Logging
The following scenarios show how to configure the conntrack logging option with different traffic policies and services enabled, in order to check that all fields are displayed correctly and all events are captured.
New events
Description
Check NEW sessions events are captured
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set system conntrack logging events new set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.681 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.681/0.681/0.681/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.733 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.733/0.733/0.733/0.000 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[NEW\].*SRC=192.168.100.2Show output
Mar 23 07:01:37.294039 osdx systemd-journald[2224]: Runtime Journal (/run/log/journal/9342df493a59479ea19be04fa8920e8f) is 1.8M, max 13.8M, 12.0M free. Mar 23 07:01:37.297531 osdx systemd-journald[2224]: Received client request to rotate journal, rotating. Mar 23 07:01:37.297605 osdx systemd-journald[2224]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9342df493a59479ea19be04fa8920e8f. Mar 23 07:01:37.305778 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal clear'. Mar 23 07:01:37.515796 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system coredump delete all'. Mar 23 07:01:37.745422 osdx OSDxCLI[2568]: User 'admin' entered the configuration menu. Mar 23 07:01:37.836036 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Mar 23 07:01:37.927126 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack logging events new'. Mar 23 07:01:38.035384 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'show working'. Mar 23 07:01:38.097015 osdx ubnt-cfgd[5495]: inactive Mar 23 07:01:38.118856 osdx INFO[5501]: FRR daemons did not change Mar 23 07:01:38.206143 osdx WARNING[5573]: No supported link modes on interface eth0 Mar 23 07:01:38.207713 osdx modulelauncher[5573]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Mar 23 07:01:38.207726 osdx modulelauncher[5573]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Mar 23 07:01:38.208972 osdx modulelauncher[5573]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off -- Mar 23 07:01:38.208983 osdx modulelauncher[5573]: Command '/sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off --' returned non-zero exit status 75. Mar 23 07:01:38.266429 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:01:38.270217 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:01:38.272645 osdx cfgd[1860]: [2568]Completed change to active configuration Mar 23 07:01:38.272983 osdx ulogd[5598]: registering plugin `NFCT' Mar 23 07:01:38.274658 osdx ulogd[5598]: registering plugin `IP2STR' Mar 23 07:01:38.274750 osdx ulogd[5598]: registering plugin `PRINTFLOW' Mar 23 07:01:38.276075 osdx ulogd[5598]: registering plugin `SYSLOG' Mar 23 07:01:38.276084 osdx ulogd[5598]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Mar 23 07:01:38.276148 osdx ulogd[5598]: NFCT plugin working in event mode Mar 23 07:01:38.276171 osdx ulogd[5598]: Changing UID / GID Mar 23 07:01:38.276267 osdx ulogd[5598]: initialization finished, entering main loop Mar 23 07:01:38.284970 osdx OSDxCLI[2568]: User 'admin' committed the configuration. Mar 23 07:01:38.302067 osdx OSDxCLI[2568]: User 'admin' left the configuration menu. Mar 23 07:01:39.383000 osdx ulogd[5598]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:01:39.515490 osdx ulogd[5598]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0
Update events
Description
Check UPDATE sessions events are captured
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set system conntrack logging events update set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.751 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.751/0.751/0.751/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.649 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.649/0.649/0.649/0.000 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[UPDATE\].*SRC=192.168.100.2Show output
Mar 23 07:01:44.317509 osdx systemd-journald[2224]: Runtime Journal (/run/log/journal/9342df493a59479ea19be04fa8920e8f) is 1.8M, max 13.8M, 12.0M free. Mar 23 07:01:44.320167 osdx systemd-journald[2224]: Received client request to rotate journal, rotating. Mar 23 07:01:44.320241 osdx systemd-journald[2224]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9342df493a59479ea19be04fa8920e8f. Mar 23 07:01:44.329879 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal clear'. Mar 23 07:01:44.553124 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system coredump delete all'. Mar 23 07:01:44.806635 osdx OSDxCLI[2568]: User 'admin' entered the configuration menu. Mar 23 07:01:44.900703 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Mar 23 07:01:44.954621 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack logging events update'. Mar 23 07:01:45.061828 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'show working'. Mar 23 07:01:45.123435 osdx ubnt-cfgd[5798]: inactive Mar 23 07:01:45.142483 osdx INFO[5804]: FRR daemons did not change Mar 23 07:01:45.227012 osdx WARNING[5876]: No supported link modes on interface eth0 Mar 23 07:01:45.228462 osdx modulelauncher[5876]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Mar 23 07:01:45.228475 osdx modulelauncher[5876]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Mar 23 07:01:45.229648 osdx modulelauncher[5876]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off -- Mar 23 07:01:45.229658 osdx modulelauncher[5876]: Command '/sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off --' returned non-zero exit status 75. Mar 23 07:01:45.276526 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:01:45.277403 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:01:45.277600 osdx ulogd[5901]: registering plugin `NFCT' Mar 23 07:01:45.277649 osdx ulogd[5901]: registering plugin `IP2STR' Mar 23 07:01:45.277691 osdx ulogd[5901]: registering plugin `PRINTFLOW' Mar 23 07:01:45.277740 osdx ulogd[5901]: registering plugin `SYSLOG' Mar 23 07:01:45.277744 osdx ulogd[5901]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Mar 23 07:01:45.277795 osdx ulogd[5901]: NFCT plugin working in event mode Mar 23 07:01:45.277810 osdx ulogd[5901]: Changing UID / GID Mar 23 07:01:45.277893 osdx ulogd[5901]: initialization finished, entering main loop Mar 23 07:01:45.279076 osdx cfgd[1860]: [2568]Completed change to active configuration Mar 23 07:01:45.293828 osdx OSDxCLI[2568]: User 'admin' committed the configuration. Mar 23 07:01:45.309261 osdx OSDxCLI[2568]: User 'admin' left the configuration menu. Mar 23 07:01:46.198094 osdx ulogd[5901]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:01:46.311926 osdx ulogd[5901]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0
Destroy events
Description
Check DESTROY sessions events are captured
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set service ssh set system conntrack logging events destroy set system conntrack timeout icmp 1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.703 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.703/0.703/0.703/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 3 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.634 ms 64 bytes from 192.168.100.1: icmp_seq=2 ttl=64 time=0.304 ms 64 bytes from 192.168.100.1: icmp_seq=3 ttl=64 time=0.330 ms --- 192.168.100.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2053ms rtt min/avg/max/mdev = 0.304/0.422/0.634/0.149 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[DESTROY\].*SRC=192.168.100.2Show output
Mar 23 07:01:51.271798 osdx systemd-journald[2224]: Runtime Journal (/run/log/journal/9342df493a59479ea19be04fa8920e8f) is 1.8M, max 13.8M, 11.9M free. Mar 23 07:01:51.272263 osdx systemd-journald[2224]: Received client request to rotate journal, rotating. Mar 23 07:01:51.272306 osdx systemd-journald[2224]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9342df493a59479ea19be04fa8920e8f. Mar 23 07:01:51.281715 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal clear'. Mar 23 07:01:51.503007 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system coredump delete all'. Mar 23 07:01:51.763388 osdx OSDxCLI[2568]: User 'admin' entered the configuration menu. Mar 23 07:01:51.856280 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Mar 23 07:01:51.918060 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack logging events destroy'. Mar 23 07:01:52.040271 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack timeout icmp 1'. Mar 23 07:01:52.097716 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set service ssh'. Mar 23 07:01:52.245660 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'show working'. Mar 23 07:01:52.315292 osdx ubnt-cfgd[6103]: inactive Mar 23 07:01:52.390940 osdx INFO[6124]: FRR daemons did not change Mar 23 07:01:52.476907 osdx WARNING[6198]: No supported link modes on interface eth0 Mar 23 07:01:52.478704 osdx modulelauncher[6198]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Mar 23 07:01:52.478720 osdx modulelauncher[6198]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Mar 23 07:01:52.480342 osdx modulelauncher[6198]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off -- Mar 23 07:01:52.480354 osdx modulelauncher[6198]: Command '/sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off --' returned non-zero exit status 75. Mar 23 07:01:52.524459 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:01:52.525320 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:01:52.525482 osdx ulogd[6223]: registering plugin `NFCT' Mar 23 07:01:52.525527 osdx ulogd[6223]: registering plugin `IP2STR' Mar 23 07:01:52.525566 osdx ulogd[6223]: registering plugin `PRINTFLOW' Mar 23 07:01:52.525618 osdx ulogd[6223]: registering plugin `SYSLOG' Mar 23 07:01:52.525622 osdx ulogd[6223]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Mar 23 07:01:52.525672 osdx ulogd[6223]: NFCT plugin working in event mode Mar 23 07:01:52.525681 osdx ulogd[6223]: Changing UID / GID Mar 23 07:01:52.525766 osdx ulogd[6223]: initialization finished, entering main loop Mar 23 07:01:52.568834 osdx systemd[1]: Starting ssh.service - OpenBSD Secure Shell server... Mar 23 07:01:52.579675 osdx sshd[6244]: Server listening on 0.0.0.0 port 22. Mar 23 07:01:52.579700 osdx sshd[6244]: Server listening on :: port 22. Mar 23 07:01:52.579784 osdx systemd[1]: Started ssh.service - OpenBSD Secure Shell server. Mar 23 07:01:52.580700 osdx cfgd[1860]: [2568]Completed change to active configuration Mar 23 07:01:52.594380 osdx OSDxCLI[2568]: User 'admin' committed the configuration. Mar 23 07:01:52.621522 osdx OSDxCLI[2568]: User 'admin' left the configuration menu. Mar 23 07:01:54.706590 osdx ulogd[6223]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 Mar 23 07:01:55.730623 osdx ulogd[6223]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84
Default logging
Description
Set a simple configuration, send a ping command from one device to other
and check that default fields appear when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set system conntrack logging events all set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.783 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.783/0.783/0.783/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.410 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.410/0.410/0.410/0.000 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*SRC=192.168.100.2Show output
Mar 23 07:02:03.278571 osdx systemd-journald[2224]: Runtime Journal (/run/log/journal/9342df493a59479ea19be04fa8920e8f) is 1.8M, max 13.8M, 11.9M free. Mar 23 07:02:03.280139 osdx systemd-journald[2224]: Received client request to rotate journal, rotating. Mar 23 07:02:03.280187 osdx systemd-journald[2224]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9342df493a59479ea19be04fa8920e8f. Mar 23 07:02:03.287928 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal clear'. Mar 23 07:02:03.496482 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system coredump delete all'. Mar 23 07:02:03.709807 osdx OSDxCLI[2568]: User 'admin' entered the configuration menu. Mar 23 07:02:03.801670 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Mar 23 07:02:03.870141 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Mar 23 07:02:03.985128 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'show working'. Mar 23 07:02:04.056257 osdx ubnt-cfgd[6470]: inactive Mar 23 07:02:04.074167 osdx INFO[6476]: FRR daemons did not change Mar 23 07:02:04.153170 osdx WARNING[6548]: No supported link modes on interface eth0 Mar 23 07:02:04.154816 osdx modulelauncher[6548]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Mar 23 07:02:04.154829 osdx modulelauncher[6548]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Mar 23 07:02:04.156257 osdx modulelauncher[6548]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off -- Mar 23 07:02:04.156266 osdx modulelauncher[6548]: Command '/sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off --' returned non-zero exit status 75. Mar 23 07:02:04.196527 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:02:04.197414 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:02:04.197673 osdx ulogd[6573]: registering plugin `NFCT' Mar 23 07:02:04.197724 osdx ulogd[6573]: registering plugin `IP2STR' Mar 23 07:02:04.197859 osdx ulogd[6573]: registering plugin `PRINTFLOW' Mar 23 07:02:04.197961 osdx ulogd[6573]: registering plugin `SYSLOG' Mar 23 07:02:04.197966 osdx ulogd[6573]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Mar 23 07:02:04.198044 osdx ulogd[6573]: NFCT plugin working in event mode Mar 23 07:02:04.198057 osdx ulogd[6573]: Changing UID / GID Mar 23 07:02:04.198143 osdx ulogd[6573]: initialization finished, entering main loop Mar 23 07:02:04.199145 osdx cfgd[1860]: [2568]Completed change to active configuration Mar 23 07:02:04.210689 osdx OSDxCLI[2568]: User 'admin' committed the configuration. Mar 23 07:02:04.234347 osdx OSDxCLI[2568]: User 'admin' left the configuration menu. Mar 23 07:02:05.078685 osdx ulogd[6573]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:02:05.078710 osdx ulogd[6573]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:02:05.218069 osdx ulogd[6573]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:02:05.218093 osdx ulogd[6573]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0
Identity logging
Description
Set a simple configuration with identity OSDx_DUT0 for logs entries, send a ping command from one device to other
and check that the identity has changed when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set system conntrack logging events all set system conntrack logging identity OSDx_DUT0 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.564 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.564/0.564/0.564/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.701 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.701/0.701/0.701/0.000 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
OSDx_DUT0\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*SRC=192.168.100.2Show output
Mar 23 07:02:09.307738 osdx systemd-journald[2224]: Runtime Journal (/run/log/journal/9342df493a59479ea19be04fa8920e8f) is 1.8M, max 13.8M, 11.9M free. Mar 23 07:02:09.308321 osdx systemd-journald[2224]: Received client request to rotate journal, rotating. Mar 23 07:02:09.308361 osdx systemd-journald[2224]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9342df493a59479ea19be04fa8920e8f. Mar 23 07:02:09.319257 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal clear'. Mar 23 07:02:09.529736 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system coredump delete all'. Mar 23 07:02:09.737029 osdx OSDxCLI[2568]: User 'admin' entered the configuration menu. Mar 23 07:02:09.828705 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Mar 23 07:02:09.929101 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Mar 23 07:02:10.057696 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack logging identity OSDx_DUT0'. Mar 23 07:02:10.181197 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'show working'. Mar 23 07:02:10.243962 osdx ubnt-cfgd[6774]: inactive Mar 23 07:02:10.263199 osdx INFO[6780]: FRR daemons did not change Mar 23 07:02:10.343316 osdx WARNING[6852]: No supported link modes on interface eth0 Mar 23 07:02:10.345050 osdx modulelauncher[6852]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Mar 23 07:02:10.345062 osdx modulelauncher[6852]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Mar 23 07:02:10.346260 osdx modulelauncher[6852]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off -- Mar 23 07:02:10.346268 osdx modulelauncher[6852]: Command '/sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off --' returned non-zero exit status 75. Mar 23 07:02:10.384618 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:02:10.385371 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:02:10.385545 osdx ulogd[6877]: registering plugin `NFCT' Mar 23 07:02:10.385592 osdx ulogd[6877]: registering plugin `IP2STR' Mar 23 07:02:10.385633 osdx ulogd[6877]: registering plugin `PRINTFLOW' Mar 23 07:02:10.385680 osdx ulogd[6877]: registering plugin `SYSLOG' Mar 23 07:02:10.385684 osdx ulogd[6877]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Mar 23 07:02:10.385732 osdx ulogd[6877]: NFCT plugin working in event mode Mar 23 07:02:10.385742 osdx OSDx_DUT0[6877]: Changing UID / GID Mar 23 07:02:10.385823 osdx OSDx_DUT0[6877]: initialization finished, entering main loop Mar 23 07:02:10.386852 osdx cfgd[1860]: [2568]Completed change to active configuration Mar 23 07:02:10.398309 osdx OSDxCLI[2568]: User 'admin' committed the configuration. Mar 23 07:02:10.427280 osdx OSDxCLI[2568]: User 'admin' left the configuration menu. Mar 23 07:02:11.353059 osdx OSDx_DUT0[6877]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:02:11.353083 osdx OSDx_DUT0[6877]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:02:11.453112 osdx OSDx_DUT0[6877]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:02:11.453136 osdx OSDx_DUT0[6877]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0
Note
If the identity is not provided, “ulogd” will be used by default.
Step 6: Modify the following configuration lines in DUT0 :
delete system conntrack logging identity
Step 7: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.281 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.281/0.281/0.281/0.000 ms
Step 8: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*SRC=192.168.100.2Show output
Mar 23 07:02:09.307738 osdx systemd-journald[2224]: Runtime Journal (/run/log/journal/9342df493a59479ea19be04fa8920e8f) is 1.8M, max 13.8M, 11.9M free. Mar 23 07:02:09.308321 osdx systemd-journald[2224]: Received client request to rotate journal, rotating. Mar 23 07:02:09.308361 osdx systemd-journald[2224]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9342df493a59479ea19be04fa8920e8f. Mar 23 07:02:09.319257 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal clear'. Mar 23 07:02:09.529736 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system coredump delete all'. Mar 23 07:02:09.737029 osdx OSDxCLI[2568]: User 'admin' entered the configuration menu. Mar 23 07:02:09.828705 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Mar 23 07:02:09.929101 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Mar 23 07:02:10.057696 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack logging identity OSDx_DUT0'. Mar 23 07:02:10.181197 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'show working'. Mar 23 07:02:10.243962 osdx ubnt-cfgd[6774]: inactive Mar 23 07:02:10.263199 osdx INFO[6780]: FRR daemons did not change Mar 23 07:02:10.343316 osdx WARNING[6852]: No supported link modes on interface eth0 Mar 23 07:02:10.345050 osdx modulelauncher[6852]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Mar 23 07:02:10.345062 osdx modulelauncher[6852]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Mar 23 07:02:10.346260 osdx modulelauncher[6852]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off -- Mar 23 07:02:10.346268 osdx modulelauncher[6852]: Command '/sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off --' returned non-zero exit status 75. Mar 23 07:02:10.384618 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:02:10.385371 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:02:10.385545 osdx ulogd[6877]: registering plugin `NFCT' Mar 23 07:02:10.385592 osdx ulogd[6877]: registering plugin `IP2STR' Mar 23 07:02:10.385633 osdx ulogd[6877]: registering plugin `PRINTFLOW' Mar 23 07:02:10.385680 osdx ulogd[6877]: registering plugin `SYSLOG' Mar 23 07:02:10.385684 osdx ulogd[6877]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Mar 23 07:02:10.385732 osdx ulogd[6877]: NFCT plugin working in event mode Mar 23 07:02:10.385742 osdx OSDx_DUT0[6877]: Changing UID / GID Mar 23 07:02:10.385823 osdx OSDx_DUT0[6877]: initialization finished, entering main loop Mar 23 07:02:10.386852 osdx cfgd[1860]: [2568]Completed change to active configuration Mar 23 07:02:10.398309 osdx OSDxCLI[2568]: User 'admin' committed the configuration. Mar 23 07:02:10.427280 osdx OSDxCLI[2568]: User 'admin' left the configuration menu. Mar 23 07:02:11.353059 osdx OSDx_DUT0[6877]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:02:11.353083 osdx OSDx_DUT0[6877]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:02:11.453112 osdx OSDx_DUT0[6877]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:02:11.453136 osdx OSDx_DUT0[6877]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:02:11.556638 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal show | cat'. Mar 23 07:02:11.708606 osdx OSDxCLI[2568]: User 'admin' entered the configuration menu. Mar 23 07:02:11.766408 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'delete system conntrack logging identity'. Mar 23 07:02:11.867416 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'show changes'. Mar 23 07:02:11.926995 osdx ubnt-cfgd[6913]: inactive Mar 23 07:02:11.945426 osdx INFO[6919]: FRR daemons did not change Mar 23 07:02:11.956287 osdx OSDx_DUT0[6877]: Terminal signal received, exiting Mar 23 07:02:11.956357 osdx systemd[1]: Stopping ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:02:11.956693 osdx systemd[1]: ulogd2.service: Deactivated successfully. Mar 23 07:02:11.956790 osdx systemd[1]: Stopped ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:02:11.996691 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:02:11.997441 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:02:11.997597 osdx ulogd[6927]: registering plugin `NFCT' Mar 23 07:02:11.997645 osdx ulogd[6927]: registering plugin `IP2STR' Mar 23 07:02:11.997680 osdx ulogd[6927]: registering plugin `PRINTFLOW' Mar 23 07:02:11.997722 osdx ulogd[6927]: registering plugin `SYSLOG' Mar 23 07:02:11.997725 osdx ulogd[6927]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Mar 23 07:02:11.997765 osdx ulogd[6927]: NFCT plugin working in event mode Mar 23 07:02:11.997774 osdx ulogd[6927]: Changing UID / GID Mar 23 07:02:11.997841 osdx ulogd[6927]: initialization finished, entering main loop Mar 23 07:02:11.998874 osdx cfgd[1860]: [2568]Completed change to active configuration Mar 23 07:02:12.000638 osdx ulogd[6927]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 Mar 23 07:02:12.000658 osdx ulogd[6927]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 Mar 23 07:02:12.001351 osdx OSDxCLI[2568]: User 'admin' committed the configuration. Mar 23 07:02:12.035934 osdx OSDxCLI[2568]: User 'admin' left the configuration menu. Mar 23 07:02:12.168743 osdx ulogd[6927]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:02:12.168762 osdx ulogd[6927]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0
Policies logging
Description
Set a simple configuration with mark and label traffic policies,
send a ping command from one device to other
and check that default, mark and label fields appear when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set interfaces ethernet eth0 traffic policy in POLICY set system conntrack logging events all set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set traffic label TEST set traffic policy POLICY rule 1 set connmark 33 set traffic policy POLICY rule 1 set label TEST
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.863 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.863/0.863/0.863/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 2 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.306 ms 64 bytes from 192.168.100.1: icmp_seq=2 ttl=64 time=0.318 ms --- 192.168.100.1 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1005ms rtt min/avg/max/mdev = 0.306/0.312/0.318/0.006 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*MARK=33.*LABELS=TESTShow output
Mar 23 07:02:17.295663 osdx systemd-journald[2224]: Runtime Journal (/run/log/journal/9342df493a59479ea19be04fa8920e8f) is 1.8M, max 13.8M, 11.9M free. Mar 23 07:02:17.298385 osdx systemd-journald[2224]: Received client request to rotate journal, rotating. Mar 23 07:02:17.298469 osdx systemd-journald[2224]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9342df493a59479ea19be04fa8920e8f. Mar 23 07:02:17.306870 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal clear'. Mar 23 07:02:17.527450 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system coredump delete all'. Mar 23 07:02:17.800208 osdx OSDxCLI[2568]: User 'admin' entered the configuration menu. Mar 23 07:02:17.906980 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 traffic policy in POLICY'. Mar 23 07:02:17.963074 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set traffic label TEST'. Mar 23 07:02:18.064441 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set traffic policy POLICY rule 1 set connmark 33'. Mar 23 07:02:18.117523 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set traffic policy POLICY rule 1 set label TEST'. Mar 23 07:02:18.217638 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Mar 23 07:02:18.291144 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Mar 23 07:02:18.424822 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'show working'. Mar 23 07:02:18.498458 osdx ubnt-cfgd[7107]: inactive Mar 23 07:02:18.529948 osdx INFO[7121]: FRR daemons did not change Mar 23 07:02:18.627942 osdx WARNING[7193]: No supported link modes on interface eth0 Mar 23 07:02:18.629846 osdx modulelauncher[7193]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Mar 23 07:02:18.629860 osdx modulelauncher[7193]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Mar 23 07:02:18.631394 osdx modulelauncher[7193]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off -- Mar 23 07:02:18.631403 osdx modulelauncher[7193]: Command '/sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off --' returned non-zero exit status 75. Mar 23 07:02:18.678774 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:02:18.679822 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:02:18.679958 osdx ulogd[7218]: registering plugin `NFCT' Mar 23 07:02:18.680008 osdx ulogd[7218]: registering plugin `IP2STR' Mar 23 07:02:18.680058 osdx ulogd[7218]: registering plugin `PRINTFLOW' Mar 23 07:02:18.680114 osdx ulogd[7218]: registering plugin `SYSLOG' Mar 23 07:02:18.680118 osdx ulogd[7218]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Mar 23 07:02:18.680177 osdx ulogd[7218]: NFCT plugin working in event mode Mar 23 07:02:18.680188 osdx ulogd[7218]: Changing UID / GID Mar 23 07:02:18.680279 osdx ulogd[7218]: initialization finished, entering main loop Mar 23 07:02:18.691441 osdx ulogd[7218]: Terminal signal received, exiting Mar 23 07:02:18.691665 osdx systemd[1]: Stopping ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:02:18.691948 osdx systemd[1]: ulogd2.service: Deactivated successfully. Mar 23 07:02:18.692067 osdx systemd[1]: Stopped ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:02:18.693157 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:02:18.694215 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:02:18.694413 osdx ulogd[7224]: registering plugin `NFCT' Mar 23 07:02:18.694463 osdx ulogd[7224]: registering plugin `IP2STR' Mar 23 07:02:18.694515 osdx ulogd[7224]: registering plugin `PRINTFLOW' Mar 23 07:02:18.694571 osdx ulogd[7224]: registering plugin `SYSLOG' Mar 23 07:02:18.694575 osdx ulogd[7224]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Mar 23 07:02:18.694624 osdx ulogd[7224]: NFCT plugin working in event mode Mar 23 07:02:18.694631 osdx ulogd[7224]: Changing UID / GID Mar 23 07:02:18.694701 osdx ulogd[7224]: initialization finished, entering main loop Mar 23 07:02:19.014383 osdx cfgd[1860]: [2568]Completed change to active configuration Mar 23 07:02:19.029018 osdx OSDxCLI[2568]: User 'admin' committed the configuration. Mar 23 07:02:19.096650 osdx OSDxCLI[2568]: User 'admin' left the configuration menu. Mar 23 07:02:20.061658 osdx ulogd[7224]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 MARK=33 LABELS=TEST Mar 23 07:02:20.061683 osdx ulogd[7224]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 MARK=33 Mar 23 07:02:20.156457 osdx ulogd[7224]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 MARK=33 LABELS=TEST Mar 23 07:02:20.156482 osdx ulogd[7224]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 MARK=33
VRF logging
Description
Set a simple configuration with a vrf,
send a ping command from one device to other
and check that default and vrf fields appear when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set interfaces ethernet eth0 vrf RED set protocols vrf RED static route 0.0.0.0/0 next-hop 192.168.100.2 set system conntrack logging events all set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set system vrf RED
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.582 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.582/0.582/0.582/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.293 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.293/0.293/0.293/0.000 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*VRF=REDShow output
Mar 23 07:02:25.000180 osdx systemd-timedated[2255]: Changed local time to Mon 2026-03-23 07:02:25 UTC Mar 23 07:02:25.001327 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'set date 2026-03-23 07:02:25'. Mar 23 07:02:25.001570 osdx systemd-journald[2224]: Time jumped backwards, rotating. Mar 23 07:02:25.358640 osdx systemd-journald[2224]: Runtime Journal (/run/log/journal/9342df493a59479ea19be04fa8920e8f) is 1.8M, max 13.8M, 11.9M free. Mar 23 07:02:25.361581 osdx systemd-journald[2224]: Received client request to rotate journal, rotating. Mar 23 07:02:25.361644 osdx systemd-journald[2224]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9342df493a59479ea19be04fa8920e8f. Mar 23 07:02:25.370492 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal clear'. Mar 23 07:02:25.584392 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system coredump delete all'. Mar 23 07:02:25.828648 osdx OSDxCLI[2568]: User 'admin' entered the configuration menu. Mar 23 07:02:25.914782 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 vrf RED'. Mar 23 07:02:25.990684 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set protocols vrf RED static route 0.0.0.0/0 next-hop 192.168.100.2'. Mar 23 07:02:26.076577 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system vrf RED'. Mar 23 07:02:26.136282 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Mar 23 07:02:26.227704 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Mar 23 07:02:26.323454 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'show working'. Mar 23 07:02:26.406102 osdx ubnt-cfgd[7478]: inactive Mar 23 07:02:26.428004 osdx INFO[7484]: FRR daemons did not change Mar 23 07:02:26.438137 osdx (udev-worker)[7494]: RED: Could not disable auto negotiation, ignoring: Operation not supported Mar 23 07:02:26.438162 osdx (udev-worker)[7494]: Network interface NamePolicy= disabled on kernel command line. Mar 23 07:02:26.524417 osdx WARNING[7577]: No supported link modes on interface eth0 Mar 23 07:02:26.525820 osdx modulelauncher[7577]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Mar 23 07:02:26.525834 osdx modulelauncher[7577]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Mar 23 07:02:26.527015 osdx modulelauncher[7577]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off -- Mar 23 07:02:26.527024 osdx modulelauncher[7577]: Command '/sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off --' returned non-zero exit status 75. Mar 23 07:02:26.633863 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:02:26.634644 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:02:26.634792 osdx ulogd[7663]: registering plugin `NFCT' Mar 23 07:02:26.635009 osdx ulogd[7663]: registering plugin `IP2STR' Mar 23 07:02:26.635054 osdx ulogd[7663]: registering plugin `PRINTFLOW' Mar 23 07:02:26.635107 osdx ulogd[7663]: registering plugin `SYSLOG' Mar 23 07:02:26.635119 osdx ulogd[7663]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Mar 23 07:02:26.635175 osdx ulogd[7663]: NFCT plugin working in event mode Mar 23 07:02:26.635190 osdx ulogd[7663]: Changing UID / GID Mar 23 07:02:26.635278 osdx ulogd[7663]: initialization finished, entering main loop Mar 23 07:02:26.636600 osdx cfgd[1860]: [2568]Completed change to active configuration Mar 23 07:02:26.648482 osdx OSDxCLI[2568]: User 'admin' committed the configuration. Mar 23 07:02:26.668616 osdx OSDxCLI[2568]: User 'admin' left the configuration menu. Mar 23 07:02:27.562946 osdx ulogd[7663]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:02:27.562968 osdx ulogd[7663]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:02:27.653423 osdx ulogd[7663]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:02:27.653446 osdx ulogd[7663]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0
Not-Bypass logging
Description
Set a simple configuration with a firewall service,
send a ping command from one device to other
and check that default and bypass fields appear when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth1 address 10.215.168.64/24 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Ping IP address 10.215.168.1 from DUT0:
admin@DUT0$ ping 10.215.168.1 count 1 size 56 timeout 1Show output
PING 10.215.168.1 (10.215.168.1) 56(84) bytes of data. 64 bytes from 10.215.168.1: icmp_seq=1 ttl=64 time=0.253 ms --- 10.215.168.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.253/0.253/0.253/0.000 ms
Step 3: Run command file copy http://10.215.168.1/~robot/test-performance.rules running:// force at DUT0 and expect this output:
Show output
% Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 129 100 129 0 0 18125 0 --:--:-- --:--:-- --:--:-- 18428
Step 4: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set interfaces ethernet eth0 traffic policy in POLICY set interfaces ethernet eth1 address 10.215.168.64/24 set service firewall FW mode inline queue FW_Q set service firewall FW ruleset file 'running://test-performance.rules' set service firewall FW stream bypass mark 129834765 set service firewall FW stream bypass mask 129834765 set service firewall FW stream bypass set-connmark set system conntrack logging events all set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set traffic policy POLICY rule 1 action enqueue FW_Q set traffic queue FW_Q elements 1
Step 5: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 6: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.930 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.930/0.930/0.930/0.000 ms
Step 7: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.363 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.363/0.363/0.363/0.000 ms
Step 8: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*Sc: not-bypassShow output
Mar 23 07:02:32.328094 osdx systemd-journald[2224]: Runtime Journal (/run/log/journal/9342df493a59479ea19be04fa8920e8f) is 1.9M, max 13.8M, 11.9M free. Mar 23 07:02:32.328778 osdx systemd-journald[2224]: Received client request to rotate journal, rotating. Mar 23 07:02:32.328823 osdx systemd-journald[2224]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9342df493a59479ea19be04fa8920e8f. Mar 23 07:02:32.340934 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal clear'. Mar 23 07:02:32.578089 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system coredump delete all'. Mar 23 07:02:32.816925 osdx OSDxCLI[2568]: User 'admin' entered the configuration menu. Mar 23 07:02:32.903489 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth1 address 10.215.168.64/24'. Mar 23 07:02:32.973155 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'show working'. Mar 23 07:02:33.074269 osdx ubnt-cfgd[7949]: inactive Mar 23 07:02:33.093767 osdx INFO[7955]: FRR daemons did not change Mar 23 07:02:33.171640 osdx WARNING[8024]: No supported link modes on interface eth1 Mar 23 07:02:33.173096 osdx modulelauncher[8024]: osdx.utils.xos cmd error: /sbin/ethtool -A eth1 autoneg on Mar 23 07:02:33.173110 osdx modulelauncher[8024]: Command '/sbin/ethtool -A eth1 autoneg on' returned non-zero exit status 76. Mar 23 07:02:33.174391 osdx modulelauncher[8024]: osdx.utils.xos cmd error: /sbin/ethtool -s eth1 autoneg on advertise Asym_Pause off Pause off -- Mar 23 07:02:33.174406 osdx modulelauncher[8024]: Command '/sbin/ethtool -s eth1 autoneg on advertise Asym_Pause off Pause off --' returned non-zero exit status 75. Mar 23 07:02:33.186770 osdx cfgd[1860]: [2568]Completed change to active configuration Mar 23 07:02:33.198839 osdx OSDxCLI[2568]: User 'admin' committed the configuration. Mar 23 07:02:33.220832 osdx OSDxCLI[2568]: User 'admin' left the configuration menu. Mar 23 07:02:33.387452 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'ping 10.215.168.1 count 1 size 56 timeout 1'. Mar 23 07:02:33.540098 osdx file_operation[8080]: using src url: http://10.215.168.1/~robot/test-performance.rules dst url: running:// Mar 23 07:02:33.567826 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'file copy http://10.215.168.1/~robot/test-performance.rules running:// force'. Mar 23 07:02:33.710440 osdx OSDxCLI[2568]: User 'admin' entered the configuration menu. Mar 23 07:02:33.771330 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 traffic policy in POLICY'. Mar 23 07:02:33.872594 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set service firewall FW mode inline queue FW_Q'. Mar 23 07:02:33.926366 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set service firewall FW ruleset file running://test-performance.rules'. Mar 23 07:02:34.023761 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set service firewall FW stream bypass'. Mar 23 07:02:34.122623 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set service firewall FW stream bypass mark 129834765'. Mar 23 07:02:34.216751 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set service firewall FW stream bypass mask 129834765'. Mar 23 07:02:34.302656 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set service firewall FW stream bypass set-connmark'. Mar 23 07:02:34.382735 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set traffic queue FW_Q elements 1'. Mar 23 07:02:34.538704 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set traffic policy POLICY rule 1 action enqueue FW_Q'. Mar 23 07:02:34.685547 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Mar 23 07:02:34.736606 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Mar 23 07:02:34.854175 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'show working'. Mar 23 07:02:34.930252 osdx ubnt-cfgd[8115]: inactive Mar 23 07:02:34.990766 osdx INFO[8132]: FRR daemons did not change Mar 23 07:02:35.070825 osdx WARNING[8204]: No supported link modes on interface eth0 Mar 23 07:02:35.072233 osdx modulelauncher[8204]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Mar 23 07:02:35.072245 osdx modulelauncher[8204]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Mar 23 07:02:35.073446 osdx modulelauncher[8204]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off -- Mar 23 07:02:35.073457 osdx modulelauncher[8204]: Command '/sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off --' returned non-zero exit status 75. Mar 23 07:02:35.120878 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:02:35.121522 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:02:35.121701 osdx ulogd[8229]: registering plugin `NFCT' Mar 23 07:02:35.121753 osdx ulogd[8229]: registering plugin `IP2STR' Mar 23 07:02:35.121795 osdx ulogd[8229]: registering plugin `PRINTFLOW' Mar 23 07:02:35.121852 osdx ulogd[8229]: registering plugin `SYSLOG' Mar 23 07:02:35.121857 osdx ulogd[8229]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Mar 23 07:02:35.121904 osdx ulogd[8229]: NFCT plugin working in event mode Mar 23 07:02:35.121914 osdx ulogd[8229]: Changing UID / GID Mar 23 07:02:35.121997 osdx ulogd[8229]: initialization finished, entering main loop Mar 23 07:02:35.365622 osdx ulogd[8229]: Terminal signal received, exiting Mar 23 07:02:35.365715 osdx systemd[1]: Stopping ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:02:35.366000 osdx systemd[1]: ulogd2.service: Deactivated successfully. Mar 23 07:02:35.366100 osdx systemd[1]: Stopped ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:02:35.380825 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:02:35.381718 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:02:35.381772 osdx ulogd[8257]: registering plugin `NFCT' Mar 23 07:02:35.381807 osdx ulogd[8257]: registering plugin `IP2STR' Mar 23 07:02:35.381840 osdx ulogd[8257]: registering plugin `PRINTFLOW' Mar 23 07:02:35.381879 osdx ulogd[8257]: registering plugin `SYSLOG' Mar 23 07:02:35.381882 osdx ulogd[8257]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Mar 23 07:02:35.381920 osdx ulogd[8257]: NFCT plugin working in event mode Mar 23 07:02:35.381927 osdx ulogd[8257]: Changing UID / GID Mar 23 07:02:35.381990 osdx ulogd[8257]: initialization finished, entering main loop Mar 23 07:02:35.429437 osdx systemd[1]: Reloading. Mar 23 07:02:35.464545 osdx systemd-sysv-generator[8277]: stat() failed on /etc/init.d/README, ignoring: No such file or directory Mar 23 07:02:35.588852 osdx systemd[1]: Starting logrotate.service - Rotate log files... Mar 23 07:02:35.592745 osdx systemd[1]: Created slice system-suricata.slice - Slice /system/suricata. Mar 23 07:02:35.593450 osdx systemd[1]: Starting suricata@FW.service - Suricata client "FW" service... Mar 23 07:02:35.618943 osdx systemd[1]: logrotate.service: Deactivated successfully. Mar 23 07:02:35.619108 osdx systemd[1]: Finished logrotate.service - Rotate log files. Mar 23 07:02:35.897773 osdx systemd[1]: Started suricata@FW.service - Suricata client "FW" service. Mar 23 07:02:36.383856 osdx INFO[8259]: Rules successfully loaded Mar 23 07:02:36.384590 osdx cfgd[1860]: [2568]Completed change to active configuration Mar 23 07:02:36.399183 osdx OSDxCLI[2568]: User 'admin' committed the configuration. Mar 23 07:02:36.415015 osdx OSDxCLI[2568]: User 'admin' left the configuration menu. Mar 23 07:02:37.286012 osdx ulogd[8257]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 (Sc: not-bypass) Mar 23 07:02:37.286035 osdx ulogd[8257]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 (Sc: not-bypass) Mar 23 07:02:37.364790 osdx ulogd[8257]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 (Sc: not-bypass) Mar 23 07:02:37.364812 osdx ulogd[8257]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 (Sc: not-bypass)
Offload flag
Description
Set a simple configuration with DUT0 as an intermediary between DUT1
and DUT2. Initiate a ssh connection from DUT1 to DUT2
and check that default and offload fields appear when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set interfaces ethernet eth1 address 192.168.200.1/24 set system conntrack logging events all set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Set the following configuration in DUT2 :
set interfaces ethernet eth0 address 192.168.200.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.200.1 set service ssh set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.904 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.904/0.904/0.904/0.000 ms
Step 5: Ping IP address 192.168.200.1 from DUT2:
admin@DUT2$ ping 192.168.200.1 count 1 size 56 timeout 1Show output
PING 192.168.200.1 (192.168.200.1) 56(84) bytes of data. 64 bytes from 192.168.200.1: icmp_seq=1 ttl=64 time=0.912 ms --- 192.168.200.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.912/0.912/0.912/0.000 ms
Step 6: Init an SSH connection from DUT1 to IP address 192.168.200.2 with the user admin:
admin@DUT1$ ssh admin@192.168.200.2 option StrictHostKeyChecking=no option UserKnownHostsFile=/dev/nullShow output
Warning: Permanently added '192.168.200.2' (ECDSA) to the list of known hosts. admin@192.168.200.2's password: Welcome to Teldat OSDx v4.2.9.1 This system includes free software. Contact Teldat for licenses information and source code. Last login: Mon Mar 23 06:55:28 2026 admin@osdx$
Step 7: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*\[OFFLOAD\]Show output
Mar 23 07:02:44.302202 osdx systemd-journald[2224]: Runtime Journal (/run/log/journal/9342df493a59479ea19be04fa8920e8f) is 1.9M, max 13.8M, 11.9M free. Mar 23 07:02:44.305296 osdx systemd-journald[2224]: Received client request to rotate journal, rotating. Mar 23 07:02:44.305365 osdx systemd-journald[2224]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9342df493a59479ea19be04fa8920e8f. Mar 23 07:02:44.311869 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal clear'. Mar 23 07:02:44.558699 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system coredump delete all'. Mar 23 07:02:44.782121 osdx OSDxCLI[2568]: User 'admin' entered the configuration menu. Mar 23 07:02:44.876522 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth1 address 192.168.200.1/24'. Mar 23 07:02:44.959341 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Mar 23 07:02:45.053971 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Mar 23 07:02:45.145431 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'show working'. Mar 23 07:02:45.246863 osdx ubnt-cfgd[8601]: inactive Mar 23 07:02:45.267901 osdx INFO[8607]: FRR daemons did not change Mar 23 07:02:45.347893 osdx WARNING[8679]: No supported link modes on interface eth1 Mar 23 07:02:45.349331 osdx modulelauncher[8679]: osdx.utils.xos cmd error: /sbin/ethtool -A eth1 autoneg on Mar 23 07:02:45.349343 osdx modulelauncher[8679]: Command '/sbin/ethtool -A eth1 autoneg on' returned non-zero exit status 76. Mar 23 07:02:45.350424 osdx modulelauncher[8679]: osdx.utils.xos cmd error: /sbin/ethtool -s eth1 autoneg on advertise Asym_Pause off Pause off -- Mar 23 07:02:45.350433 osdx modulelauncher[8679]: Command '/sbin/ethtool -s eth1 autoneg on advertise Asym_Pause off Pause off --' returned non-zero exit status 75. Mar 23 07:02:45.433789 osdx WARNING[8759]: No supported link modes on interface eth0 Mar 23 07:02:45.435376 osdx modulelauncher[8759]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Mar 23 07:02:45.435391 osdx modulelauncher[8759]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Mar 23 07:02:45.436907 osdx modulelauncher[8759]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off -- Mar 23 07:02:45.436916 osdx modulelauncher[8759]: Command '/sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off --' returned non-zero exit status 75. Mar 23 07:02:45.485582 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:02:45.486265 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:02:45.486424 osdx ulogd[8785]: registering plugin `NFCT' Mar 23 07:02:45.486471 osdx ulogd[8785]: registering plugin `IP2STR' Mar 23 07:02:45.486512 osdx ulogd[8785]: registering plugin `PRINTFLOW' Mar 23 07:02:45.486560 osdx ulogd[8785]: registering plugin `SYSLOG' Mar 23 07:02:45.486565 osdx ulogd[8785]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Mar 23 07:02:45.486614 osdx ulogd[8785]: NFCT plugin working in event mode Mar 23 07:02:45.486622 osdx ulogd[8785]: Changing UID / GID Mar 23 07:02:45.486697 osdx ulogd[8785]: initialization finished, entering main loop Mar 23 07:02:45.487529 osdx cfgd[1860]: [2568]Completed change to active configuration Mar 23 07:02:45.501418 osdx OSDxCLI[2568]: User 'admin' committed the configuration. Mar 23 07:02:45.530395 osdx OSDxCLI[2568]: User 'admin' left the configuration menu. Mar 23 07:02:47.370761 osdx ulogd[8785]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:02:47.370781 osdx ulogd[8785]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:02:47.480221 osdx ulogd[8785]: [NEW] ORIG: SRC=192.168.200.2 DST=192.168.200.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.1 DST=192.168.200.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:02:47.480243 osdx ulogd[8785]: [UPDATE] ORIG: SRC=192.168.200.2 DST=192.168.200.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.1 DST=192.168.200.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:02:47.581137 osdx ulogd[8785]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.200.2 PROTO=TCP SPT=39880 DPT=22 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.2 DST=192.168.100.2 PROTO=TCP SPT=22 DPT=39880 PKTS=0 BYTES=0 Mar 23 07:02:47.583143 osdx ulogd[8785]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.200.2 PROTO=TCP SPT=39880 DPT=22 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.2 DST=192.168.100.2 PROTO=TCP SPT=22 DPT=39880 PKTS=0 BYTES=0 Mar 23 07:02:47.585244 osdx ulogd[8785]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.200.2 PROTO=TCP SPT=39880 DPT=22 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.2 DST=192.168.100.2 PROTO=TCP SPT=22 DPT=39880 PKTS=0 BYTES=0 [OFFLOAD] Mar 23 07:02:47.905956 osdx ulogd[8785]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.200.2 PROTO=TCP SPT=39880 DPT=22 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.2 DST=192.168.100.2 PROTO=TCP SPT=22 DPT=39880 PKTS=0 BYTES=0 Mar 23 07:02:47.905978 osdx ulogd[8785]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.200.2 PROTO=TCP SPT=39880 DPT=22 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.2 DST=192.168.100.2 PROTO=TCP SPT=22 DPT=39880 PKTS=0 BYTES=0 [OFFLOAD] Mar 23 07:02:47.907407 osdx ulogd[8785]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.200.2 PROTO=TCP SPT=39880 DPT=22 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.2 DST=192.168.100.2 PROTO=TCP SPT=22 DPT=39880 PKTS=0 BYTES=0 Mar 23 07:02:47.907464 osdx ulogd[8785]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.200.2 PROTO=TCP SPT=39880 DPT=22 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.2 DST=192.168.100.2 PROTO=TCP SPT=22 DPT=39880 PKTS=0 BYTES=0 [OFFLOAD]
App detect logging
Description
Set a simple configuration enabling app detection in system conntrack, send a ping command from DUT1
and check app detect field appears when running system journal show. After that, enabling app detection
in system conntrack for http host, try to copy index.html from a http server
and check that the app detect field appears and belongs to the http server when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set system conntrack app-detect set system conntrack logging events all set system conntrack timeout icmp 1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.872 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.872/0.872/0.872/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 3 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.811 ms 64 bytes from 192.168.100.1: icmp_seq=2 ttl=64 time=0.365 ms 64 bytes from 192.168.100.1: icmp_seq=3 ttl=64 time=0.344 ms --- 192.168.100.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2049ms rtt min/avg/max/mdev = 0.344/0.506/0.811/0.215 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[NEW\].*APPDETECT\[L3:1\]Show output
Mar 23 07:02:53.337123 osdx systemd-journald[2224]: Runtime Journal (/run/log/journal/9342df493a59479ea19be04fa8920e8f) is 1.8M, max 13.8M, 11.9M free. Mar 23 07:02:53.339286 osdx systemd-journald[2224]: Received client request to rotate journal, rotating. Mar 23 07:02:53.339347 osdx systemd-journald[2224]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9342df493a59479ea19be04fa8920e8f. Mar 23 07:02:53.348211 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal clear'. Mar 23 07:02:53.572765 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system coredump delete all'. Mar 23 07:02:53.868556 osdx OSDxCLI[2568]: User 'admin' entered the configuration menu. Mar 23 07:02:53.930134 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack app-detect'. Mar 23 07:02:54.030116 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack timeout icmp 1'. Mar 23 07:02:54.156735 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Mar 23 07:02:54.210238 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Mar 23 07:02:54.349566 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'show working'. Mar 23 07:02:54.409146 osdx ubnt-cfgd[9020]: inactive Mar 23 07:02:54.433843 osdx INFO[9026]: FRR daemons did not change Mar 23 07:02:54.595338 osdx kernel: nfUDPlink: module init Mar 23 07:02:54.599283 osdx kernel: app-detect: module init Mar 23 07:02:54.599334 osdx kernel: app-detect: registered: sysctl net.appdetect Mar 23 07:02:54.599347 osdx kernel: nfUDPlink: connected 127.0.0.1:49000 Mar 23 07:02:54.599358 osdx kernel: nfUDPlink: added destination 127.0.0.1:49000 Mar 23 07:02:54.599369 osdx kernel: app-detect: expression init Mar 23 07:02:54.599380 osdx kernel: app-detect: appid cache initialized (override=yes, chained=yes) Mar 23 07:02:54.599392 osdx kernel: app-detect: cache changes counter set appid_changes_count found (klen=4, dlen=4) Mar 23 07:02:54.608502 osdx modulelauncher[9029]: AppDetect: no appdetect_chain refresh needed, nothing more to do Mar 23 07:02:54.611381 osdx INFO[9054]: Stopping Traffic Categorization (TCATD) service ... Mar 23 07:02:54.707467 osdx WARNING[9129]: No supported link modes on interface eth0 Mar 23 07:02:54.708924 osdx modulelauncher[9129]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Mar 23 07:02:54.708939 osdx modulelauncher[9129]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Mar 23 07:02:54.710115 osdx modulelauncher[9129]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off -- Mar 23 07:02:54.710127 osdx modulelauncher[9129]: Command '/sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off --' returned non-zero exit status 75. Mar 23 07:02:54.747827 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:02:54.748753 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:02:54.748783 osdx ulogd[9154]: registering plugin `NFCT' Mar 23 07:02:54.748816 osdx ulogd[9154]: registering plugin `IP2STR' Mar 23 07:02:54.748853 osdx ulogd[9154]: registering plugin `PRINTFLOW' Mar 23 07:02:54.748892 osdx ulogd[9154]: registering plugin `SYSLOG' Mar 23 07:02:54.748896 osdx ulogd[9154]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Mar 23 07:02:54.748937 osdx ulogd[9154]: NFCT plugin working in event mode Mar 23 07:02:54.748949 osdx ulogd[9154]: Changing UID / GID Mar 23 07:02:54.749022 osdx ulogd[9154]: initialization finished, entering main loop Mar 23 07:02:54.750204 osdx cfgd[1860]: [2568]Completed change to active configuration Mar 23 07:02:54.765010 osdx OSDxCLI[2568]: User 'admin' committed the configuration. Mar 23 07:02:54.786287 osdx OSDxCLI[2568]: User 'admin' left the configuration menu. Mar 23 07:02:55.760654 osdx ulogd[9154]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:55.760679 osdx ulogd[9154]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:55.853516 osdx ulogd[9154]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:55.853539 osdx ulogd[9154]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:56.878030 osdx ulogd[9154]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] Mar 23 07:02:56.878052 osdx ulogd[9154]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:56.878062 osdx ulogd[9154]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:57.901971 osdx ulogd[9154]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] Mar 23 07:02:57.901999 osdx ulogd[9154]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:57.902023 osdx ulogd[9154]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1]
Step 6: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[UPDATE\].*APPDETECT\[L3:1\]Show output
Mar 23 07:02:53.337123 osdx systemd-journald[2224]: Runtime Journal (/run/log/journal/9342df493a59479ea19be04fa8920e8f) is 1.8M, max 13.8M, 11.9M free. Mar 23 07:02:53.339286 osdx systemd-journald[2224]: Received client request to rotate journal, rotating. Mar 23 07:02:53.339347 osdx systemd-journald[2224]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9342df493a59479ea19be04fa8920e8f. Mar 23 07:02:53.348211 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal clear'. Mar 23 07:02:53.572765 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system coredump delete all'. Mar 23 07:02:53.868556 osdx OSDxCLI[2568]: User 'admin' entered the configuration menu. Mar 23 07:02:53.930134 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack app-detect'. Mar 23 07:02:54.030116 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack timeout icmp 1'. Mar 23 07:02:54.156735 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Mar 23 07:02:54.210238 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Mar 23 07:02:54.349566 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'show working'. Mar 23 07:02:54.409146 osdx ubnt-cfgd[9020]: inactive Mar 23 07:02:54.433843 osdx INFO[9026]: FRR daemons did not change Mar 23 07:02:54.595338 osdx kernel: nfUDPlink: module init Mar 23 07:02:54.599283 osdx kernel: app-detect: module init Mar 23 07:02:54.599334 osdx kernel: app-detect: registered: sysctl net.appdetect Mar 23 07:02:54.599347 osdx kernel: nfUDPlink: connected 127.0.0.1:49000 Mar 23 07:02:54.599358 osdx kernel: nfUDPlink: added destination 127.0.0.1:49000 Mar 23 07:02:54.599369 osdx kernel: app-detect: expression init Mar 23 07:02:54.599380 osdx kernel: app-detect: appid cache initialized (override=yes, chained=yes) Mar 23 07:02:54.599392 osdx kernel: app-detect: cache changes counter set appid_changes_count found (klen=4, dlen=4) Mar 23 07:02:54.608502 osdx modulelauncher[9029]: AppDetect: no appdetect_chain refresh needed, nothing more to do Mar 23 07:02:54.611381 osdx INFO[9054]: Stopping Traffic Categorization (TCATD) service ... Mar 23 07:02:54.707467 osdx WARNING[9129]: No supported link modes on interface eth0 Mar 23 07:02:54.708924 osdx modulelauncher[9129]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Mar 23 07:02:54.708939 osdx modulelauncher[9129]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Mar 23 07:02:54.710115 osdx modulelauncher[9129]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off -- Mar 23 07:02:54.710127 osdx modulelauncher[9129]: Command '/sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off --' returned non-zero exit status 75. Mar 23 07:02:54.747827 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:02:54.748753 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:02:54.748783 osdx ulogd[9154]: registering plugin `NFCT' Mar 23 07:02:54.748816 osdx ulogd[9154]: registering plugin `IP2STR' Mar 23 07:02:54.748853 osdx ulogd[9154]: registering plugin `PRINTFLOW' Mar 23 07:02:54.748892 osdx ulogd[9154]: registering plugin `SYSLOG' Mar 23 07:02:54.748896 osdx ulogd[9154]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Mar 23 07:02:54.748937 osdx ulogd[9154]: NFCT plugin working in event mode Mar 23 07:02:54.748949 osdx ulogd[9154]: Changing UID / GID Mar 23 07:02:54.749022 osdx ulogd[9154]: initialization finished, entering main loop Mar 23 07:02:54.750204 osdx cfgd[1860]: [2568]Completed change to active configuration Mar 23 07:02:54.765010 osdx OSDxCLI[2568]: User 'admin' committed the configuration. Mar 23 07:02:54.786287 osdx OSDxCLI[2568]: User 'admin' left the configuration menu. Mar 23 07:02:55.760654 osdx ulogd[9154]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:55.760679 osdx ulogd[9154]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:55.853516 osdx ulogd[9154]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:55.853539 osdx ulogd[9154]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:56.878030 osdx ulogd[9154]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] Mar 23 07:02:56.878052 osdx ulogd[9154]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:56.878062 osdx ulogd[9154]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:57.901971 osdx ulogd[9154]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] Mar 23 07:02:57.901999 osdx ulogd[9154]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:57.902023 osdx ulogd[9154]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:58.027953 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal show | cat'.
Step 7: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[DESTROY\].*APPDETECT\[L3:1\]Show output
Mar 23 07:02:53.337123 osdx systemd-journald[2224]: Runtime Journal (/run/log/journal/9342df493a59479ea19be04fa8920e8f) is 1.8M, max 13.8M, 11.9M free. Mar 23 07:02:53.339286 osdx systemd-journald[2224]: Received client request to rotate journal, rotating. Mar 23 07:02:53.339347 osdx systemd-journald[2224]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9342df493a59479ea19be04fa8920e8f. Mar 23 07:02:53.348211 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal clear'. Mar 23 07:02:53.572765 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system coredump delete all'. Mar 23 07:02:53.868556 osdx OSDxCLI[2568]: User 'admin' entered the configuration menu. Mar 23 07:02:53.930134 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack app-detect'. Mar 23 07:02:54.030116 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack timeout icmp 1'. Mar 23 07:02:54.156735 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Mar 23 07:02:54.210238 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Mar 23 07:02:54.349566 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'show working'. Mar 23 07:02:54.409146 osdx ubnt-cfgd[9020]: inactive Mar 23 07:02:54.433843 osdx INFO[9026]: FRR daemons did not change Mar 23 07:02:54.595338 osdx kernel: nfUDPlink: module init Mar 23 07:02:54.599283 osdx kernel: app-detect: module init Mar 23 07:02:54.599334 osdx kernel: app-detect: registered: sysctl net.appdetect Mar 23 07:02:54.599347 osdx kernel: nfUDPlink: connected 127.0.0.1:49000 Mar 23 07:02:54.599358 osdx kernel: nfUDPlink: added destination 127.0.0.1:49000 Mar 23 07:02:54.599369 osdx kernel: app-detect: expression init Mar 23 07:02:54.599380 osdx kernel: app-detect: appid cache initialized (override=yes, chained=yes) Mar 23 07:02:54.599392 osdx kernel: app-detect: cache changes counter set appid_changes_count found (klen=4, dlen=4) Mar 23 07:02:54.608502 osdx modulelauncher[9029]: AppDetect: no appdetect_chain refresh needed, nothing more to do Mar 23 07:02:54.611381 osdx INFO[9054]: Stopping Traffic Categorization (TCATD) service ... Mar 23 07:02:54.707467 osdx WARNING[9129]: No supported link modes on interface eth0 Mar 23 07:02:54.708924 osdx modulelauncher[9129]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Mar 23 07:02:54.708939 osdx modulelauncher[9129]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Mar 23 07:02:54.710115 osdx modulelauncher[9129]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off -- Mar 23 07:02:54.710127 osdx modulelauncher[9129]: Command '/sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off --' returned non-zero exit status 75. Mar 23 07:02:54.747827 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:02:54.748753 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:02:54.748783 osdx ulogd[9154]: registering plugin `NFCT' Mar 23 07:02:54.748816 osdx ulogd[9154]: registering plugin `IP2STR' Mar 23 07:02:54.748853 osdx ulogd[9154]: registering plugin `PRINTFLOW' Mar 23 07:02:54.748892 osdx ulogd[9154]: registering plugin `SYSLOG' Mar 23 07:02:54.748896 osdx ulogd[9154]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Mar 23 07:02:54.748937 osdx ulogd[9154]: NFCT plugin working in event mode Mar 23 07:02:54.748949 osdx ulogd[9154]: Changing UID / GID Mar 23 07:02:54.749022 osdx ulogd[9154]: initialization finished, entering main loop Mar 23 07:02:54.750204 osdx cfgd[1860]: [2568]Completed change to active configuration Mar 23 07:02:54.765010 osdx OSDxCLI[2568]: User 'admin' committed the configuration. Mar 23 07:02:54.786287 osdx OSDxCLI[2568]: User 'admin' left the configuration menu. Mar 23 07:02:55.760654 osdx ulogd[9154]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:55.760679 osdx ulogd[9154]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:55.853516 osdx ulogd[9154]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:55.853539 osdx ulogd[9154]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:56.878030 osdx ulogd[9154]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] Mar 23 07:02:56.878052 osdx ulogd[9154]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:56.878062 osdx ulogd[9154]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:57.901971 osdx ulogd[9154]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] Mar 23 07:02:57.901999 osdx ulogd[9154]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:57.902023 osdx ulogd[9154]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:58.027953 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal show | cat'. Mar 23 07:02:58.199748 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal show | cat'.
Step 8: Modify the following configuration lines in DUT0 :
set interfaces ethernet eth1 address 10.215.168.64/24 set system conntrack app-detect http-host
Step 9: Ping IP address 10.215.168.1 from DUT0:
admin@DUT0$ ping 10.215.168.1 count 1 size 56 timeout 1Show output
PING 10.215.168.1 (10.215.168.1) 56(84) bytes of data. 64 bytes from 10.215.168.1: icmp_seq=1 ttl=64 time=0.550 ms --- 10.215.168.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.550/0.550/0.550/0.000 ms
Step 10: Run command file copy http://10.215.168.1/~robot/ running://index.html force at DUT0 and expect this output:
Show output
% Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 972 0 972 0 0 78539 0 --:--:-- --:--:-- --:--:-- 81000
Step 11: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*APPDETECT\[L4:80 http-host:10.215.168.1\]Show output
Mar 23 07:02:53.337123 osdx systemd-journald[2224]: Runtime Journal (/run/log/journal/9342df493a59479ea19be04fa8920e8f) is 1.8M, max 13.8M, 11.9M free. Mar 23 07:02:53.339286 osdx systemd-journald[2224]: Received client request to rotate journal, rotating. Mar 23 07:02:53.339347 osdx systemd-journald[2224]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9342df493a59479ea19be04fa8920e8f. Mar 23 07:02:53.348211 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal clear'. Mar 23 07:02:53.572765 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system coredump delete all'. Mar 23 07:02:53.868556 osdx OSDxCLI[2568]: User 'admin' entered the configuration menu. Mar 23 07:02:53.930134 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack app-detect'. Mar 23 07:02:54.030116 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack timeout icmp 1'. Mar 23 07:02:54.156735 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Mar 23 07:02:54.210238 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Mar 23 07:02:54.349566 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'show working'. Mar 23 07:02:54.409146 osdx ubnt-cfgd[9020]: inactive Mar 23 07:02:54.433843 osdx INFO[9026]: FRR daemons did not change Mar 23 07:02:54.595338 osdx kernel: nfUDPlink: module init Mar 23 07:02:54.599283 osdx kernel: app-detect: module init Mar 23 07:02:54.599334 osdx kernel: app-detect: registered: sysctl net.appdetect Mar 23 07:02:54.599347 osdx kernel: nfUDPlink: connected 127.0.0.1:49000 Mar 23 07:02:54.599358 osdx kernel: nfUDPlink: added destination 127.0.0.1:49000 Mar 23 07:02:54.599369 osdx kernel: app-detect: expression init Mar 23 07:02:54.599380 osdx kernel: app-detect: appid cache initialized (override=yes, chained=yes) Mar 23 07:02:54.599392 osdx kernel: app-detect: cache changes counter set appid_changes_count found (klen=4, dlen=4) Mar 23 07:02:54.608502 osdx modulelauncher[9029]: AppDetect: no appdetect_chain refresh needed, nothing more to do Mar 23 07:02:54.611381 osdx INFO[9054]: Stopping Traffic Categorization (TCATD) service ... Mar 23 07:02:54.707467 osdx WARNING[9129]: No supported link modes on interface eth0 Mar 23 07:02:54.708924 osdx modulelauncher[9129]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Mar 23 07:02:54.708939 osdx modulelauncher[9129]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Mar 23 07:02:54.710115 osdx modulelauncher[9129]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off -- Mar 23 07:02:54.710127 osdx modulelauncher[9129]: Command '/sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off --' returned non-zero exit status 75. Mar 23 07:02:54.747827 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:02:54.748753 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:02:54.748783 osdx ulogd[9154]: registering plugin `NFCT' Mar 23 07:02:54.748816 osdx ulogd[9154]: registering plugin `IP2STR' Mar 23 07:02:54.748853 osdx ulogd[9154]: registering plugin `PRINTFLOW' Mar 23 07:02:54.748892 osdx ulogd[9154]: registering plugin `SYSLOG' Mar 23 07:02:54.748896 osdx ulogd[9154]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Mar 23 07:02:54.748937 osdx ulogd[9154]: NFCT plugin working in event mode Mar 23 07:02:54.748949 osdx ulogd[9154]: Changing UID / GID Mar 23 07:02:54.749022 osdx ulogd[9154]: initialization finished, entering main loop Mar 23 07:02:54.750204 osdx cfgd[1860]: [2568]Completed change to active configuration Mar 23 07:02:54.765010 osdx OSDxCLI[2568]: User 'admin' committed the configuration. Mar 23 07:02:54.786287 osdx OSDxCLI[2568]: User 'admin' left the configuration menu. Mar 23 07:02:55.760654 osdx ulogd[9154]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:55.760679 osdx ulogd[9154]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:55.853516 osdx ulogd[9154]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:55.853539 osdx ulogd[9154]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:56.878030 osdx ulogd[9154]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] Mar 23 07:02:56.878052 osdx ulogd[9154]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:56.878062 osdx ulogd[9154]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:57.901971 osdx ulogd[9154]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] Mar 23 07:02:57.901999 osdx ulogd[9154]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:57.902023 osdx ulogd[9154]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:58.027953 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal show | cat'. Mar 23 07:02:58.199748 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal show | cat'. Mar 23 07:02:58.377663 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal show | cat'. Mar 23 07:02:58.584051 osdx OSDxCLI[2568]: User 'admin' entered the configuration menu. Mar 23 07:02:58.686373 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth1 address 10.215.168.64/24'. Mar 23 07:02:58.792710 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack app-detect http-host'. Mar 23 07:02:58.859158 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'show changes'. Mar 23 07:02:58.966875 osdx ubnt-cfgd[9206]: inactive Mar 23 07:02:58.986842 osdx INFO[9212]: FRR daemons did not change Mar 23 07:02:59.027289 osdx kernel: app-detect: expression destroy Mar 23 07:02:59.039295 osdx kernel: app-detect: expression init Mar 23 07:02:59.039345 osdx kernel: app-detect: appid cache initialized (override=yes, chained=yes) Mar 23 07:02:59.039359 osdx kernel: app-detect: cache changes counter set appid_changes_count found (klen=4, dlen=4) Mar 23 07:02:59.045751 osdx modulelauncher[9215]: AppDetect: no appdetect_chain refresh needed, nothing more to do Mar 23 07:02:59.048360 osdx INFO[9231]: Stopping Traffic Categorization (TCATD) service ... Mar 23 07:02:59.136426 osdx WARNING[9301]: No supported link modes on interface eth1 Mar 23 07:02:59.138265 osdx modulelauncher[9301]: osdx.utils.xos cmd error: /sbin/ethtool -A eth1 autoneg on Mar 23 07:02:59.138280 osdx modulelauncher[9301]: Command '/sbin/ethtool -A eth1 autoneg on' returned non-zero exit status 76. Mar 23 07:02:59.139823 osdx modulelauncher[9301]: osdx.utils.xos cmd error: /sbin/ethtool -s eth1 autoneg on advertise Asym_Pause off Pause off -- Mar 23 07:02:59.139834 osdx modulelauncher[9301]: Command '/sbin/ethtool -s eth1 autoneg on advertise Asym_Pause off Pause off --' returned non-zero exit status 75. Mar 23 07:02:59.153043 osdx cfgd[1860]: [2568]Completed change to active configuration Mar 23 07:02:59.164551 osdx ulogd[9154]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] Mar 23 07:02:59.164568 osdx ulogd[9154]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] Mar 23 07:02:59.165233 osdx OSDxCLI[2568]: User 'admin' committed the configuration. Mar 23 07:02:59.180989 osdx OSDxCLI[2568]: User 'admin' left the configuration menu. Mar 23 07:02:59.343189 osdx ulogd[9154]: [NEW] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:59.343413 osdx ulogd[9154]: [UPDATE] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] Mar 23 07:02:59.345491 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'ping 10.215.168.1 count 1 size 56 timeout 1'. Mar 23 07:02:59.516191 osdx file_operation[9357]: using src url: http://10.215.168.1/~robot/ dst url: running://index.html Mar 23 07:02:59.528606 osdx ulogd[9154]: [NEW] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=TCP SPT=52328 DPT=80 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=TCP SPT=80 DPT=52328 PKTS=0 BYTES=0 APPDETECT[L4:80] Mar 23 07:02:59.528777 osdx ulogd[9154]: [UPDATE] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=TCP SPT=52328 DPT=80 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=TCP SPT=80 DPT=52328 PKTS=0 BYTES=0 APPDETECT[L4:80] Mar 23 07:02:59.528968 osdx ulogd[9154]: [UPDATE] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=TCP SPT=52328 DPT=80 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=TCP SPT=80 DPT=52328 PKTS=0 BYTES=0 APPDETECT[L4:80] Mar 23 07:02:59.532848 osdx ulogd[9154]: [UPDATE] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=TCP SPT=52328 DPT=80 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=TCP SPT=80 DPT=52328 PKTS=0 BYTES=0 APPDETECT[L4:80 http-host:10.215.168.1] Mar 23 07:02:59.532889 osdx ulogd[9154]: [UPDATE] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=TCP SPT=52328 DPT=80 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=TCP SPT=80 DPT=52328 PKTS=0 BYTES=0 APPDETECT[L4:80 http-host:10.215.168.1] Mar 23 07:02:59.532924 osdx ulogd[9154]: [UPDATE] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=TCP SPT=52328 DPT=80 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=TCP SPT=80 DPT=52328 PKTS=0 BYTES=0 APPDETECT[L4:80 http-host:10.215.168.1] Mar 23 07:02:59.555416 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'file copy http://10.215.168.1/~robot/ running://index.html force'.
App Detect Drop Packet
Description
Set a traffic policy with action drop for all the packets matching an appid specified by a traffic selector.
Enable http-host and http-url option in system conntrack appdetect path in order to see relevant information about http packets.
Finnally, log that packets with app-id option and check that appdetect field appear in journal when
running system journal show
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth1 address 10.215.168.64/24 set interfaces ethernet eth1 traffic policy out DROP set system conntrack app-detect dictionary 130 custom app-id 155 fqdn 10.215.168.1 set system conntrack app-detect enable_dict_match_priv_ip set system conntrack app-detect http-host set system conntrack app-detect http-url set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set traffic policy DROP rule 1 action drop set traffic policy DROP rule 1 log app-id set traffic policy DROP rule 1 selector APPID set traffic selector APPID rule 1 app-detect app-id custom 155
Step 2: Ping IP address 10.215.168.1 from DUT0:
admin@DUT0$ ping 10.215.168.1 count 1 size 56 timeout 1Show output
PING 10.215.168.1 (10.215.168.1) 56(84) bytes of data. 64 bytes from 10.215.168.1: icmp_seq=1 ttl=64 time=0.584 ms --- 10.215.168.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.584/0.584/0.584/0.000 ms
Step 3: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
osdx kernel:.*APPDETECT\[U6:155 http-url:/~robot/ http-host:10.215.168.1\]Show output
Mar 23 07:03:04.321340 osdx systemd-journald[2224]: Runtime Journal (/run/log/journal/9342df493a59479ea19be04fa8920e8f) is 1.8M, max 13.8M, 11.9M free. Mar 23 07:03:04.321811 osdx systemd-journald[2224]: Received client request to rotate journal, rotating. Mar 23 07:03:04.321845 osdx systemd-journald[2224]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9342df493a59479ea19be04fa8920e8f. Mar 23 07:03:04.332935 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal clear'. Mar 23 07:03:04.535347 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system coredump delete all'. Mar 23 07:03:04.780906 osdx OSDxCLI[2568]: User 'admin' entered the configuration menu. Mar 23 07:03:04.845890 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack app-detect dictionary 130 custom app-id 155 fqdn 10.215.168.1'. Mar 23 07:03:04.937788 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack app-detect enable_dict_match_priv_ip'. Mar 23 07:03:05.048206 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack app-detect http-url'. Mar 23 07:03:05.136296 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set traffic selector APPID rule 1 app-detect app-id custom 155'. Mar 23 07:03:05.232058 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set traffic policy DROP rule 1 selector APPID'. Mar 23 07:03:05.291160 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set traffic policy DROP rule 1 action drop'. Mar 23 07:03:05.376795 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set traffic policy DROP rule 1 log app-id'. Mar 23 07:03:05.465021 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth1 traffic policy out DROP'. Mar 23 07:03:05.540543 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth1 address 10.215.168.64/24'. Mar 23 07:03:05.634779 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack app-detect http-host'. Mar 23 07:03:05.701558 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'show working'. Mar 23 07:03:05.805929 osdx ubnt-cfgd[9604]: inactive Mar 23 07:03:05.848021 osdx INFO[9628]: FRR daemons did not change Mar 23 07:03:06.001828 osdx kernel: nfUDPlink: module init Mar 23 07:03:06.001883 osdx kernel: app-detect: module init Mar 23 07:03:06.001892 osdx kernel: app-detect: registered: sysctl net.appdetect Mar 23 07:03:06.001900 osdx kernel: nfUDPlink: connected 127.0.0.1:49000 Mar 23 07:03:06.001907 osdx kernel: nfUDPlink: added destination 127.0.0.1:49000 Mar 23 07:03:06.001915 osdx kernel: app-detect: expression init Mar 23 07:03:06.001922 osdx kernel: app-detect: appid cache initialized (override=yes, chained=yes) Mar 23 07:03:06.001934 osdx kernel: app-detect: cache changes counter set appid_changes_count found (klen=4, dlen=4) Mar 23 07:03:06.023289 osdx INFO[9663]: Updated /etc/default/osdx_tcatd.conf Mar 23 07:03:06.023336 osdx INFO[9663]: Restarting Traffic Categorization (TCATD) service ... Mar 23 07:03:06.054080 osdx systemd[1]: Starting osdx-tcatd.service - App-Detect Traffic Categorization daemon... Mar 23 07:03:06.069005 osdx systemd[1]: Started osdx-tcatd.service - App-Detect Traffic Categorization daemon. Mar 23 07:03:06.158404 osdx WARNING[9737]: No supported link modes on interface eth1 Mar 23 07:03:06.160233 osdx modulelauncher[9737]: osdx.utils.xos cmd error: /sbin/ethtool -A eth1 autoneg on Mar 23 07:03:06.160245 osdx modulelauncher[9737]: Command '/sbin/ethtool -A eth1 autoneg on' returned non-zero exit status 76. Mar 23 07:03:06.161698 osdx modulelauncher[9737]: osdx.utils.xos cmd error: /sbin/ethtool -s eth1 autoneg on advertise Asym_Pause off Pause off -- Mar 23 07:03:06.161706 osdx modulelauncher[9737]: Command '/sbin/ethtool -s eth1 autoneg on advertise Asym_Pause off Pause off --' returned non-zero exit status 75. Mar 23 07:03:06.621104 osdx cfgd[1860]: [2568]Completed change to active configuration Mar 23 07:03:06.635780 osdx OSDxCLI[2568]: User 'admin' committed the configuration. Mar 23 07:03:06.673075 osdx OSDxCLI[2568]: User 'admin' left the configuration menu. Mar 23 07:03:06.825318 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'ping 10.215.168.1 count 1 size 56 timeout 1'. Mar 23 07:03:06.948856 osdx file_operation[9822]: using src url: http://10.215.168.1/~robot/ dst url: running://index.html Mar 23 07:03:06.957832 osdx kernel: [DROP-1] DROP IN= OUT=eth1 SRC=10.215.168.64 DST=10.215.168.1 LEN=306 TOS=0x00 PREC=0x00 TTL=64 ID=13284 DF PROTO=TCP SPT=53576 DPT=80 WINDOW=502 RES=0x00 ACK PSH URGP=0 APPDETECT[U6:155 http-url:/~robot/ http-host:10.215.168.1] Mar 23 07:03:07.161835 osdx kernel: [DROP-1] DROP IN= OUT=eth1 SRC=10.215.168.64 DST=10.215.168.1 LEN=306 TOS=0x00 PREC=0x00 TTL=64 ID=13285 DF PROTO=TCP SPT=53576 DPT=80 WINDOW=502 RES=0x00 ACK PSH URGP=0 APPDETECT[U6:155 http-url:/~robot/ http-host:10.215.168.1] Mar 23 07:03:07.573866 osdx kernel: [DROP-1] DROP IN= OUT=eth1 SRC=10.215.168.64 DST=10.215.168.1 LEN=306 TOS=0x00 PREC=0x00 TTL=64 ID=13286 DF PROTO=TCP SPT=53576 DPT=80 WINDOW=502 RES=0x00 ACK PSH URGP=0 APPDETECT[U6:155 http-url:/~robot/ http-host:10.215.168.1] Mar 23 07:03:08.405865 osdx kernel: [DROP-1] DROP IN= OUT=eth1 SRC=10.215.168.64 DST=10.215.168.1 LEN=306 TOS=0x00 PREC=0x00 TTL=64 ID=13287 DF PROTO=TCP SPT=53576 DPT=80 WINDOW=502 RES=0x00 ACK PSH URGP=0 APPDETECT[U6:155 http-url:/~robot/ http-host:10.215.168.1] Mar 23 07:03:09.931961 osdx file_operation.py[9822]: Operation aborted by user. Mar 23 07:03:09.945826 osdx kernel: [DROP-1] DROP IN= OUT=eth1 SRC=10.215.168.64 DST=10.215.168.1 LEN=306 TOS=0x00 PREC=0x00 TTL=64 ID=13288 DF PROTO=TCP SPT=53576 DPT=80 WINDOW=502 RES=0x00 ACK PSH FIN URGP=0 APPDETECT[U6:155 http-url:/~robot/ http-host:10.215.168.1] Mar 23 07:03:09.949273 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'file copy http://10.215.168.1/~robot/ running://index.html force'.
Identity Values
Description
Conntrack identity is able to contain any printed character (max 92 characters) but not spaces
Scenario
Step 1: Run command configure at DUT0 and expect this output:
Show output
admin@osdx#
Step 2: Run command set system conntrack logging identity "he||o w@rld!" at DUT0 and check if output contains the following tokens:
Identity name must be 92 characters or less and must contain printable characters except those defined as part of the space character classShow output
Identity name must be 92 characters or less and must contain printable characters except those defined as part of the space character class Value validation failed CLI Error: Command error
Step 3: Run command set system conntrack logging identity Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-amet-vita at DUT0 and check if output contains the following tokens:
Identity name must be 92 characters or less and must contain printable characters except those defined as part of the space character classShow output
Identity name must be 92 characters or less and must contain printable characters except those defined as part of the space character class Value validation failed CLI Error: Command error
Step 4: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set system conntrack logging events all set system conntrack logging identity Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 5: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 6: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.698 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.698/0.698/0.698/0.000 ms
Step 7: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.452 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.452/0.452/0.452/0.000 ms
Step 8: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*SRC=192.168.100.2Show output
Mar 23 07:03:14.326941 osdx systemd-journald[2224]: Runtime Journal (/run/log/journal/9342df493a59479ea19be04fa8920e8f) is 1.8M, max 13.8M, 11.9M free. Mar 23 07:03:14.330683 osdx systemd-journald[2224]: Received client request to rotate journal, rotating. Mar 23 07:03:14.330765 osdx systemd-journald[2224]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9342df493a59479ea19be04fa8920e8f. Mar 23 07:03:14.337166 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system journal clear'. Mar 23 07:03:14.660571 osdx OSDxCLI[2568]: User 'admin' executed a new command: 'system coredump delete all'. Mar 23 07:03:15.021538 osdx OSDxCLI[2568]: User 'admin' entered the configuration menu. Mar 23 07:03:15.132063 osdx cfgd[1860]: [2568]Command output: Identity name must be 92 characters or less and must contain printable characters except those defined as part of the space character class Value validation failed Mar 23 07:03:15.132894 osdx OSDxCLI[2568]: User 'admin' entered an invalid command: 'set system conntrack logging identity "he||o w@rld!"'. Mar 23 07:03:15.206567 osdx cfgd[1860]: [2568]Command output: Identity name must be 92 characters or less and must contain printable characters except those defined as part of the space character class Value validation failed Mar 23 07:03:15.207264 osdx OSDxCLI[2568]: User 'admin' entered an invalid command: 'set system conntrack logging identity Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-amet-vita'. Mar 23 07:03:15.300051 osdx OSDxCLI[2568]: User 'admin' left the configuration menu. Mar 23 07:03:15.486941 osdx OSDxCLI[2568]: User 'admin' entered the configuration menu. Mar 23 07:03:15.582434 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. Mar 23 07:03:15.695911 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. Mar 23 07:03:15.815121 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'set system conntrack logging identity Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit'. Mar 23 07:03:15.912549 osdx OSDxCLI[2568]: User 'admin' added a new cfg line: 'show working'. Mar 23 07:03:15.972940 osdx ubnt-cfgd[10037]: inactive Mar 23 07:03:15.990899 osdx INFO[10043]: FRR daemons did not change Mar 23 07:03:16.072771 osdx WARNING[10115]: No supported link modes on interface eth0 Mar 23 07:03:16.074523 osdx modulelauncher[10115]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on Mar 23 07:03:16.074536 osdx modulelauncher[10115]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. Mar 23 07:03:16.075674 osdx modulelauncher[10115]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off -- Mar 23 07:03:16.075683 osdx modulelauncher[10115]: Command '/sbin/ethtool -s eth0 autoneg on advertise Asym_Pause off Pause off --' returned non-zero exit status 75. Mar 23 07:03:16.114961 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... Mar 23 07:03:16.115874 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. Mar 23 07:03:16.116002 osdx ulogd[10140]: registering plugin `NFCT' Mar 23 07:03:16.116043 osdx ulogd[10140]: registering plugin `IP2STR' Mar 23 07:03:16.116086 osdx ulogd[10140]: registering plugin `PRINTFLOW' Mar 23 07:03:16.116126 osdx ulogd[10140]: registering plugin `SYSLOG' Mar 23 07:03:16.116129 osdx ulogd[10140]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' Mar 23 07:03:16.116172 osdx ulogd[10140]: NFCT plugin working in event mode Mar 23 07:03:16.116181 osdx Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit[10140]: Changing UID / GID Mar 23 07:03:16.116249 osdx Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit[10140]: initialization finished, entering main loop Mar 23 07:03:16.117423 osdx cfgd[1860]: [2568]Completed change to active configuration Mar 23 07:03:16.128675 osdx OSDxCLI[2568]: User 'admin' committed the configuration. Mar 23 07:03:16.144282 osdx OSDxCLI[2568]: User 'admin' left the configuration menu. Mar 23 07:03:17.111334 osdx Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit[10140]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:03:17.111359 osdx Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit[10140]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:03:17.198421 osdx Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit[10140]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 Mar 23 07:03:17.198443 osdx Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit[10140]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0