Logging
The following scenarios show how to configure the conntrack logging option with different traffic policies and services enabled, in order to check that all fields are displayed correctly and all events are captured.
New events
Description
Check NEW sessions events are captured
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set system conntrack logging events new set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.483 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.483/0.483/0.483/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.195 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.195/0.195/0.195/0.000 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[NEW\].*SRC=192.168.100.2Show output
Apr 06 16:49:26.327403 osdx systemd-journald[1874]: Runtime Journal (/run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1) is 1.8M, max 13.8M, 11.9M free. Apr 06 16:49:26.330958 osdx systemd-journald[1874]: Received client request to rotate journal, rotating. Apr 06 16:49:26.331029 osdx systemd-journald[1874]: Vacuuming done, freed 0B of archived journals from /run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1. Apr 06 16:49:26.338750 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal clear'. Apr 06 16:49:26.554541 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system coredump delete all'. Apr 06 16:49:26.758785 osdx OSDxCLI[5658]: User 'admin' entered the configuration menu. Apr 06 16:49:26.869114 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Apr 06 16:49:26.921408 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack logging events new'. Apr 06 16:49:27.023780 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'show working'. Apr 06 16:49:27.082013 osdx ubnt-cfgd[6527]: inactive Apr 06 16:49:27.098891 osdx INFO[6533]: FRR daemons did not change Apr 06 16:49:27.167150 osdx WARNING[6604]: No supported link modes on interface eth0 Apr 06 16:49:27.168560 osdx modulelauncher[6604]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Apr 06 16:49:27.168575 osdx modulelauncher[6604]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Apr 06 16:49:27.169706 osdx modulelauncher[6604]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- Apr 06 16:49:27.169716 osdx modulelauncher[6604]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. Apr 06 16:49:27.215280 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:49:27.218138 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:49:27.219313 osdx cfgd[1668]: [5658]Completed change to active configuration Apr 06 16:49:27.221217 osdx ulogd[6629]: registering plugin `NFCT' Apr 06 16:49:27.222309 osdx ulogd[6629]: registering plugin `IP2STR' Apr 06 16:49:27.222389 osdx ulogd[6629]: registering plugin `PRINTFLOW' Apr 06 16:49:27.223722 osdx ulogd[6629]: registering plugin `SYSLOG' Apr 06 16:49:27.223731 osdx ulogd[6629]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Apr 06 16:49:27.223792 osdx ulogd[6629]: NFCT plugin working in event mode Apr 06 16:49:27.223800 osdx ulogd[6629]: Changing UID / GID Apr 06 16:49:27.223897 osdx ulogd[6629]: initialization finished, entering main loop Apr 06 16:49:27.231130 osdx OSDxCLI[5658]: User 'admin' committed the configuration. Apr 06 16:49:27.247838 osdx OSDxCLI[5658]: User 'admin' left the configuration menu. Apr 06 16:49:28.082834 osdx ulogd[6629]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:49:28.186292 osdx ulogd[6629]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0
Update events
Description
Check UPDATE sessions events are captured
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set system conntrack logging events update set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.403 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.403/0.403/0.403/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.309 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.309/0.309/0.309/0.000 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[UPDATE\].*SRC=192.168.100.2Show output
Apr 06 16:49:32.289619 osdx systemd-journald[1874]: Runtime Journal (/run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1) is 1.8M, max 13.8M, 11.9M free. Apr 06 16:49:32.291180 osdx systemd-journald[1874]: Received client request to rotate journal, rotating. Apr 06 16:49:32.291225 osdx systemd-journald[1874]: Vacuuming done, freed 0B of archived journals from /run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1. Apr 06 16:49:32.300989 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal clear'. Apr 06 16:49:32.508040 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system coredump delete all'. Apr 06 16:49:32.801560 osdx OSDxCLI[5658]: User 'admin' entered the configuration menu. Apr 06 16:49:32.875708 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Apr 06 16:49:32.960553 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack logging events update'. Apr 06 16:49:33.023247 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'show working'. Apr 06 16:49:33.112715 osdx ubnt-cfgd[6815]: inactive Apr 06 16:49:33.129119 osdx INFO[6821]: FRR daemons did not change Apr 06 16:49:33.208543 osdx WARNING[6892]: No supported link modes on interface eth0 Apr 06 16:49:33.210344 osdx modulelauncher[6892]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Apr 06 16:49:33.210365 osdx modulelauncher[6892]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Apr 06 16:49:33.212214 osdx modulelauncher[6892]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- Apr 06 16:49:33.212226 osdx modulelauncher[6892]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. Apr 06 16:49:33.279454 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:49:33.280056 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:49:33.280210 osdx ulogd[6917]: registering plugin `NFCT' Apr 06 16:49:33.280396 osdx ulogd[6917]: registering plugin `IP2STR' Apr 06 16:49:33.280435 osdx ulogd[6917]: registering plugin `PRINTFLOW' Apr 06 16:49:33.280476 osdx ulogd[6917]: registering plugin `SYSLOG' Apr 06 16:49:33.280511 osdx ulogd[6917]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Apr 06 16:49:33.280552 osdx ulogd[6917]: NFCT plugin working in event mode Apr 06 16:49:33.280560 osdx ulogd[6917]: Changing UID / GID Apr 06 16:49:33.280621 osdx ulogd[6917]: initialization finished, entering main loop Apr 06 16:49:33.281086 osdx cfgd[1668]: [5658]Completed change to active configuration Apr 06 16:49:33.292278 osdx OSDxCLI[5658]: User 'admin' committed the configuration. Apr 06 16:49:33.325703 osdx OSDxCLI[5658]: User 'admin' left the configuration menu. Apr 06 16:49:34.158034 osdx ulogd[6917]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:49:34.232824 osdx ulogd[6917]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0
Destroy events
Description
Check DESTROY sessions events are captured
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set service ssh set system conntrack logging events destroy set system conntrack timeout icmp 1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.321 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.321/0.321/0.321/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 3 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.200 ms 64 bytes from 192.168.100.1: icmp_seq=2 ttl=64 time=0.281 ms 64 bytes from 192.168.100.1: icmp_seq=3 ttl=64 time=0.239 ms --- 192.168.100.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2039ms rtt min/avg/max/mdev = 0.200/0.240/0.281/0.033 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[DESTROY\].*SRC=192.168.100.2Show output
Apr 06 16:49:38.293650 osdx systemd-journald[1874]: Runtime Journal (/run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1) is 1.8M, max 13.8M, 11.9M free. Apr 06 16:49:38.297415 osdx systemd-journald[1874]: Received client request to rotate journal, rotating. Apr 06 16:49:38.297468 osdx systemd-journald[1874]: Vacuuming done, freed 0B of archived journals from /run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1. Apr 06 16:49:38.302607 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal clear'. Apr 06 16:49:38.496333 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system coredump delete all'. Apr 06 16:49:38.704390 osdx OSDxCLI[5658]: User 'admin' entered the configuration menu. Apr 06 16:49:38.777380 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Apr 06 16:49:38.854433 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack logging events destroy'. Apr 06 16:49:38.906599 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack timeout icmp 1'. Apr 06 16:49:39.009893 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set service ssh'. Apr 06 16:49:39.071314 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'show working'. Apr 06 16:49:39.163639 osdx ubnt-cfgd[7105]: inactive Apr 06 16:49:39.184270 osdx INFO[7117]: FRR daemons did not change Apr 06 16:49:39.258480 osdx WARNING[7190]: No supported link modes on interface eth0 Apr 06 16:49:39.259830 osdx modulelauncher[7190]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Apr 06 16:49:39.259843 osdx modulelauncher[7190]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Apr 06 16:49:39.260975 osdx modulelauncher[7190]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- Apr 06 16:49:39.260986 osdx modulelauncher[7190]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. Apr 06 16:49:39.305667 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:49:39.306367 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:49:39.306521 osdx ulogd[7215]: registering plugin `NFCT' Apr 06 16:49:39.306688 osdx ulogd[7215]: registering plugin `IP2STR' Apr 06 16:49:39.306726 osdx ulogd[7215]: registering plugin `PRINTFLOW' Apr 06 16:49:39.306762 osdx ulogd[7215]: registering plugin `SYSLOG' Apr 06 16:49:39.306791 osdx ulogd[7215]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Apr 06 16:49:39.306846 osdx ulogd[7215]: NFCT plugin working in event mode Apr 06 16:49:39.306855 osdx ulogd[7215]: Changing UID / GID Apr 06 16:49:39.306915 osdx ulogd[7215]: initialization finished, entering main loop Apr 06 16:49:39.385756 osdx systemd[1]: Starting ssh.service - OpenBSD Secure Shell server... Apr 06 16:49:39.399337 osdx sshd[7221]: Server listening on 0.0.0.0 port 22. Apr 06 16:49:39.399363 osdx sshd[7221]: Server listening on :: port 22. Apr 06 16:49:39.399458 osdx systemd[1]: Started ssh.service - OpenBSD Secure Shell server. Apr 06 16:49:39.425164 osdx cfgd[1668]: [5658]Completed change to active configuration Apr 06 16:49:39.436604 osdx OSDxCLI[5658]: User 'admin' committed the configuration. Apr 06 16:49:39.452993 osdx OSDxCLI[5658]: User 'admin' left the configuration menu. Apr 06 16:49:41.309456 osdx ulogd[7215]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 Apr 06 16:49:42.333395 osdx ulogd[7215]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84
Default logging
Description
Set a simple configuration, send a ping command from one device to other
and check that default fields appear when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set system conntrack logging events all set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.348 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.348/0.348/0.348/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.251 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.251/0.251/0.251/0.000 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*SRC=192.168.100.2Show output
Apr 06 16:49:50.281674 osdx systemd-journald[1874]: Runtime Journal (/run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1) is 1.8M, max 13.8M, 11.9M free. Apr 06 16:49:50.284811 osdx systemd-journald[1874]: Received client request to rotate journal, rotating. Apr 06 16:49:50.284862 osdx systemd-journald[1874]: Vacuuming done, freed 0B of archived journals from /run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1. Apr 06 16:49:50.291752 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal clear'. Apr 06 16:49:50.503829 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system coredump delete all'. Apr 06 16:49:50.772683 osdx OSDxCLI[5658]: User 'admin' entered the configuration menu. Apr 06 16:49:50.921381 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Apr 06 16:49:50.972356 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Apr 06 16:49:51.078078 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'show working'. Apr 06 16:49:51.138951 osdx ubnt-cfgd[7432]: inactive Apr 06 16:49:51.157195 osdx INFO[7438]: FRR daemons did not change Apr 06 16:49:51.230308 osdx WARNING[7509]: No supported link modes on interface eth0 Apr 06 16:49:51.231601 osdx modulelauncher[7509]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Apr 06 16:49:51.231614 osdx modulelauncher[7509]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Apr 06 16:49:51.232676 osdx modulelauncher[7509]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- Apr 06 16:49:51.232685 osdx modulelauncher[7509]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. Apr 06 16:49:51.273093 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:49:51.273998 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:49:51.274099 osdx ulogd[7534]: registering plugin `NFCT' Apr 06 16:49:51.274142 osdx ulogd[7534]: registering plugin `IP2STR' Apr 06 16:49:51.274177 osdx ulogd[7534]: registering plugin `PRINTFLOW' Apr 06 16:49:51.274214 osdx ulogd[7534]: registering plugin `SYSLOG' Apr 06 16:49:51.274218 osdx ulogd[7534]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Apr 06 16:49:51.274257 osdx ulogd[7534]: NFCT plugin working in event mode Apr 06 16:49:51.274264 osdx ulogd[7534]: Changing UID / GID Apr 06 16:49:51.274328 osdx ulogd[7534]: initialization finished, entering main loop Apr 06 16:49:51.275559 osdx cfgd[1668]: [5658]Completed change to active configuration Apr 06 16:49:51.289637 osdx OSDxCLI[5658]: User 'admin' committed the configuration. Apr 06 16:49:51.312972 osdx OSDxCLI[5658]: User 'admin' left the configuration menu. Apr 06 16:49:52.146613 osdx ulogd[7534]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:49:52.146632 osdx ulogd[7534]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:49:52.219229 osdx ulogd[7534]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:49:52.219246 osdx ulogd[7534]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0
Identity logging
Description
Set a simple configuration with identity OSDx_DUT0 for logs entries, send a ping command from one device to other
and check that the identity has changed when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set system conntrack logging events all set system conntrack logging identity OSDx_DUT0 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.345 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.345/0.345/0.345/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.196 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.196/0.196/0.196/0.000 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
OSDx_DUT0\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*SRC=192.168.100.2Show output
Apr 06 16:49:56.300325 osdx systemd-journald[1874]: Runtime Journal (/run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1) is 1.8M, max 13.8M, 11.9M free. Apr 06 16:49:56.301964 osdx systemd-journald[1874]: Received client request to rotate journal, rotating. Apr 06 16:49:56.302016 osdx systemd-journald[1874]: Vacuuming done, freed 0B of archived journals from /run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1. Apr 06 16:49:56.309917 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal clear'. Apr 06 16:49:56.525615 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system coredump delete all'. Apr 06 16:49:56.782834 osdx OSDxCLI[5658]: User 'admin' entered the configuration menu. Apr 06 16:49:56.861623 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Apr 06 16:49:56.936580 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Apr 06 16:49:56.990143 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack logging identity OSDx_DUT0'. Apr 06 16:49:57.090652 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'show working'. Apr 06 16:49:57.147648 osdx ubnt-cfgd[7721]: inactive Apr 06 16:49:57.164371 osdx INFO[7727]: FRR daemons did not change Apr 06 16:49:57.229459 osdx WARNING[7798]: No supported link modes on interface eth0 Apr 06 16:49:57.230761 osdx modulelauncher[7798]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Apr 06 16:49:57.230772 osdx modulelauncher[7798]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Apr 06 16:49:57.231867 osdx modulelauncher[7798]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- Apr 06 16:49:57.231874 osdx modulelauncher[7798]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. Apr 06 16:49:57.290272 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:49:57.290863 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:49:57.291128 osdx ulogd[7823]: registering plugin `NFCT' Apr 06 16:49:57.291187 osdx ulogd[7823]: registering plugin `IP2STR' Apr 06 16:49:57.291238 osdx ulogd[7823]: registering plugin `PRINTFLOW' Apr 06 16:49:57.291289 osdx ulogd[7823]: registering plugin `SYSLOG' Apr 06 16:49:57.291294 osdx ulogd[7823]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Apr 06 16:49:57.291343 osdx ulogd[7823]: NFCT plugin working in event mode Apr 06 16:49:57.291351 osdx OSDx_DUT0[7823]: Changing UID / GID Apr 06 16:49:57.291430 osdx OSDx_DUT0[7823]: initialization finished, entering main loop Apr 06 16:49:57.291925 osdx cfgd[1668]: [5658]Completed change to active configuration Apr 06 16:49:57.302698 osdx OSDxCLI[5658]: User 'admin' committed the configuration. Apr 06 16:49:57.327507 osdx OSDxCLI[5658]: User 'admin' left the configuration menu. Apr 06 16:49:58.156858 osdx OSDx_DUT0[7823]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:49:58.156875 osdx OSDx_DUT0[7823]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:49:58.259000 osdx OSDx_DUT0[7823]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:49:58.259022 osdx OSDx_DUT0[7823]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0
Note
If the identity is not provided, “ulogd” will be used by default.
Step 6: Modify the following configuration lines in DUT0 :
delete system conntrack logging identity
Step 7: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.224 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.224/0.224/0.224/0.000 ms
Step 8: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*SRC=192.168.100.2Show output
Apr 06 16:49:56.300325 osdx systemd-journald[1874]: Runtime Journal (/run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1) is 1.8M, max 13.8M, 11.9M free. Apr 06 16:49:56.301964 osdx systemd-journald[1874]: Received client request to rotate journal, rotating. Apr 06 16:49:56.302016 osdx systemd-journald[1874]: Vacuuming done, freed 0B of archived journals from /run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1. Apr 06 16:49:56.309917 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal clear'. Apr 06 16:49:56.525615 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system coredump delete all'. Apr 06 16:49:56.782834 osdx OSDxCLI[5658]: User 'admin' entered the configuration menu. Apr 06 16:49:56.861623 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Apr 06 16:49:56.936580 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Apr 06 16:49:56.990143 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack logging identity OSDx_DUT0'. Apr 06 16:49:57.090652 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'show working'. Apr 06 16:49:57.147648 osdx ubnt-cfgd[7721]: inactive Apr 06 16:49:57.164371 osdx INFO[7727]: FRR daemons did not change Apr 06 16:49:57.229459 osdx WARNING[7798]: No supported link modes on interface eth0 Apr 06 16:49:57.230761 osdx modulelauncher[7798]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Apr 06 16:49:57.230772 osdx modulelauncher[7798]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Apr 06 16:49:57.231867 osdx modulelauncher[7798]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- Apr 06 16:49:57.231874 osdx modulelauncher[7798]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. Apr 06 16:49:57.290272 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:49:57.290863 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:49:57.291128 osdx ulogd[7823]: registering plugin `NFCT' Apr 06 16:49:57.291187 osdx ulogd[7823]: registering plugin `IP2STR' Apr 06 16:49:57.291238 osdx ulogd[7823]: registering plugin `PRINTFLOW' Apr 06 16:49:57.291289 osdx ulogd[7823]: registering plugin `SYSLOG' Apr 06 16:49:57.291294 osdx ulogd[7823]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Apr 06 16:49:57.291343 osdx ulogd[7823]: NFCT plugin working in event mode Apr 06 16:49:57.291351 osdx OSDx_DUT0[7823]: Changing UID / GID Apr 06 16:49:57.291430 osdx OSDx_DUT0[7823]: initialization finished, entering main loop Apr 06 16:49:57.291925 osdx cfgd[1668]: [5658]Completed change to active configuration Apr 06 16:49:57.302698 osdx OSDxCLI[5658]: User 'admin' committed the configuration. Apr 06 16:49:57.327507 osdx OSDxCLI[5658]: User 'admin' left the configuration menu. Apr 06 16:49:58.156858 osdx OSDx_DUT0[7823]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:49:58.156875 osdx OSDx_DUT0[7823]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:49:58.259000 osdx OSDx_DUT0[7823]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:49:58.259022 osdx OSDx_DUT0[7823]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:49:58.367227 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal show | cat'. Apr 06 16:49:58.537816 osdx OSDxCLI[5658]: User 'admin' entered the configuration menu. Apr 06 16:49:58.606213 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'delete system conntrack logging identity'. Apr 06 16:49:58.704148 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'show changes'. Apr 06 16:49:58.761081 osdx ubnt-cfgd[7859]: inactive Apr 06 16:49:58.777736 osdx INFO[7865]: FRR daemons did not change Apr 06 16:49:58.787048 osdx OSDx_DUT0[7823]: Terminal signal received, exiting Apr 06 16:49:58.787124 osdx systemd[1]: Stopping ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:49:58.787337 osdx systemd[1]: ulogd2.service: Deactivated successfully. Apr 06 16:49:58.787422 osdx systemd[1]: Stopped ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:49:58.814246 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:49:58.814888 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:49:58.815027 osdx ulogd[7873]: registering plugin `NFCT' Apr 06 16:49:58.815198 osdx ulogd[7873]: registering plugin `IP2STR' Apr 06 16:49:58.815258 osdx ulogd[7873]: registering plugin `PRINTFLOW' Apr 06 16:49:58.815317 osdx ulogd[7873]: registering plugin `SYSLOG' Apr 06 16:49:58.815344 osdx ulogd[7873]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Apr 06 16:49:58.815403 osdx ulogd[7873]: NFCT plugin working in event mode Apr 06 16:49:58.815430 osdx ulogd[7873]: Changing UID / GID Apr 06 16:49:58.815508 osdx ulogd[7873]: initialization finished, entering main loop Apr 06 16:49:58.815919 osdx cfgd[1668]: [5658]Completed change to active configuration Apr 06 16:49:58.817115 osdx ulogd[7873]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 Apr 06 16:49:58.817131 osdx ulogd[7873]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 Apr 06 16:49:58.817615 osdx OSDxCLI[5658]: User 'admin' committed the configuration. Apr 06 16:49:58.832161 osdx OSDxCLI[5658]: User 'admin' left the configuration menu. Apr 06 16:49:58.971963 osdx ulogd[7873]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:49:58.971982 osdx ulogd[7873]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0
Policies logging
Description
Set a simple configuration with mark and label traffic policies,
send a ping command from one device to other
and check that default, mark and label fields appear when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set interfaces ethernet eth0 traffic policy in POLICY set system conntrack logging events all set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set traffic label TEST set traffic policy POLICY rule 1 set connmark 33 set traffic policy POLICY rule 1 set label TEST
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.298 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.298/0.298/0.298/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 2 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.215 ms 64 bytes from 192.168.100.1: icmp_seq=2 ttl=64 time=0.224 ms --- 192.168.100.1 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1017ms rtt min/avg/max/mdev = 0.215/0.219/0.224/0.004 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*MARK=33.*LABELS=TESTShow output
Apr 06 16:50:03.283634 osdx systemd-journald[1874]: Runtime Journal (/run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1) is 1.8M, max 13.8M, 11.9M free. Apr 06 16:50:03.285199 osdx systemd-journald[1874]: Received client request to rotate journal, rotating. Apr 06 16:50:03.285246 osdx systemd-journald[1874]: Vacuuming done, freed 0B of archived journals from /run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1. Apr 06 16:50:03.294369 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal clear'. Apr 06 16:50:03.493618 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system coredump delete all'. Apr 06 16:50:03.755732 osdx OSDxCLI[5658]: User 'admin' entered the configuration menu. Apr 06 16:50:03.843546 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 traffic policy in POLICY'. Apr 06 16:50:03.909779 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set traffic label TEST'. Apr 06 16:50:04.000077 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set traffic policy POLICY rule 1 set connmark 33'. Apr 06 16:50:04.056840 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set traffic policy POLICY rule 1 set label TEST'. Apr 06 16:50:04.148444 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Apr 06 16:50:04.208020 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Apr 06 16:50:04.314451 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'show working'. Apr 06 16:50:04.376167 osdx ubnt-cfgd[8042]: inactive Apr 06 16:50:04.403776 osdx INFO[8056]: FRR daemons did not change Apr 06 16:50:04.470070 osdx WARNING[8127]: No supported link modes on interface eth0 Apr 06 16:50:04.471444 osdx modulelauncher[8127]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Apr 06 16:50:04.471457 osdx modulelauncher[8127]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Apr 06 16:50:04.472557 osdx modulelauncher[8127]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- Apr 06 16:50:04.472566 osdx modulelauncher[8127]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. Apr 06 16:50:04.529569 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:50:04.530487 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:50:04.530697 osdx ulogd[8152]: registering plugin `NFCT' Apr 06 16:50:04.530956 osdx ulogd[8152]: registering plugin `IP2STR' Apr 06 16:50:04.531014 osdx ulogd[8152]: registering plugin `PRINTFLOW' Apr 06 16:50:04.531069 osdx ulogd[8152]: registering plugin `SYSLOG' Apr 06 16:50:04.531116 osdx ulogd[8152]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Apr 06 16:50:04.531210 osdx ulogd[8152]: NFCT plugin working in event mode Apr 06 16:50:04.531221 osdx ulogd[8152]: Changing UID / GID Apr 06 16:50:04.531314 osdx ulogd[8152]: initialization finished, entering main loop Apr 06 16:50:04.541136 osdx ulogd[8152]: Terminal signal received, exiting Apr 06 16:50:04.541326 osdx systemd[1]: Stopping ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:50:04.541592 osdx systemd[1]: ulogd2.service: Deactivated successfully. Apr 06 16:50:04.541702 osdx systemd[1]: Stopped ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:50:04.542655 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:50:04.543373 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:50:04.543555 osdx ulogd[8158]: registering plugin `NFCT' Apr 06 16:50:04.543776 osdx ulogd[8158]: registering plugin `IP2STR' Apr 06 16:50:04.543824 osdx ulogd[8158]: registering plugin `PRINTFLOW' Apr 06 16:50:04.543917 osdx ulogd[8158]: registering plugin `SYSLOG' Apr 06 16:50:04.543923 osdx ulogd[8158]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Apr 06 16:50:04.543972 osdx ulogd[8158]: NFCT plugin working in event mode Apr 06 16:50:04.543979 osdx ulogd[8158]: Changing UID / GID Apr 06 16:50:04.544052 osdx ulogd[8158]: initialization finished, entering main loop Apr 06 16:50:04.815889 osdx cfgd[1668]: [5658]Completed change to active configuration Apr 06 16:50:04.827205 osdx OSDxCLI[5658]: User 'admin' committed the configuration. Apr 06 16:50:04.845444 osdx OSDxCLI[5658]: User 'admin' left the configuration menu. Apr 06 16:50:05.618451 osdx ulogd[8158]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 MARK=33 LABELS=TEST Apr 06 16:50:05.618474 osdx ulogd[8158]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 MARK=33 Apr 06 16:50:05.692096 osdx ulogd[8158]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 MARK=33 LABELS=TEST Apr 06 16:50:05.692120 osdx ulogd[8158]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 MARK=33
VRF logging
Description
Set a simple configuration with a vrf,
send a ping command from one device to other
and check that default and vrf fields appear when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set interfaces ethernet eth0 vrf RED set protocols vrf RED static route 0.0.0.0/0 next-hop 192.168.100.2 set system conntrack logging events all set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set system vrf RED
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.502 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.502/0.502/0.502/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.218 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.218/0.218/0.218/0.000 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*VRF=REDShow output
Apr 06 16:50:10.000176 osdx systemd-timedated[3776]: Changed local time to Mon 2026-04-06 16:50:10 UTC Apr 06 16:50:10.001368 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'set date 2026-04-06 16:50:10'. Apr 06 16:50:10.003588 osdx systemd-journald[1874]: Time jumped backwards, rotating. Apr 06 16:50:10.292473 osdx systemd-journald[1874]: Runtime Journal (/run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1) is 1.8M, max 13.8M, 11.9M free. Apr 06 16:50:10.295589 osdx systemd-journald[1874]: Received client request to rotate journal, rotating. Apr 06 16:50:10.295643 osdx systemd-journald[1874]: Vacuuming done, freed 0B of archived journals from /run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1. Apr 06 16:50:10.303074 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal clear'. Apr 06 16:50:10.502039 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system coredump delete all'. Apr 06 16:50:10.754823 osdx OSDxCLI[5658]: User 'admin' entered the configuration menu. Apr 06 16:50:10.827223 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 vrf RED'. Apr 06 16:50:10.916359 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set protocols vrf RED static route 0.0.0.0/0 next-hop 192.168.100.2'. Apr 06 16:50:10.964084 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system vrf RED'. Apr 06 16:50:11.060651 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Apr 06 16:50:11.114545 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Apr 06 16:50:11.231469 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'show working'. Apr 06 16:50:11.292823 osdx ubnt-cfgd[8398]: inactive Apr 06 16:50:11.312277 osdx INFO[8404]: FRR daemons did not change Apr 06 16:50:11.324784 osdx (udev-worker)[8416]: RED: Could not disable auto negotiation, ignoring: Operation not supported Apr 06 16:50:11.324811 osdx (udev-worker)[8416]: Network interface NamePolicy= disabled on kernel command line. Apr 06 16:50:11.391244 osdx WARNING[8489]: No supported link modes on interface eth0 Apr 06 16:50:11.392565 osdx modulelauncher[8489]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Apr 06 16:50:11.392576 osdx modulelauncher[8489]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Apr 06 16:50:11.393983 osdx modulelauncher[8489]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- Apr 06 16:50:11.393989 osdx modulelauncher[8489]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. Apr 06 16:50:11.499886 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:50:11.500484 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:50:11.500700 osdx ulogd[8575]: registering plugin `NFCT' Apr 06 16:50:11.500935 osdx ulogd[8575]: registering plugin `IP2STR' Apr 06 16:50:11.501022 osdx ulogd[8575]: registering plugin `PRINTFLOW' Apr 06 16:50:11.501128 osdx ulogd[8575]: registering plugin `SYSLOG' Apr 06 16:50:11.501135 osdx ulogd[8575]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Apr 06 16:50:11.501187 osdx ulogd[8575]: NFCT plugin working in event mode Apr 06 16:50:11.501233 osdx ulogd[8575]: Changing UID / GID Apr 06 16:50:11.501314 osdx ulogd[8575]: initialization finished, entering main loop Apr 06 16:50:11.501591 osdx cfgd[1668]: [5658]Completed change to active configuration Apr 06 16:50:11.512654 osdx OSDxCLI[5658]: User 'admin' committed the configuration. Apr 06 16:50:11.529993 osdx OSDxCLI[5658]: User 'admin' left the configuration menu. Apr 06 16:50:12.338213 osdx ulogd[8575]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:50:12.338234 osdx ulogd[8575]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:50:12.416058 osdx ulogd[8575]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:50:12.416076 osdx ulogd[8575]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0
Not-Bypass logging
Description
Set a simple configuration with a firewall service,
send a ping command from one device to other
and check that default and bypass fields appear when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth1 address 10.215.168.64/24 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Ping IP address 10.215.168.1 from DUT0:
admin@DUT0$ ping 10.215.168.1 count 1 size 56 timeout 1Show output
PING 10.215.168.1 (10.215.168.1) 56(84) bytes of data. 64 bytes from 10.215.168.1: icmp_seq=1 ttl=64 time=0.177 ms --- 10.215.168.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.177/0.177/0.177/0.000 ms
Step 3: Run command file copy http://10.215.168.1/~robot/test-performance.rules running:// force at DUT0 and expect this output:
Show output
% Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 129 100 129 0 0 21706 0 --:--:-- --:--:-- --:--:-- 25800
Step 4: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set interfaces ethernet eth0 traffic policy in POLICY set interfaces ethernet eth1 address 10.215.168.64/24 set service firewall FW mode inline queue FW_Q set service firewall FW ruleset file 'running://test-performance.rules' set service firewall FW stream bypass mark 129834765 set service firewall FW stream bypass mask 129834765 set service firewall FW stream bypass set-connmark set system conntrack logging events all set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set traffic policy POLICY rule 1 action enqueue FW_Q set traffic queue FW_Q elements 1
Step 5: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 6: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.466 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.466/0.466/0.466/0.000 ms
Step 7: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.260 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.260/0.260/0.260/0.000 ms
Step 8: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*Sc: not-bypassShow output
Apr 06 16:50:17.300229 osdx systemd-journald[1874]: Runtime Journal (/run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1) is 1.9M, max 13.8M, 11.8M free. Apr 06 16:50:17.302902 osdx systemd-journald[1874]: Received client request to rotate journal, rotating. Apr 06 16:50:17.302957 osdx systemd-journald[1874]: Vacuuming done, freed 0B of archived journals from /run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1. Apr 06 16:50:17.311626 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal clear'. Apr 06 16:50:17.516148 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system coredump delete all'. Apr 06 16:50:17.769229 osdx OSDxCLI[5658]: User 'admin' entered the configuration menu. Apr 06 16:50:17.842794 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth1 address 10.215.168.64/24'. Apr 06 16:50:17.928667 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'show working'. Apr 06 16:50:17.984457 osdx ubnt-cfgd[8842]: inactive Apr 06 16:50:18.011533 osdx INFO[8848]: FRR daemons did not change Apr 06 16:50:18.083428 osdx WARNING[8916]: No supported link modes on interface eth1 Apr 06 16:50:18.084753 osdx modulelauncher[8916]: osdx.utils.xos cmd error: /sbin/ethtool -A eth1 autoneg on Apr 06 16:50:18.084769 osdx modulelauncher[8916]: Command '/sbin/ethtool -A eth1 autoneg on' returned non-zero exit status 76. Apr 06 16:50:18.085824 osdx modulelauncher[8916]: osdx.utils.xos cmd error: /sbin/ethtool -s eth1 autoneg on advertise Pause off Asym_Pause off -- Apr 06 16:50:18.085832 osdx modulelauncher[8916]: Command '/sbin/ethtool -s eth1 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. Apr 06 16:50:18.096166 osdx cfgd[1668]: [5658]Completed change to active configuration Apr 06 16:50:18.109917 osdx OSDxCLI[5658]: User 'admin' committed the configuration. Apr 06 16:50:18.136439 osdx OSDxCLI[5658]: User 'admin' left the configuration menu. Apr 06 16:50:18.293379 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'ping 10.215.168.1 count 1 size 56 timeout 1'. Apr 06 16:50:18.440822 osdx file_operation[8970]: using src url: http://10.215.168.1/~robot/test-performance.rules dst url: running:// Apr 06 16:50:18.469949 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'file copy http://10.215.168.1/~robot/test-performance.rules running:// force'. Apr 06 16:50:18.608113 osdx OSDxCLI[5658]: User 'admin' entered the configuration menu. Apr 06 16:50:18.673223 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 traffic policy in POLICY'. Apr 06 16:50:18.765227 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set service firewall FW mode inline queue FW_Q'. Apr 06 16:50:18.817543 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set service firewall FW ruleset file running://test-performance.rules'. Apr 06 16:50:18.912528 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set service firewall FW stream bypass'. Apr 06 16:50:18.972432 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set service firewall FW stream bypass mark 129834765'. Apr 06 16:50:19.070180 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set service firewall FW stream bypass mask 129834765'. Apr 06 16:50:19.128854 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set service firewall FW stream bypass set-connmark'. Apr 06 16:50:19.215937 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set traffic queue FW_Q elements 1'. Apr 06 16:50:19.276688 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set traffic policy POLICY rule 1 action enqueue FW_Q'. Apr 06 16:50:19.390225 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Apr 06 16:50:19.440505 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Apr 06 16:50:19.561894 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'show working'. Apr 06 16:50:19.625694 osdx ubnt-cfgd[9004]: inactive Apr 06 16:50:19.670978 osdx INFO[9021]: FRR daemons did not change Apr 06 16:50:19.738701 osdx WARNING[9092]: No supported link modes on interface eth0 Apr 06 16:50:19.740002 osdx modulelauncher[9092]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Apr 06 16:50:19.740014 osdx modulelauncher[9092]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Apr 06 16:50:19.741083 osdx modulelauncher[9092]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- Apr 06 16:50:19.741090 osdx modulelauncher[9092]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. Apr 06 16:50:19.779124 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:50:19.779712 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:50:19.779863 osdx ulogd[9117]: registering plugin `NFCT' Apr 06 16:50:19.779906 osdx ulogd[9117]: registering plugin `IP2STR' Apr 06 16:50:19.779942 osdx ulogd[9117]: registering plugin `PRINTFLOW' Apr 06 16:50:19.779982 osdx ulogd[9117]: registering plugin `SYSLOG' Apr 06 16:50:19.779985 osdx ulogd[9117]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Apr 06 16:50:19.780022 osdx ulogd[9117]: NFCT plugin working in event mode Apr 06 16:50:19.780028 osdx ulogd[9117]: Changing UID / GID Apr 06 16:50:19.780089 osdx ulogd[9117]: initialization finished, entering main loop Apr 06 16:50:20.024607 osdx ulogd[9117]: Terminal signal received, exiting Apr 06 16:50:20.024692 osdx systemd[1]: Stopping ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:50:20.024935 osdx systemd[1]: ulogd2.service: Deactivated successfully. Apr 06 16:50:20.025034 osdx systemd[1]: Stopped ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:50:20.043165 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:50:20.043762 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:50:20.043901 osdx ulogd[9145]: registering plugin `NFCT' Apr 06 16:50:20.044123 osdx ulogd[9145]: registering plugin `IP2STR' Apr 06 16:50:20.044164 osdx ulogd[9145]: registering plugin `PRINTFLOW' Apr 06 16:50:20.044240 osdx ulogd[9145]: registering plugin `SYSLOG' Apr 06 16:50:20.044245 osdx ulogd[9145]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Apr 06 16:50:20.044284 osdx ulogd[9145]: NFCT plugin working in event mode Apr 06 16:50:20.044320 osdx ulogd[9145]: Changing UID / GID Apr 06 16:50:20.044577 osdx ulogd[9145]: initialization finished, entering main loop Apr 06 16:50:20.081811 osdx systemd[1]: Reloading. Apr 06 16:50:20.134898 osdx systemd-sysv-generator[9166]: stat() failed on /etc/init.d/README, ignoring: No such file or directory Apr 06 16:50:20.251316 osdx systemd[1]: Starting logrotate.service - Rotate log files... Apr 06 16:50:20.257268 osdx systemd[1]: Created slice system-suricata.slice - Slice /system/suricata. Apr 06 16:50:20.258774 osdx systemd[1]: Starting suricata@FW.service - Suricata client "FW" service... Apr 06 16:50:20.320020 osdx systemd[1]: logrotate.service: Deactivated successfully. Apr 06 16:50:20.320136 osdx systemd[1]: Finished logrotate.service - Rotate log files. Apr 06 16:50:20.550464 osdx systemd[1]: Started suricata@FW.service - Suricata client "FW" service. Apr 06 16:50:20.977014 osdx INFO[9147]: Rules successfully loaded Apr 06 16:50:20.977623 osdx cfgd[1668]: [5658]Completed change to active configuration Apr 06 16:50:20.995283 osdx OSDxCLI[5658]: User 'admin' committed the configuration. Apr 06 16:50:21.009846 osdx OSDxCLI[5658]: User 'admin' left the configuration menu. Apr 06 16:50:21.783778 osdx ulogd[9145]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 (Sc: not-bypass) Apr 06 16:50:21.783796 osdx ulogd[9145]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 (Sc: not-bypass) Apr 06 16:50:21.862237 osdx ulogd[9145]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 (Sc: not-bypass) Apr 06 16:50:21.862255 osdx ulogd[9145]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 (Sc: not-bypass)
Offload flag
Description
Set a simple configuration with DUT0 as an intermediary between DUT1
and DUT2. Initiate a ssh connection from DUT1 to DUT2
and check that default and offload fields appear when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set interfaces ethernet eth1 address 192.168.200.1/24 set system conntrack logging events all set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Set the following configuration in DUT2 :
set interfaces ethernet eth0 address 192.168.200.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.200.1 set service ssh set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.555 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.555/0.555/0.555/0.000 ms
Step 5: Ping IP address 192.168.200.1 from DUT2:
admin@DUT2$ ping 192.168.200.1 count 1 size 56 timeout 1Show output
PING 192.168.200.1 (192.168.200.1) 56(84) bytes of data. 64 bytes from 192.168.200.1: icmp_seq=1 ttl=64 time=0.330 ms --- 192.168.200.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.330/0.330/0.330/0.000 ms
Step 6: Init an SSH connection from DUT1 to IP address 192.168.200.2 with the user admin:
admin@DUT1$ ssh admin@192.168.200.2 option StrictHostKeyChecking=no option UserKnownHostsFile=/dev/nullShow output
Warning: Permanently added '192.168.200.2' (ECDSA) to the list of known hosts. admin@192.168.200.2's password: Welcome to Teldat OSDx v4.2.7.3 This system includes free software. Contact Teldat for licenses information and source code. Last login: Mon Apr 6 16:27:32 2026 from 10.2.0.3 admin@osdx$
Step 7: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*\[OFFLOAD\]Show output
Apr 06 16:50:28.333122 osdx systemd-journald[1874]: Runtime Journal (/run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1) is 1.9M, max 13.8M, 11.8M free. Apr 06 16:50:28.335470 osdx systemd-journald[1874]: Received client request to rotate journal, rotating. Apr 06 16:50:28.335544 osdx systemd-journald[1874]: Vacuuming done, freed 0B of archived journals from /run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1. Apr 06 16:50:28.343759 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal clear'. Apr 06 16:50:28.551260 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system coredump delete all'. Apr 06 16:50:28.795483 osdx OSDxCLI[5658]: User 'admin' entered the configuration menu. Apr 06 16:50:28.868215 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth1 address 192.168.200.1/24'. Apr 06 16:50:28.946415 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Apr 06 16:50:28.996677 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Apr 06 16:50:29.099973 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'show working'. Apr 06 16:50:29.161223 osdx ubnt-cfgd[9473]: inactive Apr 06 16:50:29.180724 osdx INFO[9479]: FRR daemons did not change Apr 06 16:50:29.248158 osdx WARNING[9550]: No supported link modes on interface eth1 Apr 06 16:50:29.249445 osdx modulelauncher[9550]: osdx.utils.xos cmd error: /sbin/ethtool -A eth1 autoneg on Apr 06 16:50:29.249460 osdx modulelauncher[9550]: Command '/sbin/ethtool -A eth1 autoneg on' returned non-zero exit status 76. Apr 06 16:50:29.250543 osdx modulelauncher[9550]: osdx.utils.xos cmd error: /sbin/ethtool -s eth1 autoneg on advertise Pause off Asym_Pause off -- Apr 06 16:50:29.250549 osdx modulelauncher[9550]: Command '/sbin/ethtool -s eth1 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. Apr 06 16:50:29.315086 osdx WARNING[9629]: No supported link modes on interface eth0 Apr 06 16:50:29.316409 osdx modulelauncher[9629]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Apr 06 16:50:29.316425 osdx modulelauncher[9629]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Apr 06 16:50:29.317547 osdx modulelauncher[9629]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- Apr 06 16:50:29.317555 osdx modulelauncher[9629]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. Apr 06 16:50:29.399802 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:50:29.400676 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:50:29.400838 osdx ulogd[9655]: registering plugin `NFCT' Apr 06 16:50:29.401056 osdx ulogd[9655]: registering plugin `IP2STR' Apr 06 16:50:29.401103 osdx ulogd[9655]: registering plugin `PRINTFLOW' Apr 06 16:50:29.401196 osdx ulogd[9655]: registering plugin `SYSLOG' Apr 06 16:50:29.401207 osdx ulogd[9655]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Apr 06 16:50:29.401258 osdx ulogd[9655]: NFCT plugin working in event mode Apr 06 16:50:29.401268 osdx ulogd[9655]: Changing UID / GID Apr 06 16:50:29.401353 osdx ulogd[9655]: initialization finished, entering main loop Apr 06 16:50:29.401851 osdx cfgd[1668]: [5658]Completed change to active configuration Apr 06 16:50:29.413015 osdx OSDxCLI[5658]: User 'admin' committed the configuration. Apr 06 16:50:29.430265 osdx OSDxCLI[5658]: User 'admin' left the configuration menu. Apr 06 16:50:31.071062 osdx ulogd[9655]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:50:31.071081 osdx ulogd[9655]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:50:31.142899 osdx ulogd[9655]: [NEW] ORIG: SRC=192.168.200.2 DST=192.168.200.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.1 DST=192.168.200.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:50:31.142918 osdx ulogd[9655]: [UPDATE] ORIG: SRC=192.168.200.2 DST=192.168.200.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.1 DST=192.168.200.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:50:31.210362 osdx ulogd[9655]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.200.2 PROTO=TCP SPT=54572 DPT=22 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.2 DST=192.168.100.2 PROTO=TCP SPT=22 DPT=54572 PKTS=0 BYTES=0 Apr 06 16:50:31.210498 osdx ulogd[9655]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.200.2 PROTO=TCP SPT=54572 DPT=22 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.2 DST=192.168.100.2 PROTO=TCP SPT=22 DPT=54572 PKTS=0 BYTES=0 Apr 06 16:50:31.210586 osdx ulogd[9655]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.200.2 PROTO=TCP SPT=54572 DPT=22 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.2 DST=192.168.100.2 PROTO=TCP SPT=22 DPT=54572 PKTS=0 BYTES=0 [OFFLOAD] Apr 06 16:50:31.487866 osdx ulogd[9655]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.200.2 PROTO=TCP SPT=54572 DPT=22 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.2 DST=192.168.100.2 PROTO=TCP SPT=22 DPT=54572 PKTS=0 BYTES=0 Apr 06 16:50:31.489778 osdx ulogd[9655]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.200.2 PROTO=TCP SPT=54572 DPT=22 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.2 DST=192.168.100.2 PROTO=TCP SPT=22 DPT=54572 PKTS=0 BYTES=0 Apr 06 16:50:31.489913 osdx ulogd[9655]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.200.2 PROTO=TCP SPT=54572 DPT=22 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.2 DST=192.168.100.2 PROTO=TCP SPT=22 DPT=54572 PKTS=0 BYTES=0 [OFFLOAD]
App detect logging
Description
Set a simple configuration enabling app detection in system conntrack, send a ping command from DUT1
and check app detect field appears when running system journal show. After that, enabling app detection
in system conntrack for http host, try to copy index.html from a http server
and check that the app detect field appears and belongs to the http server when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set system conntrack app-detect set system conntrack logging events all set system conntrack timeout icmp 1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.343 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.343/0.343/0.343/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 3 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.245 ms 64 bytes from 192.168.100.1: icmp_seq=2 ttl=64 time=0.296 ms 64 bytes from 192.168.100.1: icmp_seq=3 ttl=64 time=0.311 ms --- 192.168.100.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2056ms rtt min/avg/max/mdev = 0.245/0.284/0.311/0.028 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[NEW\].*APPDETECT\[L3:1\]Show output
Apr 06 16:50:36.284042 osdx systemd-journald[1874]: Runtime Journal (/run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1) is 1.8M, max 13.8M, 11.9M free. Apr 06 16:50:36.284469 osdx systemd-journald[1874]: Received client request to rotate journal, rotating. Apr 06 16:50:36.284500 osdx systemd-journald[1874]: Vacuuming done, freed 0B of archived journals from /run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1. Apr 06 16:50:36.295504 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal clear'. Apr 06 16:50:36.498131 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system coredump delete all'. Apr 06 16:50:36.749795 osdx OSDxCLI[5658]: User 'admin' entered the configuration menu. Apr 06 16:50:36.805208 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack app-detect'. Apr 06 16:50:36.904849 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack timeout icmp 1'. Apr 06 16:50:37.020013 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Apr 06 16:50:37.071196 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Apr 06 16:50:37.162868 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'show working'. Apr 06 16:50:37.220093 osdx ubnt-cfgd[9879]: inactive Apr 06 16:50:37.236778 osdx INFO[9885]: FRR daemons did not change Apr 06 16:50:37.372471 osdx kernel: app-detect: module init Apr 06 16:50:37.372547 osdx kernel: app-detect: registered: sysctl net.appdetect Apr 06 16:50:37.372563 osdx kernel: app-detect: expression init Apr 06 16:50:37.372580 osdx kernel: app-detect: appid cache initialized (override=yes, chained=yes) Apr 06 16:50:37.372592 osdx kernel: app-detect: appid cache changes counter set appid_changes_count found (klen=4, dlen=4) Apr 06 16:50:37.379758 osdx modulelauncher[9888]: AppDetect: no appdetect_chain refresh needed, nothing more to do Apr 06 16:50:37.452034 osdx WARNING[9981]: No supported link modes on interface eth0 Apr 06 16:50:37.453357 osdx modulelauncher[9981]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Apr 06 16:50:37.453372 osdx modulelauncher[9981]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Apr 06 16:50:37.454452 osdx modulelauncher[9981]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- Apr 06 16:50:37.454462 osdx modulelauncher[9981]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. Apr 06 16:50:37.520750 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:50:37.521463 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:50:37.521622 osdx ulogd[10006]: registering plugin `NFCT' Apr 06 16:50:37.521827 osdx ulogd[10006]: registering plugin `IP2STR' Apr 06 16:50:37.521880 osdx ulogd[10006]: registering plugin `PRINTFLOW' Apr 06 16:50:37.521933 osdx ulogd[10006]: registering plugin `SYSLOG' Apr 06 16:50:37.521939 osdx ulogd[10006]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Apr 06 16:50:37.521995 osdx ulogd[10006]: NFCT plugin working in event mode Apr 06 16:50:37.522035 osdx ulogd[10006]: Changing UID / GID Apr 06 16:50:37.522117 osdx ulogd[10006]: initialization finished, entering main loop Apr 06 16:50:37.522635 osdx cfgd[1668]: [5658]Completed change to active configuration Apr 06 16:50:37.535412 osdx OSDxCLI[5658]: User 'admin' committed the configuration. Apr 06 16:50:37.556478 osdx OSDxCLI[5658]: User 'admin' left the configuration menu. Apr 06 16:50:38.313602 osdx ulogd[10006]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:38.313624 osdx ulogd[10006]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:38.384525 osdx ulogd[10006]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:38.384548 osdx ulogd[10006]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:39.416525 osdx ulogd[10006]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] Apr 06 16:50:39.416555 osdx ulogd[10006]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:39.416571 osdx ulogd[10006]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:40.440515 osdx ulogd[10006]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] Apr 06 16:50:40.440539 osdx ulogd[10006]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:40.440554 osdx ulogd[10006]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1]
Step 6: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[UPDATE\].*APPDETECT\[L3:1\]Show output
Apr 06 16:50:36.284042 osdx systemd-journald[1874]: Runtime Journal (/run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1) is 1.8M, max 13.8M, 11.9M free. Apr 06 16:50:36.284469 osdx systemd-journald[1874]: Received client request to rotate journal, rotating. Apr 06 16:50:36.284500 osdx systemd-journald[1874]: Vacuuming done, freed 0B of archived journals from /run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1. Apr 06 16:50:36.295504 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal clear'. Apr 06 16:50:36.498131 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system coredump delete all'. Apr 06 16:50:36.749795 osdx OSDxCLI[5658]: User 'admin' entered the configuration menu. Apr 06 16:50:36.805208 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack app-detect'. Apr 06 16:50:36.904849 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack timeout icmp 1'. Apr 06 16:50:37.020013 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Apr 06 16:50:37.071196 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Apr 06 16:50:37.162868 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'show working'. Apr 06 16:50:37.220093 osdx ubnt-cfgd[9879]: inactive Apr 06 16:50:37.236778 osdx INFO[9885]: FRR daemons did not change Apr 06 16:50:37.372471 osdx kernel: app-detect: module init Apr 06 16:50:37.372547 osdx kernel: app-detect: registered: sysctl net.appdetect Apr 06 16:50:37.372563 osdx kernel: app-detect: expression init Apr 06 16:50:37.372580 osdx kernel: app-detect: appid cache initialized (override=yes, chained=yes) Apr 06 16:50:37.372592 osdx kernel: app-detect: appid cache changes counter set appid_changes_count found (klen=4, dlen=4) Apr 06 16:50:37.379758 osdx modulelauncher[9888]: AppDetect: no appdetect_chain refresh needed, nothing more to do Apr 06 16:50:37.452034 osdx WARNING[9981]: No supported link modes on interface eth0 Apr 06 16:50:37.453357 osdx modulelauncher[9981]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Apr 06 16:50:37.453372 osdx modulelauncher[9981]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Apr 06 16:50:37.454452 osdx modulelauncher[9981]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- Apr 06 16:50:37.454462 osdx modulelauncher[9981]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. Apr 06 16:50:37.520750 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:50:37.521463 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:50:37.521622 osdx ulogd[10006]: registering plugin `NFCT' Apr 06 16:50:37.521827 osdx ulogd[10006]: registering plugin `IP2STR' Apr 06 16:50:37.521880 osdx ulogd[10006]: registering plugin `PRINTFLOW' Apr 06 16:50:37.521933 osdx ulogd[10006]: registering plugin `SYSLOG' Apr 06 16:50:37.521939 osdx ulogd[10006]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Apr 06 16:50:37.521995 osdx ulogd[10006]: NFCT plugin working in event mode Apr 06 16:50:37.522035 osdx ulogd[10006]: Changing UID / GID Apr 06 16:50:37.522117 osdx ulogd[10006]: initialization finished, entering main loop Apr 06 16:50:37.522635 osdx cfgd[1668]: [5658]Completed change to active configuration Apr 06 16:50:37.535412 osdx OSDxCLI[5658]: User 'admin' committed the configuration. Apr 06 16:50:37.556478 osdx OSDxCLI[5658]: User 'admin' left the configuration menu. Apr 06 16:50:38.313602 osdx ulogd[10006]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:38.313624 osdx ulogd[10006]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:38.384525 osdx ulogd[10006]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:38.384548 osdx ulogd[10006]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:39.416525 osdx ulogd[10006]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] Apr 06 16:50:39.416555 osdx ulogd[10006]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:39.416571 osdx ulogd[10006]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:40.440515 osdx ulogd[10006]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] Apr 06 16:50:40.440539 osdx ulogd[10006]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:40.440554 osdx ulogd[10006]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:40.547490 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal show | cat'.
Step 7: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[DESTROY\].*APPDETECT\[L3:1\]Show output
Apr 06 16:50:36.284042 osdx systemd-journald[1874]: Runtime Journal (/run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1) is 1.8M, max 13.8M, 11.9M free. Apr 06 16:50:36.284469 osdx systemd-journald[1874]: Received client request to rotate journal, rotating. Apr 06 16:50:36.284500 osdx systemd-journald[1874]: Vacuuming done, freed 0B of archived journals from /run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1. Apr 06 16:50:36.295504 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal clear'. Apr 06 16:50:36.498131 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system coredump delete all'. Apr 06 16:50:36.749795 osdx OSDxCLI[5658]: User 'admin' entered the configuration menu. Apr 06 16:50:36.805208 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack app-detect'. Apr 06 16:50:36.904849 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack timeout icmp 1'. Apr 06 16:50:37.020013 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Apr 06 16:50:37.071196 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Apr 06 16:50:37.162868 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'show working'. Apr 06 16:50:37.220093 osdx ubnt-cfgd[9879]: inactive Apr 06 16:50:37.236778 osdx INFO[9885]: FRR daemons did not change Apr 06 16:50:37.372471 osdx kernel: app-detect: module init Apr 06 16:50:37.372547 osdx kernel: app-detect: registered: sysctl net.appdetect Apr 06 16:50:37.372563 osdx kernel: app-detect: expression init Apr 06 16:50:37.372580 osdx kernel: app-detect: appid cache initialized (override=yes, chained=yes) Apr 06 16:50:37.372592 osdx kernel: app-detect: appid cache changes counter set appid_changes_count found (klen=4, dlen=4) Apr 06 16:50:37.379758 osdx modulelauncher[9888]: AppDetect: no appdetect_chain refresh needed, nothing more to do Apr 06 16:50:37.452034 osdx WARNING[9981]: No supported link modes on interface eth0 Apr 06 16:50:37.453357 osdx modulelauncher[9981]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Apr 06 16:50:37.453372 osdx modulelauncher[9981]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Apr 06 16:50:37.454452 osdx modulelauncher[9981]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- Apr 06 16:50:37.454462 osdx modulelauncher[9981]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. Apr 06 16:50:37.520750 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:50:37.521463 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:50:37.521622 osdx ulogd[10006]: registering plugin `NFCT' Apr 06 16:50:37.521827 osdx ulogd[10006]: registering plugin `IP2STR' Apr 06 16:50:37.521880 osdx ulogd[10006]: registering plugin `PRINTFLOW' Apr 06 16:50:37.521933 osdx ulogd[10006]: registering plugin `SYSLOG' Apr 06 16:50:37.521939 osdx ulogd[10006]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Apr 06 16:50:37.521995 osdx ulogd[10006]: NFCT plugin working in event mode Apr 06 16:50:37.522035 osdx ulogd[10006]: Changing UID / GID Apr 06 16:50:37.522117 osdx ulogd[10006]: initialization finished, entering main loop Apr 06 16:50:37.522635 osdx cfgd[1668]: [5658]Completed change to active configuration Apr 06 16:50:37.535412 osdx OSDxCLI[5658]: User 'admin' committed the configuration. Apr 06 16:50:37.556478 osdx OSDxCLI[5658]: User 'admin' left the configuration menu. Apr 06 16:50:38.313602 osdx ulogd[10006]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:38.313624 osdx ulogd[10006]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:38.384525 osdx ulogd[10006]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:38.384548 osdx ulogd[10006]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:39.416525 osdx ulogd[10006]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] Apr 06 16:50:39.416555 osdx ulogd[10006]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:39.416571 osdx ulogd[10006]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:40.440515 osdx ulogd[10006]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] Apr 06 16:50:40.440539 osdx ulogd[10006]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:40.440554 osdx ulogd[10006]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:40.547490 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal show | cat'. Apr 06 16:50:40.670520 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal show | cat'.
Step 8: Modify the following configuration lines in DUT0 :
set interfaces ethernet eth1 address 10.215.168.64/24 set system conntrack app-detect http-host
Step 9: Ping IP address 10.215.168.1 from DUT0:
admin@DUT0$ ping 10.215.168.1 count 1 size 56 timeout 1Show output
PING 10.215.168.1 (10.215.168.1) 56(84) bytes of data. 64 bytes from 10.215.168.1: icmp_seq=1 ttl=64 time=0.245 ms --- 10.215.168.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.245/0.245/0.245/0.000 ms
Step 10: Run command file copy http://10.215.168.1/~robot/ running://index.html at DUT0 and expect this output:
Show output
% Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 4586 0 4586 0 0 157k 0 --:--:-- --:--:-- --:--:-- 159k
Step 11: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*APPDETECT\[L4:80 http-host:10.215.168.1\]Show output
Apr 06 16:50:36.284042 osdx systemd-journald[1874]: Runtime Journal (/run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1) is 1.8M, max 13.8M, 11.9M free. Apr 06 16:50:36.284469 osdx systemd-journald[1874]: Received client request to rotate journal, rotating. Apr 06 16:50:36.284500 osdx systemd-journald[1874]: Vacuuming done, freed 0B of archived journals from /run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1. Apr 06 16:50:36.295504 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal clear'. Apr 06 16:50:36.498131 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system coredump delete all'. Apr 06 16:50:36.749795 osdx OSDxCLI[5658]: User 'admin' entered the configuration menu. Apr 06 16:50:36.805208 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack app-detect'. Apr 06 16:50:36.904849 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack timeout icmp 1'. Apr 06 16:50:37.020013 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Apr 06 16:50:37.071196 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Apr 06 16:50:37.162868 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'show working'. Apr 06 16:50:37.220093 osdx ubnt-cfgd[9879]: inactive Apr 06 16:50:37.236778 osdx INFO[9885]: FRR daemons did not change Apr 06 16:50:37.372471 osdx kernel: app-detect: module init Apr 06 16:50:37.372547 osdx kernel: app-detect: registered: sysctl net.appdetect Apr 06 16:50:37.372563 osdx kernel: app-detect: expression init Apr 06 16:50:37.372580 osdx kernel: app-detect: appid cache initialized (override=yes, chained=yes) Apr 06 16:50:37.372592 osdx kernel: app-detect: appid cache changes counter set appid_changes_count found (klen=4, dlen=4) Apr 06 16:50:37.379758 osdx modulelauncher[9888]: AppDetect: no appdetect_chain refresh needed, nothing more to do Apr 06 16:50:37.452034 osdx WARNING[9981]: No supported link modes on interface eth0 Apr 06 16:50:37.453357 osdx modulelauncher[9981]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Apr 06 16:50:37.453372 osdx modulelauncher[9981]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Apr 06 16:50:37.454452 osdx modulelauncher[9981]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- Apr 06 16:50:37.454462 osdx modulelauncher[9981]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. Apr 06 16:50:37.520750 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:50:37.521463 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:50:37.521622 osdx ulogd[10006]: registering plugin `NFCT' Apr 06 16:50:37.521827 osdx ulogd[10006]: registering plugin `IP2STR' Apr 06 16:50:37.521880 osdx ulogd[10006]: registering plugin `PRINTFLOW' Apr 06 16:50:37.521933 osdx ulogd[10006]: registering plugin `SYSLOG' Apr 06 16:50:37.521939 osdx ulogd[10006]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Apr 06 16:50:37.521995 osdx ulogd[10006]: NFCT plugin working in event mode Apr 06 16:50:37.522035 osdx ulogd[10006]: Changing UID / GID Apr 06 16:50:37.522117 osdx ulogd[10006]: initialization finished, entering main loop Apr 06 16:50:37.522635 osdx cfgd[1668]: [5658]Completed change to active configuration Apr 06 16:50:37.535412 osdx OSDxCLI[5658]: User 'admin' committed the configuration. Apr 06 16:50:37.556478 osdx OSDxCLI[5658]: User 'admin' left the configuration menu. Apr 06 16:50:38.313602 osdx ulogd[10006]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:38.313624 osdx ulogd[10006]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:38.384525 osdx ulogd[10006]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:38.384548 osdx ulogd[10006]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:39.416525 osdx ulogd[10006]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] Apr 06 16:50:39.416555 osdx ulogd[10006]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:39.416571 osdx ulogd[10006]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:40.440515 osdx ulogd[10006]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] Apr 06 16:50:40.440539 osdx ulogd[10006]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:40.440554 osdx ulogd[10006]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:40.547490 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal show | cat'. Apr 06 16:50:40.670520 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal show | cat'. Apr 06 16:50:40.784256 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal show | cat'. Apr 06 16:50:40.979337 osdx OSDxCLI[5658]: User 'admin' entered the configuration menu. Apr 06 16:50:41.090042 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth1 address 10.215.168.64/24'. Apr 06 16:50:41.163803 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack app-detect http-host'. Apr 06 16:50:41.223125 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'show changes'. Apr 06 16:50:41.322175 osdx ubnt-cfgd[10057]: inactive Apr 06 16:50:41.343932 osdx INFO[10063]: FRR daemons did not change Apr 06 16:50:41.368474 osdx kernel: app-detect: expression destroy Apr 06 16:50:41.376466 osdx kernel: app-detect: expression init Apr 06 16:50:41.376521 osdx kernel: app-detect: appid cache initialized (override=yes, chained=yes) Apr 06 16:50:41.376533 osdx kernel: app-detect: appid cache changes counter set appid_changes_count found (klen=4, dlen=4) Apr 06 16:50:41.382717 osdx modulelauncher[10066]: AppDetect: no appdetect_chain refresh needed, nothing more to do Apr 06 16:50:41.454101 osdx WARNING[10146]: No supported link modes on interface eth1 Apr 06 16:50:41.455687 osdx modulelauncher[10146]: osdx.utils.xos cmd error: /sbin/ethtool -A eth1 autoneg on Apr 06 16:50:41.455699 osdx modulelauncher[10146]: Command '/sbin/ethtool -A eth1 autoneg on' returned non-zero exit status 76. Apr 06 16:50:41.457106 osdx modulelauncher[10146]: osdx.utils.xos cmd error: /sbin/ethtool -s eth1 autoneg on advertise Pause off Asym_Pause off -- Apr 06 16:50:41.457113 osdx modulelauncher[10146]: Command '/sbin/ethtool -s eth1 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. Apr 06 16:50:41.468622 osdx cfgd[1668]: [5658]Completed change to active configuration Apr 06 16:50:41.478739 osdx ulogd[10006]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] Apr 06 16:50:41.478762 osdx ulogd[10006]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] Apr 06 16:50:41.479423 osdx OSDxCLI[5658]: User 'admin' committed the configuration. Apr 06 16:50:41.494546 osdx OSDxCLI[5658]: User 'admin' left the configuration menu. Apr 06 16:50:41.635362 osdx ulogd[10006]: [NEW] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:41.637047 osdx ulogd[10006]: [UPDATE] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Apr 06 16:50:41.637264 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'ping 10.215.168.1 count 1 size 56 timeout 1'. Apr 06 16:50:41.782820 osdx file_operation[10200]: using src url: http://10.215.168.1/~robot/ dst url: running://index.html Apr 06 16:50:41.787364 osdx ulogd[10006]: [NEW] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=TCP SPT=53976 DPT=80 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=TCP SPT=80 DPT=53976 PKTS=0 BYTES=0 APPDETECT[L4:80] Apr 06 16:50:41.787491 osdx ulogd[10006]: [UPDATE] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=TCP SPT=53976 DPT=80 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=TCP SPT=80 DPT=53976 PKTS=0 BYTES=0 APPDETECT[L4:80] Apr 06 16:50:41.787508 osdx ulogd[10006]: [UPDATE] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=TCP SPT=53976 DPT=80 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=TCP SPT=80 DPT=53976 PKTS=0 BYTES=0 APPDETECT[L4:80] Apr 06 16:50:41.813375 osdx ulogd[10006]: [UPDATE] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=TCP SPT=53976 DPT=80 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=TCP SPT=80 DPT=53976 PKTS=0 BYTES=0 APPDETECT[L4:80 http-host:10.215.168.1] Apr 06 16:50:41.813459 osdx ulogd[10006]: [UPDATE] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=TCP SPT=53976 DPT=80 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=TCP SPT=80 DPT=53976 PKTS=0 BYTES=0 APPDETECT[L4:80 http-host:10.215.168.1] Apr 06 16:50:41.813486 osdx ulogd[10006]: [UPDATE] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=TCP SPT=53976 DPT=80 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=TCP SPT=80 DPT=53976 PKTS=0 BYTES=0 APPDETECT[L4:80 http-host:10.215.168.1] Apr 06 16:50:41.834684 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'file copy http://10.215.168.1/~robot/ running://index.html'.
App Detect Drop Packet
Description
Set a traffic policy with action drop for all the packets matching an appid specified by a traffic selector.
Enable http-host and http-url option in system conntrack appdetect path in order to see relevant information about http packets.
Finnally, log that packets with app-id option and check that appdetect field appear in journal when
running system journal show
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth1 address 10.215.168.64/24 set interfaces ethernet eth1 traffic policy out DROP set system conntrack app-detect dictionary 130 custom app-id 155 fqdn 10.215.168.1 set system conntrack app-detect enable_dict_match_priv_ip set system conntrack app-detect http-host set system conntrack app-detect http-url set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set traffic policy DROP rule 1 action drop set traffic policy DROP rule 1 log app-id set traffic policy DROP rule 1 selector APPID set traffic selector APPID rule 1 app-id custom 155
Step 2: Ping IP address 10.215.168.1 from DUT0:
admin@DUT0$ ping 10.215.168.1 count 1 size 56 timeout 1Show output
PING 10.215.168.1 (10.215.168.1) 56(84) bytes of data. 64 bytes from 10.215.168.1: icmp_seq=1 ttl=64 time=0.210 ms --- 10.215.168.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.210/0.210/0.210/0.000 ms
Step 3: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
osdx kernel:.*APPDETECT\[U6:155 http-url:/~robot/ http-host:10.215.168.1\]Show output
Apr 06 16:50:46.289755 osdx systemd-journald[1874]: Runtime Journal (/run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1) is 1.8M, max 13.8M, 11.9M free. Apr 06 16:50:46.292331 osdx systemd-journald[1874]: Received client request to rotate journal, rotating. Apr 06 16:50:46.292398 osdx systemd-journald[1874]: Vacuuming done, freed 0B of archived journals from /run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1. Apr 06 16:50:46.300286 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal clear'. Apr 06 16:50:46.508350 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system coredump delete all'. Apr 06 16:50:46.749382 osdx OSDxCLI[5658]: User 'admin' entered the configuration menu. Apr 06 16:50:46.810436 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack app-detect dictionary 130 custom app-id 155 fqdn 10.215.168.1'. Apr 06 16:50:46.898934 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack app-detect enable_dict_match_priv_ip'. Apr 06 16:50:46.950472 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack app-detect http-url'. Apr 06 16:50:47.064378 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set traffic selector APPID rule 1 app-id custom 155'. Apr 06 16:50:47.134238 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set traffic policy DROP rule 1 selector APPID'. Apr 06 16:50:47.223959 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set traffic policy DROP rule 1 action drop'. Apr 06 16:50:47.277143 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set traffic policy DROP rule 1 log app-id'. Apr 06 16:50:47.394087 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth1 traffic policy out DROP'. Apr 06 16:50:47.444062 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth1 address 10.215.168.64/24'. Apr 06 16:50:47.552007 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack app-detect http-host'. Apr 06 16:50:47.638831 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'show working'. Apr 06 16:50:47.726944 osdx ubnt-cfgd[10428]: inactive Apr 06 16:50:47.780709 osdx INFO[10452]: FRR daemons did not change Apr 06 16:50:47.964366 osdx kernel: app-detect: module init Apr 06 16:50:47.964508 osdx kernel: app-detect: registered: sysctl net.appdetect Apr 06 16:50:47.964541 osdx kernel: app-detect: expression init Apr 06 16:50:47.964554 osdx kernel: app-detect: appid cache initialized (override=yes, chained=yes) Apr 06 16:50:47.964566 osdx kernel: app-detect: appid cache changes counter set appid_changes_count found (klen=4, dlen=4) Apr 06 16:50:48.057482 osdx WARNING[10553]: No supported link modes on interface eth1 Apr 06 16:50:48.058758 osdx modulelauncher[10553]: osdx.utils.xos cmd error: /sbin/ethtool -A eth1 autoneg on Apr 06 16:50:48.058770 osdx modulelauncher[10553]: Command '/sbin/ethtool -A eth1 autoneg on' returned non-zero exit status 76. Apr 06 16:50:48.059876 osdx modulelauncher[10553]: osdx.utils.xos cmd error: /sbin/ethtool -s eth1 autoneg on advertise Pause off Asym_Pause off -- Apr 06 16:50:48.059885 osdx modulelauncher[10553]: Command '/sbin/ethtool -s eth1 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. Apr 06 16:50:48.483266 osdx cfgd[1668]: [5658]Completed change to active configuration Apr 06 16:50:48.494282 osdx OSDxCLI[5658]: User 'admin' committed the configuration. Apr 06 16:50:48.509826 osdx OSDxCLI[5658]: User 'admin' left the configuration menu. Apr 06 16:50:48.653923 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'ping 10.215.168.1 count 1 size 56 timeout 1'. Apr 06 16:50:48.789661 osdx file_operation[10636]: using src url: http://10.215.168.1/~robot/ dst url: running://index.html Apr 06 16:50:48.796328 osdx kernel: [DROP-1] DROP IN= OUT=eth1 SRC=10.215.168.64 DST=10.215.168.1 LEN=306 TOS=0x00 PREC=0x00 TTL=64 ID=13426 DF PROTO=TCP SPT=53988 DPT=80 WINDOW=502 RES=0x00 ACK PSH URGP=0 APPDETECT[U6:155 http-url:/~robot/ http-host:10.215.168.1] Apr 06 16:50:49.000347 osdx kernel: [DROP-1] DROP IN= OUT=eth1 SRC=10.215.168.64 DST=10.215.168.1 LEN=306 TOS=0x00 PREC=0x00 TTL=64 ID=13427 DF PROTO=TCP SPT=53988 DPT=80 WINDOW=502 RES=0x00 ACK PSH URGP=0 APPDETECT[U6:155 http-url:/~robot/ http-host:10.215.168.1] Apr 06 16:50:49.412383 osdx kernel: [DROP-1] DROP IN= OUT=eth1 SRC=10.215.168.64 DST=10.215.168.1 LEN=306 TOS=0x00 PREC=0x00 TTL=64 ID=13428 DF PROTO=TCP SPT=53988 DPT=80 WINDOW=502 RES=0x00 ACK PSH URGP=0 APPDETECT[U6:155 http-url:/~robot/ http-host:10.215.168.1] Apr 06 16:50:50.244365 osdx kernel: [DROP-1] DROP IN= OUT=eth1 SRC=10.215.168.64 DST=10.215.168.1 LEN=306 TOS=0x00 PREC=0x00 TTL=64 ID=13429 DF PROTO=TCP SPT=53988 DPT=80 WINDOW=502 RES=0x00 ACK PSH URGP=0 APPDETECT[U6:155 http-url:/~robot/ http-host:10.215.168.1] Apr 06 16:50:51.790886 osdx file_operation.py[10636]: Operation aborted by user. Apr 06 16:50:51.800329 osdx kernel: [DROP-1] DROP IN= OUT=eth1 SRC=10.215.168.64 DST=10.215.168.1 LEN=306 TOS=0x00 PREC=0x00 TTL=64 ID=13430 DF PROTO=TCP SPT=53988 DPT=80 WINDOW=502 RES=0x00 ACK PSH FIN URGP=0 APPDETECT[U6:155 http-url:/~robot/ http-host:10.215.168.1] Apr 06 16:50:51.805852 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'file copy http://10.215.168.1/~robot/ running://index.html'.
Identity Values
Description
Conntrack identity is able to contain any printed character (max 92 characters) but not spaces
Scenario
Step 1: Run command configure at DUT0 and expect this output:
Show output
admin@osdx#
Step 2: Run command set system conntrack logging identity "he||o w@rld!" at DUT0 and check if output contains the following tokens:
Identity name must be 92 characters or less and must contain printable characters except those defined as part of the space character classShow output
Identity name must be 92 characters or less and must contain printable characters except those defined as part of the space character class Value validation failed CLI Error: Command error
Step 3: Run command set system conntrack logging identity Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-amet-vita at DUT0 and check if output contains the following tokens:
Identity name must be 92 characters or less and must contain printable characters except those defined as part of the space character classShow output
Identity name must be 92 characters or less and must contain printable characters except those defined as part of the space character class Value validation failed CLI Error: Command error
Step 4: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set system conntrack logging events all set system conntrack logging identity Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 5: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 6: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.393 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.393/0.393/0.393/0.000 ms
Step 7: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.212 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.212/0.212/0.212/0.000 ms
Step 8: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*SRC=192.168.100.2Show output
Apr 06 16:50:56.308656 osdx systemd-journald[1874]: Runtime Journal (/run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1) is 1.8M, max 13.8M, 11.9M free. Apr 06 16:50:56.310661 osdx systemd-journald[1874]: Received client request to rotate journal, rotating. Apr 06 16:50:56.310714 osdx systemd-journald[1874]: Vacuuming done, freed 0B of archived journals from /run/log/journal/293dc2aea1d64ce28b6190ec5d49ceb1. Apr 06 16:50:56.318061 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system journal clear'. Apr 06 16:50:56.551025 osdx OSDxCLI[5658]: User 'admin' executed a new command: 'system coredump delete all'. Apr 06 16:50:56.805156 osdx OSDxCLI[5658]: User 'admin' entered the configuration menu. Apr 06 16:50:56.877066 osdx cfgd[1668]: [5658]Command output: Identity name must be 92 characters or less and must contain printable characters except those defined as part of the space character class Value validation failed Apr 06 16:50:56.878183 osdx OSDxCLI[5658]: User 'admin' entered an invalid command: 'set system conntrack logging identity "he||o w@rld!"'. Apr 06 16:50:56.986775 osdx cfgd[1668]: [5658]Command output: Identity name must be 92 characters or less and must contain printable characters except those defined as part of the space character class Value validation failed Apr 06 16:50:56.987925 osdx OSDxCLI[5658]: User 'admin' entered an invalid command: 'set system conntrack logging identity Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-amet-vita'. Apr 06 16:50:57.014986 osdx OSDxCLI[5658]: User 'admin' left the configuration menu. Apr 06 16:50:57.189885 osdx OSDxCLI[5658]: User 'admin' entered the configuration menu. Apr 06 16:50:57.274302 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Apr 06 16:50:57.358837 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Apr 06 16:50:57.415839 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'set system conntrack logging identity Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit'. Apr 06 16:50:57.515991 osdx OSDxCLI[5658]: User 'admin' added a new cfg line: 'show working'. Apr 06 16:50:57.574602 osdx ubnt-cfgd[10833]: inactive Apr 06 16:50:57.592009 osdx INFO[10839]: FRR daemons did not change Apr 06 16:50:57.657776 osdx WARNING[10910]: No supported link modes on interface eth0 Apr 06 16:50:57.659369 osdx modulelauncher[10910]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Apr 06 16:50:57.659382 osdx modulelauncher[10910]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Apr 06 16:50:57.660535 osdx modulelauncher[10910]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- Apr 06 16:50:57.660545 osdx modulelauncher[10910]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. Apr 06 16:50:57.715059 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Apr 06 16:50:57.715688 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Apr 06 16:50:57.715790 osdx ulogd[10935]: registering plugin `NFCT' Apr 06 16:50:57.715829 osdx ulogd[10935]: registering plugin `IP2STR' Apr 06 16:50:57.715865 osdx ulogd[10935]: registering plugin `PRINTFLOW' Apr 06 16:50:57.715909 osdx ulogd[10935]: registering plugin `SYSLOG' Apr 06 16:50:57.715912 osdx ulogd[10935]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Apr 06 16:50:57.715952 osdx ulogd[10935]: NFCT plugin working in event mode Apr 06 16:50:57.715959 osdx Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit[10935]: Changing UID / GID Apr 06 16:50:57.716024 osdx Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit[10935]: initialization finished, entering main loop Apr 06 16:50:57.716931 osdx cfgd[1668]: [5658]Completed change to active configuration Apr 06 16:50:57.728243 osdx OSDxCLI[5658]: User 'admin' committed the configuration. Apr 06 16:50:57.744307 osdx OSDxCLI[5658]: User 'admin' left the configuration menu. Apr 06 16:50:58.503342 osdx Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit[10935]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:50:58.503361 osdx Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit[10935]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:50:58.582831 osdx Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit[10935]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Apr 06 16:50:58.582849 osdx Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit[10935]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0