Page MenuHomeVyOS Platform
Create Task
Maniphest T6127

Ability to view logs for rules with Offload not functional
Closed, ResolvedPublicBUG
Actions

Description

If you attempt to view the log for a rule with an action of offload, the current 'egrep' string does not match the 'O' character, which prevents the log entries from showing. Adding 'O' to the 'ADRJC' portion allows the log messages to show.

set ipv4 forward filter rule 1 action 'offload'
set ipv4 forward filter rule 1 log
set ipv4 forward filter rule 1 offload-target 'OT1'
set ipv4 forward filter rule 1 state 'established'
set ipv4 forward filter rule 1 state 'related'

root@R86S:/opt/vyatta/share/vyatta-op/templates/show/log/firewall/ipv4/forward/filter/rule/node.tag# cat node.def 
help: Show log for a rule in the specified firewall
allowed: /bin/cli-shell-api listActiveNodes firewall ipv4 forward filter rule | sed -e "s/'//g" && echo
run: journalctl --no-hostname --boot -k | egrep "\[ipv4-FWD-filter-$8-[ADRJC]\]"

l0crian@R86S# run show log firewall ipv4 forward filter rule 1
[edit]

root@R86S:/opt/vyatta/share/vyatta-op/templates/show/log/firewall/ipv4/forward/filter/rule/node.tag# cat node.def 
help: Show log for a rule in the specified firewall
allowed: /bin/cli-shell-api listActiveNodes firewall ipv4 forward filter rule | sed -e "s/'//g" && echo
run: journalctl --no-hostname --boot -k | egrep "\[ipv4-FWD-filter-$8-[ADRJCO]\]"

l0crian@R86S# run show log firewall ipv4 forward filter rule 1
additional log messages omitted ..............................
Mar 15 21:53:52 kernel: [ipv4-FWD-filter-1-O]IN=eth0.4040 OUT=eth6.......................

Details

Difficulty level
Easy (less than an hour)
Version
1.4.0-epa2
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Perfectly compatible
Issue type
Improvement (missing useful functionality)

Event Timeline

L0crian created this task.Mar 15 2024, 10:06 PM
L0crian renamed this task from Ability to view logs for rules with Offload not available to Ability to view logs for rules with Offload not functional.Mar 15 2024, 10:09 PM
L0crian added a comment.Mar 15 2024, 10:33 PM

Should add the ability to view the default action log would be nice as well.

pasik added a subscriber: pasik.Mar 16 2024, 9:15 AM
Viacheslav added a subscriber: Viacheslav.Mar 18 2024, 9:27 AM

@L0crian could you add the PR? https://github.com/vyos/vyos-1x/blob/987b7e599fda2c468773cf31d92d976cd96c3e41/op-mode-definitions/show-log.xml.in#L222

Viacheslav triaged this task as High priority.Mar 18 2024, 9:27 AM
L0crian claimed this task.Mar 18 2024, 2:38 PM
L0crian added a comment.Mar 18 2024, 2:40 PM

@Viacheslav I'm not super familiar with git, so hopefully I did everything correctly. Here is the PR:
https://github.com/vyos/vyos-1x/pull/3145

c-po added a project: VyOS 1.5 Circinus.Mar 18 2024, 7:50 PM
Viacheslav closed this task as Resolved.Mar 19 2024, 7:17 AM
Viacheslav moved this task from Need Triage to Finished on the VyOS 1.5 Circinus board.
Viacheslav moved this task from Need Triage to Finished on the VyOS 1.4 Sagitta (1.4.0) board.