Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

T4576: Accel-ppp logging level configuration (backport #3510) #3558

Merged
merged 1 commit into from
May 30, 2024
Merged

T4576: Accel-ppp logging level configuration (backport #3510) #3558

merged 1 commit into from
May 30, 2024

Conversation

mergify[bot]
Copy link
Contributor

@mergify mergify bot commented May 30, 2024

add ability to change logging level config for:

  • VPN L2TP
  • VPN PPTP
  • VPN SSTP
  • IPoE Server
  • PPPoE Serve

Change Summary

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Code style update (formatting, renaming)
  • Refactoring (no functional changes)
  • Migration from an old Vyatta component to vyos-1x, please link to related PR inside obsoleted component
  • Other (please describe):

Related Task(s)

Related PR(s)

Component(s) name

Proposed changes

How to test

Configure service e.g. VPN L2TP:

set vpn ipsec interface 'eth0'
set vpn l2tp remote-access authentication local-users username test password 'test'
set vpn l2tp remote-access authentication mode 'local'
set vpn l2tp remote-access client-ip-pool L2TP-POOL range '192.168.255.2-192.168.255.254'
set vpn l2tp remote-access default-pool 'L2TP-POOL'
set vpn l2tp remote-access gateway-address '192.168.255.1'
set vpn l2tp remote-access ipsec-settings authentication mode 'pre-shared-secret'
set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret 'test'
set vpn l2tp remote-access outside-address '192.168.122.166'

and connect to service:

vyos@vyos:~$ show l2tp-server sessions
 ifname | username |      ip       | ip6 | ip6-dp |  calling-sid  | rate-limit | state  |  uptime  | rx-bytes | tx-bytes 
--------+----------+---------------+-----+--------+---------------+------------+--------+----------+----------+----------
 l2tp0  | test     | 192.168.255.2 |     |        | 192.168.122.1 |            | active | 00:00:29 | 52 B     | 208 B

log level = 5

vyos@vyos:~$ journalctl --unit accel-ppp@l2tp.service
May 23 12:06:14 vyos systemd[1]: Stopping accel-ppp@l2tp.service - Accel-PPP - >
May 23 12:06:14 vyos accel-l2tp[2883]: terminate, sig = 15
May 23 12:06:15 vyos systemd[1]: accel-ppp@l2tp.service: Deactivated successful>
May 23 12:06:15 vyos systemd[1]: Stopped accel-ppp@l2tp.service - Accel-PPP - H>
May 23 12:06:15 vyos systemd[1]: Starting accel-ppp@l2tp.service - Accel-PPP - >
May 23 12:06:15 vyos systemd[1]: Started accel-ppp@l2tp.service - Accel-PPP - H>
May 23 12:06:15 vyos accel-l2tp[3925]: l2tp: iprange module disabled, improper >
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp: recv [L2TP tid=0 sid=0 Ns=0 Nr=0 <>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp: handling SCCRQ from 192.168.122.1
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp: new tunnel 48754-6741 created foll>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp session 48754-6741, 54439-63018: se>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp session 48754-6741, 54439-63018: ha>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: l2tp tunnel 48754-6741 (192.168.122.1:17>
May 23 12:06:45 vyos accel-l2tp[3925]: :: starting data channel for l2tp(192.16>
May 23 12:06:45 vyos accel-l2tp[3925]: :: lcp_layer_init
May 23 12:06:45 vyos accel-l2tp[3925]: :: auth_layer_init
May 23 12:06:45 vyos accel-l2tp[3925]: :: ccp_layer_init
May 23 12:06:45 vyos accel-l2tp[3925]: :: ipcp_layer_init
May 23 12:06:45 vyos accel-l2tp[3925]: :: ipv6cp_layer_init
May 23 12:06:45 vyos accel-l2tp[3925]: :: ppp establishing
May 23 12:06:45 vyos accel-l2tp[3925]: :: lcp_layer_start
May 23 12:06:45 vyos accel-l2tp[3925]: :: send [LCP ConfReq id=61 <auth PAP> <m>
May 23 12:06:45 vyos accel-l2tp[3925]: :: recv [LCP ConfReq id=1 <mru 1400> < 2>
May 23 12:06:45 vyos accel-l2tp[3925]: :: send [LCP ConfRej id=1 < 2 6 0 0 0 0 >
May 23 12:06:45 vyos accel-l2tp[3925]: :: recv [LCP ConfReq id=2 <mru 1400> <ma>
May 23 12:06:45 vyos accel-l2tp[3925]: :: send [LCP ConfAck id=2]
May 23 12:06:48 vyos accel-l2tp[3925]: :: fsm timeout 9

log level 0:

vyos@vyos# set vpn l2tp remote-access log level 0
[edit]
vyos@vyos# commit
[edit]
vyos@vyos# journalctl --unit accel-ppp@l2tp.service
May 23 12:10:10 vyos systemd[1]: Stopping accel-ppp@l2tp.service - Accel-PPP - >
May 23 12:10:10 vyos accel-l2tp[3925]: terminate, sig = 15
May 23 12:10:11 vyos systemd[1]: accel-ppp@l2tp.service: Deactivated successful>
May 23 12:10:11 vyos systemd[1]: Stopped accel-ppp@l2tp.service - Accel-PPP - H>
May 23 12:10:11 vyos systemd[1]: Starting accel-ppp@l2tp.service - Accel-PPP - >
May 23 12:10:11 vyos systemd[1]: accel-ppp@l2tp.service: Can't open PID file /r>
May 23 12:10:11 vyos systemd[1]: Started accel-ppp@l2tp.service - Accel-PPP - H>

Smoketest result

vyos@vyos:~$ python3 /usr/libexec/vyos/tests/smoke/cli/test_vpn_l2tp.py 
test_accel_ipv4_pool (__main__.TestVPNL2TPServer.test_accel_ipv4_pool) ... ok
test_accel_ipv6_pool (__main__.TestVPNL2TPServer.test_accel_ipv6_pool) ... 
WARNING: IPv4 Server requires gateway-address to be configured!


WARNING: 'default-ipv6-pool' is not defined

ok
test_accel_limits (__main__.TestVPNL2TPServer.test_accel_limits) ... ok
test_accel_local_authentication (__main__.TestVPNL2TPServer.test_accel_local_authentication) ... 
User "test" has rate-limit configured for only one direction but both
upload and download must be given!

ok
test_accel_log_level (__main__.TestVPNL2TPServer.test_accel_log_level) ... ok
test_accel_name_servers (__main__.TestVPNL2TPServer.test_accel_name_servers) ... ok
test_accel_next_pool (__main__.TestVPNL2TPServer.test_accel_next_pool) ... 
WARNING: 'default-pool' is not defined

ok
test_accel_ppp_options (__main__.TestVPNL2TPServer.test_accel_ppp_options) ... ok
test_accel_radius_authentication (__main__.TestVPNL2TPServer.test_accel_radius_authentication) ... ok
test_accel_shaper (__main__.TestVPNL2TPServer.test_accel_shaper) ... ok
test_accel_snmp (__main__.TestVPNL2TPServer.test_accel_snmp) ... ok
test_accel_wins_server (__main__.TestVPNL2TPServer.test_accel_wins_server) ... ok
test_l2tp_radius_server (__main__.TestVPNL2TPServer.test_l2tp_radius_server) ... ok
test_l2tp_server_authentication_protocols (__main__.TestVPNL2TPServer.test_l2tp_server_authentication_protocols) ... ok
test_vpn_l2tp_dependence_ipsec_swanctl (__main__.TestVPNL2TPServer.test_vpn_l2tp_dependence_ipsec_swanctl) ... 
WARNING: 'default-pool' is not defined

ok

----------------------------------------------------------------------
Ran 15 tests in 81.208s

OK

vyos@vyos:~$ python3 /usr/libexec/vyos/tests/smoke/cli/test_vpn_pptp.py 
test_accel_ipv4_pool (__main__.TestVPNPPTPServer.test_accel_ipv4_pool) ... ok
test_accel_ipv6_pool (__main__.TestVPNPPTPServer.test_accel_ipv6_pool) ... 
WARNING: IPv4 Server requires gateway-address to be configured!


WARNING: 'default-ipv6-pool' is not defined

ok
test_accel_limits (__main__.TestVPNPPTPServer.test_accel_limits) ... ok
test_accel_local_authentication (__main__.TestVPNPPTPServer.test_accel_local_authentication) ... 
User "test" has rate-limit configured for only one direction but both
upload and download must be given!

ok
test_accel_log_level (__main__.TestVPNPPTPServer.test_accel_log_level) ... ok
test_accel_name_servers (__main__.TestVPNPPTPServer.test_accel_name_servers) ... ok
test_accel_next_pool (__main__.TestVPNPPTPServer.test_accel_next_pool) ... 
WARNING: 'default-pool' is not defined

ok
test_accel_ppp_options (__main__.TestVPNPPTPServer.test_accel_ppp_options) ... ok
test_accel_radius_authentication (__main__.TestVPNPPTPServer.test_accel_radius_authentication) ... ok
test_accel_shaper (__main__.TestVPNPPTPServer.test_accel_shaper) ... ok
test_accel_snmp (__main__.TestVPNPPTPServer.test_accel_snmp) ... ok
test_accel_wins_server (__main__.TestVPNPPTPServer.test_accel_wins_server) ... ok

----------------------------------------------------------------------
Ran 12 tests in 62.968s

OK

vyos@vyos:~$ python3 /usr/libexec/vyos/tests/smoke/cli/test_vpn_sstp.py 
test_accel_ipv4_pool (__main__.TestVPNSSTPServer.test_accel_ipv4_pool) ... PKI: Updating config: vpn sstp ssl certificate sstp
PKI: Updating config: vpn sstp ssl ca_certificate sstp
ok
test_accel_ipv6_pool (__main__.TestVPNSSTPServer.test_accel_ipv6_pool) ... 
WARNING: IPv4 Server requires gateway-address to be configured!


WARNING: 'default-ipv6-pool' is not defined

ok
test_accel_limits (__main__.TestVPNSSTPServer.test_accel_limits) ... ok
test_accel_local_authentication (__main__.TestVPNSSTPServer.test_accel_local_authentication) ... 
User "test" has rate-limit configured for only one direction but both
upload and download must be given!

ok
test_accel_log_level (__main__.TestVPNSSTPServer.test_accel_log_level) ... ok
test_accel_name_servers (__main__.TestVPNSSTPServer.test_accel_name_servers) ... ok
test_accel_next_pool (__main__.TestVPNSSTPServer.test_accel_next_pool) ... 
WARNING: 'default-pool' is not defined

ok
test_accel_ppp_options (__main__.TestVPNSSTPServer.test_accel_ppp_options) ... ok
test_accel_radius_authentication (__main__.TestVPNSSTPServer.test_accel_radius_authentication) ... ok
test_accel_shaper (__main__.TestVPNSSTPServer.test_accel_shaper) ... ok
test_accel_snmp (__main__.TestVPNSSTPServer.test_accel_snmp) ... ok
test_accel_wins_server (__main__.TestVPNSSTPServer.test_accel_wins_server) ... ok
test_sstp_host_name (__main__.TestVPNSSTPServer.test_sstp_host_name) ... ok

----------------------------------------------------------------------
Ran 13 tests in 60.533s

OK

vyos@vyos:~$ python3 /usr/libexec/vyos/tests/smoke/cli/test_service_pppoe-server.py 
test_accel_ipv4_pool (__main__.TestServicePPPoEServer.test_accel_ipv4_pool) ... ok
test_accel_ipv6_pool (__main__.TestServicePPPoEServer.test_accel_ipv6_pool) ... 
WARNING: IPv4 Server requires gateway-address to be configured!


WARNING: 'default-ipv6-pool' is not defined

ok
test_accel_limits (__main__.TestServicePPPoEServer.test_accel_limits) ... ok
test_accel_local_authentication (__main__.TestServicePPPoEServer.test_accel_local_authentication) ... 
User "test" has rate-limit configured for only one direction but both
upload and download must be given!

ok
test_accel_log_level (__main__.TestServicePPPoEServer.test_accel_log_level) ... ok
test_accel_name_servers (__main__.TestServicePPPoEServer.test_accel_name_servers) ... ok
test_accel_next_pool (__main__.TestServicePPPoEServer.test_accel_next_pool) ... 
WARNING: 'default-pool' is not defined

ok
test_accel_ppp_options (__main__.TestServicePPPoEServer.test_accel_ppp_options) ... ok
test_accel_radius_authentication (__main__.TestServicePPPoEServer.test_accel_radius_authentication) ... ok
test_accel_shaper (__main__.TestServicePPPoEServer.test_accel_shaper) ... ok
test_accel_snmp (__main__.TestServicePPPoEServer.test_accel_snmp) ... ok
test_accel_wins_server (__main__.TestServicePPPoEServer.test_accel_wins_server) ... ok
test_pppoe_limits (__main__.TestServicePPPoEServer.test_pppoe_limits) ... ok
test_pppoe_server_authentication_protocols (__main__.TestServicePPPoEServer.test_pppoe_server_authentication_protocols) ... ok
test_pppoe_server_pado_delay (__main__.TestServicePPPoEServer.test_pppoe_server_pado_delay) ... ok
test_pppoe_server_shaper (__main__.TestServicePPPoEServer.test_pppoe_server_shaper) ... ok
test_pppoe_server_vlan (__main__.TestServicePPPoEServer.test_pppoe_server_vlan) ... ok

----------------------------------------------------------------------
Ran 17 tests in 80.276s

OK

vyos@vyos:~$ python3 /usr/libexec/vyos/tests/smoke/cli/test_service_ipoe-server.py 
test_accel_ipv4_pool (__main__.TestServiceIPoEServer.test_accel_ipv4_pool) ... ok
test_accel_ipv6_pool (__main__.TestServiceIPoEServer.test_accel_ipv6_pool) ... 
WARNING: IPv4 Server requires gateway-address to be configured!


WARNING: 'default-ipv6-pool' is not defined

ok
test_accel_limits (__main__.TestServiceIPoEServer.test_accel_limits) ... ok
test_accel_local_authentication (__main__.TestServiceIPoEServer.test_accel_local_authentication) ... 
No IPoE interface configured

ok
test_accel_log_level (__main__.TestServiceIPoEServer.test_accel_log_level) ... ok
test_accel_name_servers (__main__.TestServiceIPoEServer.test_accel_name_servers) ... ok
test_accel_next_pool (__main__.TestServiceIPoEServer.test_accel_next_pool) ... 
WARNING: 'default-pool' is not defined

ok
test_accel_ppp_options (__main__.TestServiceIPoEServer.test_accel_ppp_options) ... skipped 'PPP is not a part of IPoE'
test_accel_radius_authentication (__main__.TestServiceIPoEServer.test_accel_radius_authentication) ... ok
test_accel_shaper (__main__.TestServiceIPoEServer.test_accel_shaper) ... ok
test_accel_snmp (__main__.TestServiceIPoEServer.test_accel_snmp) ... ok
test_accel_wins_server (__main__.TestServiceIPoEServer.test_accel_wins_server) ... skipped 'WINS server is not used in IPoE'

----------------------------------------------------------------------
Ran 12 tests in 45.621s

OK (skipped=2)

Checklist:

  • I have read the CONTRIBUTING document
  • I have linked this PR to one or more Phabricator Task(s)
  • I have run the components SMOKETESTS if applicable
  • My commit headlines contain a valid Task id
  • My change requires a change to the documentation
  • I have updated the documentation accordingly
This is an automatic backport of pull request #3510 done by [Mergify](https://mergify.com).

@HollyGurza @mergify
T4576: Accel-ppp logging level configuration
cbb0531 
add ability to change logging level config for:
* VPN L2TP
* VPN PPTP
* VPN SSTP
* IPoE Server
* PPPoE Serve

(cherry picked from commit 4d84f78)
@mergify mergify bot requested a review from a team as a code owner May 30, 2024 15:28
@mergify mergify bot mentioned this pull request May 30, 2024
Merged
12 tasks
@github-actions github-actions bot added the sagitta VyOS 1.4 LTS label May 30, 2024
@dmbaturin dmbaturin merged commit 1220c66 into sagitta May 30, 2024
6 checks passed
@mergify mergify bot deleted the mergify/bp/sagitta/pr-3510 branch May 30, 2024 15:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dmbaturin dmbaturin dmbaturin approved these changes

@sever-sever sever-sever sever-sever approved these changes

@c-po c-po c-po approved these changes

@sarthurdev sarthurdev Awaiting requested review from sarthurdev sarthurdev is a code owner automatically assigned from vyos/reviewers

@zdc zdc Awaiting requested review from zdc zdc is a code owner automatically assigned from vyos/reviewers

@jestabro jestabro Awaiting requested review from jestabro jestabro is a code owner automatically assigned from vyos/reviewers

Assignees
No one assigned
Labels
sagitta VyOS 1.4 LTS
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@dmbaturin @sever-sever @c-po @HollyGurza