vyos/vyos-documentation
1
0
Fork 0
mirror of https://github.com/vyos/vyos-documentation.git synced 2025-10-26 08:41:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

commandtree: remove as it's replaced by dynamic cmd-list

Browse Source
This commit is contained in:
Christian Poessinger 2020-01-22 20:06:42 +01:00
parent 19b7504f4c
commit 0c036b1eaa
4 changed files with 0 additions and 1000 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

542
docs/appendix/commandtree/configmode.rst
View File

@ -1,542 +0,0 @@
.. _commandtree_configmode:
Configuration mode
------------------
.. code-block:: none
confirm Confirm prior commit-confirm
comment Add comment to this configuration element
commit Commit the current set of changes
commit-confirm Commit the current set of changes with 'confirm' required
compare Compare configuration revisions
copy Copy a configuration element
delete Delete a configuration element
discard Discard uncommitted changes
edit Edit a sub-element
exit Exit from this configuration level
load Load configuration from a file and replace running configuration
loadkey Load user SSH key from a file
merge Load configuration from a file and merge running configuration
rename Rename a configuration element
rollback Rollback to a prior config revision (requires reboot)
run Run an operational-mode command
save Save configuration to a file
set Set the value of a parameter or create a new element
show Show the configuration (default values may be suppressed)
Confirm
^^^^^^^
The ``confirm`` command confirms the prior ``commit-confirm``.
Comment
^^^^^^^
The ``comment`` commands allow you to insert a comment above the current configuration section.
The command cannot be used at the top of the configuration hierarchy, only on subsections. Comments needs to be commited, just like other config changes.
To add a comment to a section, while being already at the proper section level:
.. code-block:: none
[edit <section>]
vyos@vyos# comment "Type Comment Here"
To add a comment directly to a section, from the top or a higher section:
.. code-block:: none
[edit]
vyos@vyos# comment <section> "Type Comment Here"
To remove a comment, add a blank comment to overwrite:
.. code-block:: none
[edit <section>]
vyos@vyos# comment ""
Examples
********
To add a comment to the "interfaces" section:
.. code-block:: none
[edit]
vyos@vyos# edit interfaces
[edit interfaces]
vyos@vyos# comment "Here is a comment"
[edit interfaces]
vyos@vyos# commit
The comment would then appear like this:
.. code-block:: none
[edit]
vyos@vyos# show
/* Here is a comment */
interfaces {
ethernet eth0 {
[...]
An important thing to note is that since the comment is added on top of the section, it will not appear if the ``show <section>`` command is used. With the above example, the ``show interfaces`` command would return starting after the "interfaces {" line, hiding the comment:
.. code-block:: none
[edit]
vyos@vyos# show interfaces
ethernet eth0 {
[...]
To add a comment to the interfaces section from the top:
.. code-block:: none
[edit]
vyos@vyos# comment interfaces "test"
The comment can be added to any node that already exists, even if it's multiple levels lower:
.. code-block:: none
[edit]
vyos@vyos# comment interfaces ethernet eth0 vif 222 address "Far down comment"
Commit
^^^^^^
The ``commit`` command commits the proposed changes to the configuration file.
Every changes done in the configuration session is only applied when the configuration is committed. To view the changes that will be applied, use the show command.
To discard the changes without committing, use the ``discard`` command. The ``commit`` command doesn't save the configuration, you need to manually use the ``save`` command.
The confirm keyword can be added, see ``commit-confirm``. A comment can be entered, it will appear in the commit log.
.. code-block:: none
[edit]
vyos@vyos# commit
Possible completions:
<Enter> Commit working configuration
comment Comment for commit log
Commit-confirm
^^^^^^^^^^^^^^
The ``commit-confirm`` command commits the proposed changes to the configuration file and starts a timer.
If the ``confirm`` command is not entered before the timer expiration, the configuration will be rolled back and VyOS will reboot.
The default timer value is 10 minutes, but a custom value can be entered.
.. code-block:: none
[edit]
vyos@vyos# commit-confirm
Possible completions:
<Enter> Commit, rollback/reboot in 10 minutes if no confirm
<N> Commit, rollback/reboot in N minutes if no confirm
comment Comment for commit log
Compare
^^^^^^^
VyOS maintains backups of previous configurations. To compare configuration revisions in configuration mode, use the compare command:
.. code-block:: none
[edit]
vyos@vyos# compare
Possible completions:
<Enter> Compare working & active configurations
saved Compare working & saved configurations
<N> Compare working with revision N
<N> <M> Compare revision N with M
Revisions:
0 2019-03-20 20:57:22 root by boot-config-loader
1 2019-03-15 20:00:04 root by boot-config-loader
2 2019-03-05 01:58:39 vyos by cli
3 2019-03-05 01:54:59 vyos by cli
4 2019-03-05 01:53:08 vyos by cli
5 2019-03-05 01:52:21 vyos by cli
6 2019-02-24 21:01:24 root by boot-config-loader
7 2019-02-21 22:00:12 vyos by cli
8 2019-02-21 21:56:49 vyos by cli
Copy
^^^^
The ``copy`` command allows you to copy a configuration object.
Copy the configuration entrys from a firewall name WAN rule 1 to rule 2.
.. code-block:: none
[edit firewall name WAN]
vyos@vyos# show
rule 1 {
action accept
source {
address 10.1.0.0/24
}
}
[edit firewall name WAN]
vyos@vyos# copy rule 1 to rule 2
[edit firewall name WAN]
vyos@vyos# show
rule 1 {
action accept
source {
address 10.1.0.0/24
}
}
+rule 2 {
+ action accept
+ source {
+ address 10.1.0.0/24
+ }
+}
Delete
^^^^^^
The ``delte`` command is to delete a configuration entry.
This Example delete the hole ``service tftp-server`` section.
.. code-block:: none
delete service tftp-server
Discard
^^^^^^^
The ``discard`` command removes all pending configuration changes.
.. code-block:: none
[edit]
vyos@vyos# discard
Changes have been discarded
Edit
^^^^
The ``edit`` command allows you to navigate down into the configuration tree.
To avoid writing or pasting long paths,
you can set the edit level to any node with the "edit" command,
such as "edit firewall name Foo".
Once you are at some level, you can use relative node paths,
such as "set rule 10 action accept" in this case.
To get back to an upper level, use the ``up`` command or use the ``top`` command to get back to the upper most level.
The ``[edit]`` text displays where the user is located in the configuration tree.
.. code-block:: none
vyos@vyos# edit firewall name Foo
[edit firewall name Foo]
vyos@vyos# set rule 10 protocol tcp
[edit firewall name Foo]
vyos@vyos# edit rule 10
[edit firewall name Foo rule 10]
vyos@vyos# set destination port 22
[edit firewall name Foo rule 10]
vyos@vyos# up
[edit firewall name Foo]
vyos@vyos# set rule 10 description "Allow SSH"
[edit firewall name Foo]
vyos@vyos# top
[edit]
Exit
^^^^
The ``exit`` command exits the current configuration mode. If the current configuration level isn't the top-most, then the configuration level is put back to the top-most level.
If the configuration level is at the top-most level, then it exits the configuration mode and returns to operational mode.
The ``exit`` command cannot be used if uncommitted changes exists in the configuration file. To exit with uncommitted changes, you either need to use the ``exit discard`` command or you need to commit the changes before exiting.
The ``exit`` command doesn't save the configuration, only the ``save`` command does. A warning will be given when exiting with unsaved changes. Using the ``exit`` command in operational mode will logout the session.
Exiting from a configuration level:
.. code-block:: none
[edit interfaces ethernet eth0]
vyos@vyos# exit
Exiting from configuration mode:
.. code-block:: none
[edit]
vyos@vyos# exit
exit
vyos@vyos:~$
Exiting from operational mode:
.. code-block:: none
vyos@vyos:~$ exit
logout
Error message when trying to exit with uncommitted changes:
.. code-block:: none
vyos@vyos# exit
Cannot exit: configuration modified.
Use 'exit discard' to discard the changes and exit.
Warning message when exiting with unsaved changes:
.. code-block:: none
[edit]
vyos@vyos# exit
Warning: configuration changes have not been saved.
Load
^^^^
The ``load`` command load a configuration from a local or remote file. You have to be use ``commit`` to make the change active
.. code-block:: none
<Enter> Load from system config file
<file> Load from file on local machine
scp://<user>:<passwd>@<host>/<file> Load from file on remote machine
sftp://<user>:<passwd>@<host>/<file> Load from file on remote machine
ftp://<user>:<passwd>@<host>/<file> Load from file on remote machine
http://<host>/<file> Load from file on remote machine
https://<host>/<file> Load from file on remote machine
tftp://<host>/<file> Load from file on remote machine
.. code-block:: none
[edit]
vyos@vyos# load
Loading configuration from '/config/config.boot'...
Load complete. Use 'commit' to make changes active.
Loadkey
^^^^^^^^
Copies the content of a public key to the ~/.ssh/authorized_keys file.
.. code-block:: none
loadkey <username> [tab]
<file> Load from file on local machine
scp://<user>@<host>/<file> Load from file on remote machine
sftp://<user>@<host>/<file> Load from file on remote machine
ftp://<user>@<host>/<file> Load from file on remote machine
http://<host>/<file> Load from file on remote machine
tftp://<host>/<file> Load from file on remote machine
Merge
^^^^^
The ``merge`` command merge the config from a local or remote file with the running config.
In the example below exist a ``default-firewall.config`` file with some common firewall rules you saved earlier.
.. code-block:: none
[edit]
vyos@vyos# show firewall
Configuration under specified path is empty
[edit]
vyos@vyos# merge default-firewall.config
Loading configuration from '/config/default-firewall.config'...
Merge complete. Use 'commit' to make changes active.
vyos@vyos# show firewall
+all-ping enable
+broadcast-ping disable
+config-trap disable
+ipv6-receive-redirects disable
+ipv6-src-route disable
+ip-src-route disable
+log-martians enable
+name WAN {
+ default-action drop
+ rule 1 {
+ action accept
+ source {
+ address 10.1.0.0/24
+ }
+ }
+ rule 2 {
+ action accept
+ source {
+ address 10.1.0.0/24
+ }
......
Rename
^^^^^^
The ``rename`` command allows you to rename or move a configuration object.
See here how to move the configuration entrys from vlanid 3 to 2
.. code-block:: none
[edit interfaces ethernet eth1]
vyos@vyos# show
duplex auto
hw-id 00:53:22:81:c6:59
smp-affinity auto
speed auto
vif 3 {
address 10.4.4.4/32
}
[edit interfaces ethernet eth1]
vyos@vyos# rename vif 3 to vif 2
[edit interfaces ethernet eth1]
vyos@vyos# show
duplex auto
hw-id 00:53:22:81:c6:59
smp-affinity auto
speed auto
+vif 2 {
+ address 10.4.4.4/32
+}
-vif 3 {
- address 10.4.4.4/32
-}
[edit interfaces ethernet eth1]
Rollback
^^^^^^^^
You can ``rollback`` configuration using the rollback command, however this command will currently trigger a system reboot.
Use the compare command to verify the configuration you want to rollback to.
.. code-block:: none
vyos@vyos# compare 1
[edit system]
>host-name vyos-1
[edit]
vyos@vyos# rollback 1
Proceed with reboot? [confirm][y]
Broadcast message from root@vyos-1 (pts/0) (Tue Dec 17 21:07:45 2018):
The system is going down for reboot NOW!
Run
^^^
The ``run`` command allows you to execute any operational mode commands without exiting the configuration session.
.. code-block:: none
[edit]
vyos@vyos# run show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address S/L Description
--------- ---------- --- -----------
eth0 10.1.1.1/24 u/u
Save
^^^^
The ``save`` command saves the current configuration to non-volatile storage. VyOS also supports saving and loading configuration remotely using SCP, FTP, or TFTP.
.. code-block:: none
<Enter> Save to system config file
<file> Save to file on local machine
scp://<user>:<passwd>@<host>/<file> Save to file on remote machine
sftp://<user>:<passwd>@<host>/<file> Save to file on remote machine
ftp://<user>:<passwd>@<host>/<file> Save to file on remote machine
tftp://<host>/<file> Save to file on remote machine
Set
^^^
The ``set`` command create all configuration entrys
.. code-block:: none
[edit]
vyos@vyos# set protocols static route 0.0.0.0/0 next-hop 192.168.1.1
Show
^^^^
The ``show`` command in the configuration mode displays the configuration and show uncommitted changes.
Show the hole config, the address and description of eth1 is moving to vlan 2 if you commit the changes.
.. code-block:: none
[edit]
vyos@vyos# show
interfaces {
dummy dum0 {
address 10.3.3.3/24
}
ethernet eth0 {
address dhcp
duplex auto
hw-id 00:53:22:2b:c0:0b
smp-affinity auto
speed auto
}
ethernet eth1 {
- address 10.1.1.1/32
- description "MGMT Interface"
duplex auto
hw-id 00:53:22:81:c6:59
smp-affinity auto
speed auto
+ vif 2 {
+ address 10.1.1.1/32
+ description "MGMT Interface"
+ }
}
loopback lo {
}
}
service {
ssh {
port 22
......

13
docs/appendix/commandtree/index.rst
View File

@ -1,13 +0,0 @@
.. _commandtree:
Command tree
============
See full command tree in Operational mode and Configuration mode
.. toctree::
:maxdepth: 2
:hidden:
operationmode
configmode

444
docs/appendix/commandtree/operationmode.rst
View File

@ -1,444 +0,0 @@
.. _commandtree_operationmode:
Operational mode
----------------
Operational mode allows for commands to perform operational system tasks and view system and service status.
After this is the first view after the login.
Please see :ref:`cli` for navigation in the CLI
.. code-block:: none
vyos@vyos:~$ [tab]
Possible completions:
add Add an object to a service
clear Clear system information
clone Clone an object
configure Enter configure mode
connect Establish a connection
copy Copy an object
delete Delete an object
disconnect Take down a connection
force Force an operation
format Format a device
generate Generate an object
install Install a new system
monitor Monitor system information
ping Send IPv4 or IPv6 ICMP (Internet Control Message Protocol) echo requests
poweroff Poweroff the system
reboot Reboot the system
release Release specified variable
rename Rename an object
renew Renew specified variable
reset Reset a service
restart Restart a service
set Set operational options
show Show system information
telnet Telnet to a node
traceroute Track network path to node
update Update data for a service
Add
^^^
.. code-block:: none
raid Add a RAID set element
system Add an item to a system facility
Clear
^^^^^
.. code-block:: none
console Clear screen
firewall Clear firewall statistics
flow-accounting Clear flow accounting
interfaces Clear interface information
ip Clear Internet Protocol (IP) statistics or status
ipv6 Clear Internet Protocol (IPv6) statistics or status
nat Clear network address translation (NAT) tables
policy Clear policy statistics
Clone
^^^^^
The ``clone`` command allows you to clone a configuration from a system image to another one, or from the running config to another system image.
To clone the running config to a system image:
.. code-block:: none
clone system config <system-image> from running
To clone from system image A to system image B:
.. code-block:: none
clone system config <system-image-B> from <system-image-A>
Configure
^^^^^^^^^
The ``configure`` command allows you to enter configuration mode.
.. code-block:: none
vyos@vyos:~$ configure
[edit]
vyos@vyos#
Connect
^^^^^^^
The ``connect`` command allows you to bring up a connection oriented interface, like a pppoe interface.
.. code-block:: none
connect interface <interface>
Copy
^^^^
The ``copy`` command allows you to copy a file to your running config or over images.
It can look like this example:
.. code-block:: none
vyos@vyos:~$ copy file [tab]
Possible completions:
http://<user>:<passwd>@<host>/<file>
Copy files from specified source
scp://<user>:<passwd>@<host>/<file>
ftp://<user>:<passwd>@<host>/<file>
tftp://<host>/<file>
1.2.0://config/
1.2.0-rolling+201902251818://config/
1.2.0-rolling+201902201040://config/
1.2.0-rolling+201902080337://config/
1.2.0-H4://config/
running://config/
To copy from file A to file B:
.. code-block:: none
copy <file A> to <file B>
Delete
^^^^^^
.. code-block:: none
conntrack Delete Conntrack entries
file Delete files in a particular image
log Delete a log file
raid Remove a RAID set element
system Delete system objects
Disconnect
^^^^^^^^^^
The ``disconnect`` command allows you to take down a connection oriented interface, like a pppoe interface.
.. code-block:: none
disconnect interface <interface>
Force
^^^^^
.. code-block:: none
arp Send gratuitous ARP request or reply
cluster Force a cluster state transition
Format
^^^^^^
The ``format`` command allows you to format a disk the same way as another one.
.. code-block:: none
format disk <target> like <source>
Generate
^^^^^^^^
.. code-block:: none
openvpn OpenVPN key generation tool
ssh-server-key
Regenerate the host SSH keys and restart the SSH server
tech-support Generate tech-support archive
vpn VPN key generation utility
wireguard wireguard key generation utility
Install
^^^^^^^
The ``install`` command allows you to install the system image on the disk.
.. code-block:: none
install image
Monitor
^^^^^^^
``monitor`` can be used to continually view what is happening on the router.
.. code-block:: none
bandwidth Monitor interface bandwidth in real time
bandwidth-test
Initiate or wait for bandwidth test
cluster Monitor clustering service
command Monitor an operational mode command (refreshes every 2 seconds)
conntrack-sync
Monitor conntrack-sync
content-inspection
Monitor Content-Inspection
dhcp Monitor Dynamic Host Control Protocol (DHCP)
dns Monitor a Domain Name Service (DNS) daemon
firewall Monitor Firewall
https Monitor the Secure Hypertext Transfer Protocol (HTTPS) service
lldp Monitor Link Layer Discovery Protocol (LLDP) daemon
log Monitor last lines of messages file
nat Monitor network address translation (NAT)
openvpn Monitor OpenVPN
protocol Monitor routing protocols
snmp Monitor Simple Network Management Protocol (SNMP) daemon
stop-all Stop all current background monitoring processes
traceroute Monitor the path to a destination in realtime
traffic Monitor traffic dumps
vpn Monitor VPN
vrrp Monitor Virtual Router Redundancy Protocol (VRRP)
webproxy Monitor Webproxy service
Ping
^^^^
The ``ping`` command allows you to send an ICMP-EchoRequest packet and display the ICMP-EchoReply received.
.. code-block:: none
<hostname> Send Internet Control Message Protocol (ICMP) echo request
<x.x.x.x>
<h:h:h:h:h:h:h:h>
Poweroff
^^^^^^^^
The ``poweroff`` command allows you to properly shut down the VyOS instance. Without any modifier, the command is executed immediately.
.. code-block:: none
<Enter> Execute the current command
at Poweroff at a specific time
cancel Cancel a pending poweroff
in Poweroff in X minutes
now Poweroff the system without confirmation
Reboot
^^^^^^
The ``reboot`` command allows you to properly restart the VyOS instance. Without any modifier, the command is executed immediately.
.. code-block:: none
<Enter> Execute the current command
at Poweroff at a specific time
cancel Cancel a pending poweroff
in Poweroff in X minutes
now Poweroff the system without confirmation
Release
^^^^^^^
The ``release`` command allows you to release a DHCP or DHCPv6 lease.
.. code-block:: none
vyos@vyos:~$ release dhcp interface <int>
vyos@vyos:~$ release dhcpv6 interface <int>
Rename
^^^^^^
The ``rename`` command allows you to rename a system image.
.. code-block:: none
rename system image <currentname> <newname>
Renew
^^^^^
The ``renew`` command allows you to renew a DHCP or DHCPv6 lease.
.. code-block:: none
vyos@vyos:~$ renew dhcp interface <int>
vyos@vyos:~$ renew dhcpv6 interface <int>
Reset
^^^^^
.. code-block:: none
conntrack Reset all currently tracked connections
conntrack-sync
Reset connection syncing parameters
dns Reset a DNS service state
firewall reset a firewall group
ip Reset Internet Protocol (IP) parameters
ipv6 Reset Internet Protocol version 6 (IPv6) parameters
nhrp Clear/Purge NHRP entries
openvpn Reset OpenVPN
terminal Reset terminal
vpn Reset Virtual Private Network (VPN) information
Restart
^^^^^^^
.. code-block:: none
cluster Restart cluster node
conntrack-sync
Restart connection tracking synchronization service
dhcp Restart DHCP processes
dhcpv6 Restart DHCPv6 processes
dns Restart a DNS service
flow-accounting
Restart flow-accounting service
https Restart https server
vpn Restart IPsec VPN
vrrp Restart the VRRP (Virtual Router Redundancy Protocol) process
wan-load-balance
Restart WAN load balancing
webproxy Restart webproxy service
Set
^^^
.. code-block:: none
<OPTION> Bash builtin set command
console Control console behaviors
date Set system date and time
system Set system operational parameters
terminal Control terminal behaviors
Show
^^^^
.. code-block:: none
arp Show Address Resolution Protocol (ARP) information
bridge Show bridging information
cluster Show clustering information
configuration Show available saved configurations
conntrack Show conntrack entries in the conntrack table
conntrack-sync
Show connection syncing information
date Show system time and date
dhcp Show DHCP (Dynamic Host Configuration Protocol) information
dhcpv6 Show DHCPv6 (IPv6 Dynamic Host Configuration Protocol) information
disk Show status of disk device
dns Show DNS information
file Show files for a particular image
firewall Show firewall information
flow-accounting
Show flow accounting statistics
hardware Show system hardware details
history show command history
host Show host information
incoming Show ethernet input-policy information
interfaces Show network interface information
ip Show IPv4 routing information
ipv6 Show IPv6 routing information
license Show VyOS license information
lldp Show lldp
log Show contents of current master log file
login Show current login credentials
monitoring Show currently monitored services
nat Show Network Address Translation (NAT) information
nhrp Show NHRP info
ntp Show peer status of NTP daemon
openvpn Show OpenVPN information
policy Show policy information
poweroff Show scheduled poweroff
pppoe-server show pppoe-server status
queueing Show ethernet queueing information
raid Show statis of RAID set
reboot Show scheduled reboot
remote-config Show remote side config
route-map Show route-map information
snmp Show status of SNMP on localhost
system Show system information
system-integrity
checks the integrity of the system
table Show routing table
tech-support Show consolidated tech-support report (private information removed)
users Show user information
version Show system version information
vpn Show Virtual Private Network (VPN) information
vrrp Show VRRP (Virtual Router Redundancy Protocol) information
wan-load-balance
Show Wide Area Network (WAN) load-balancing information
webproxy Show webproxy information
wireguard Show wireguard properties
zone-policy Show summary of zone policy for a specific zone
Telnet
^^^^^^
In the past the ``telnet`` command allowed you to connect remotely to another device using the telnet protocol.
Telnet is unencrypted and should not use anymore. But its nice to test if an TCP Port to a host is open.
.. code-block:: none
vyos@vyos:~$ telnet 192.168.1.3 443
Trying 192.168.1.3...
telnet: Unable to connect to remote host: Network is unreachable
vyos@vyos:~$ telnet 192.168.1.4 443
Trying 192.168.1.4...
Connected to 192.168.1.4.
Escape character is '^]'.
Traceroute
^^^^^^^^^^
The ``traceroute`` command allows you to trace the path taken to a particular device.
.. code-block:: none
<hostname> Track network path to specified node
<x.x.x.x>
<h:h:h:h:h:h:h:h>
ipv4 Track network path to <hostname|IPv4 address>
ipv6 Track network path to <hostname|IPv6 address>
Update
^^^^^^
.. code-block:: none
dns Update DNS information
webproxy Update webproxy

1
docs/index.rst
View File

@ -56,7 +56,6 @@ VyOS User Guide
appendix/release-notes appendix/release-notes
appendix/examples/index appendix/examples/index
appendix/cmd-index appendix/cmd-index
appendix/commandtree/index
appendix/vyos-on-vmware appendix/vyos-on-vmware
appendix/vyos-on-baremetal appendix/vyos-on-baremetal
appendix/migrate-from-vyatta appendix/migrate-from-vyatta