TUNNEL","protocol":"ESP","spi-in":"c8470a07","spi-out":"cd671026","encr-alg":"AES_CBC","encr-keysize":"256","integ-alg":"HMAC_SHA2_256_128","dh-group":"MODP_2048","bytes-in":"0","packets-in":"0","bytes-out":"0","packets-out":"0","rekey-time":"1916","life-time":"28055","install-time":"745","local-ts":["2001:db8:1111::/64"],"remote-ts":["2001:db8:2222::/64"]}}}}]}}}}