Logging
The following scenarios show how to configure the conntrack logging option with different traffic policies and services enabled, in order to check that all fields are displayed correctly and all events are captured.
New events
Description
Check NEW sessions events are captured
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set system conntrack logging events new set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.600 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.600/0.600/0.600/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.362 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.362/0.362/0.362/0.000 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[NEW\].*SRC=192.168.100.2Show output
May 05 02:47:10.276326 osdx systemd-journald[1908]: Runtime Journal (/run/log/journal/9e2a66651dea45ed982d8152051049c2) is 1.8M, max 13.8M, 11.9M free. May 05 02:47:10.279347 osdx systemd-journald[1908]: Received client request to rotate journal, rotating. May 05 02:47:10.279392 osdx systemd-journald[1908]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9e2a66651dea45ed982d8152051049c2. May 05 02:47:10.285030 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal clear'. May 05 02:47:10.480541 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system coredump delete all'. May 05 02:47:10.675341 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu. May 05 02:47:10.754800 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. May 05 02:47:10.821323 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack logging events new'. May 05 02:47:10.925546 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show working'. May 05 02:47:10.979875 osdx ubnt-cfgd[687856]: inactive May 05 02:47:10.996939 osdx INFO[687862]: FRR daemons did not change May 05 02:47:11.027353 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 May 05 02:47:11.068640 osdx WARNING[687934]: No supported link modes on interface eth0 May 05 02:47:11.069990 osdx modulelauncher[687934]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on May 05 02:47:11.070002 osdx modulelauncher[687934]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. May 05 02:47:11.071108 osdx modulelauncher[687934]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- May 05 02:47:11.071115 osdx modulelauncher[687934]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. May 05 02:47:11.107572 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:47:11.108320 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:47:11.108428 osdx ulogd[687959]: registering plugin `NFCT' May 05 02:47:11.108475 osdx ulogd[687959]: registering plugin `IP2STR' May 05 02:47:11.108520 osdx ulogd[687959]: registering plugin `PRINTFLOW' May 05 02:47:11.108569 osdx ulogd[687959]: registering plugin `SYSLOG' May 05 02:47:11.108573 osdx ulogd[687959]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' May 05 02:47:11.108623 osdx ulogd[687959]: NFCT plugin working in event mode May 05 02:47:11.108633 osdx ulogd[687959]: Changing UID / GID May 05 02:47:11.108715 osdx ulogd[687959]: initialization finished, entering main loop May 05 02:47:11.109334 osdx cfgd[1648]: [598646]Completed change to active configuration May 05 02:47:11.120433 osdx OSDxCLI[598646]: User 'admin' committed the configuration. May 05 02:47:11.136779 osdx OSDxCLI[598646]: User 'admin' left the configuration menu. May 05 02:47:11.887885 osdx ulogd[687959]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:47:11.964059 osdx ulogd[687959]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0
Update events
Description
Check UPDATE sessions events are captured
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set system conntrack logging events update set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.616 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.616/0.616/0.616/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.507 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.507/0.507/0.507/0.000 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[UPDATE\].*SRC=192.168.100.2Show output
May 05 02:47:16.272661 osdx systemd-journald[1908]: Runtime Journal (/run/log/journal/9e2a66651dea45ed982d8152051049c2) is 1.8M, max 13.8M, 11.9M free. May 05 02:47:16.274836 osdx systemd-journald[1908]: Received client request to rotate journal, rotating. May 05 02:47:16.274878 osdx systemd-journald[1908]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9e2a66651dea45ed982d8152051049c2. May 05 02:47:16.281675 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal clear'. May 05 02:47:16.473805 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system coredump delete all'. May 05 02:47:16.671112 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu. May 05 02:47:16.749432 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. May 05 02:47:16.816906 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack logging events update'. May 05 02:47:16.876378 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show working'. May 05 02:47:16.966870 osdx ubnt-cfgd[688160]: inactive May 05 02:47:16.983036 osdx INFO[688166]: FRR daemons did not change May 05 02:47:17.010859 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 May 05 02:47:17.056349 osdx WARNING[688238]: No supported link modes on interface eth0 May 05 02:47:17.057689 osdx modulelauncher[688238]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on May 05 02:47:17.057700 osdx modulelauncher[688238]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. May 05 02:47:17.058852 osdx modulelauncher[688238]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- May 05 02:47:17.058859 osdx modulelauncher[688238]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. May 05 02:47:17.103867 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:47:17.105650 osdx ulogd[688263]: registering plugin `NFCT' May 05 02:47:17.105426 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:47:17.105745 osdx ulogd[688263]: registering plugin `IP2STR' May 05 02:47:17.105833 osdx ulogd[688263]: registering plugin `PRINTFLOW' May 05 02:47:17.105931 osdx ulogd[688263]: registering plugin `SYSLOG' May 05 02:47:17.105940 osdx ulogd[688263]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' May 05 02:47:17.106053 osdx ulogd[688263]: NFCT plugin working in event mode May 05 02:47:17.106074 osdx ulogd[688263]: Changing UID / GID May 05 02:47:17.106256 osdx ulogd[688263]: initialization finished, entering main loop May 05 02:47:17.108369 osdx cfgd[1648]: [598646]Completed change to active configuration May 05 02:47:17.123268 osdx OSDxCLI[598646]: User 'admin' committed the configuration. May 05 02:47:17.147304 osdx OSDxCLI[598646]: User 'admin' left the configuration menu. May 05 02:47:17.898542 osdx ulogd[688263]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:47:17.977536 osdx ulogd[688263]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0
Destroy events
Description
Check DESTROY sessions events are captured
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set service ssh set system conntrack logging events destroy set system conntrack timeout icmp 1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.546 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.546/0.546/0.546/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 3 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.366 ms 64 bytes from 192.168.100.1: icmp_seq=2 ttl=64 time=0.402 ms 64 bytes from 192.168.100.1: icmp_seq=3 ttl=64 time=0.263 ms --- 192.168.100.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2038ms rtt min/avg/max/mdev = 0.263/0.343/0.402/0.058 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[DESTROY\].*SRC=192.168.100.2Show output
May 05 02:47:21.000185 osdx systemd-timedated[685192]: Changed local time to Tue 2026-05-05 02:47:21 UTC May 05 02:47:21.001317 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'set date 2026-05-05 02:47:21'. May 05 02:47:21.004166 osdx systemd-journald[1908]: Time jumped backwards, rotating. May 05 02:47:21.283851 osdx systemd-journald[1908]: Runtime Journal (/run/log/journal/9e2a66651dea45ed982d8152051049c2) is 1.8M, max 13.8M, 11.9M free. May 05 02:47:21.284270 osdx systemd-journald[1908]: Received client request to rotate journal, rotating. May 05 02:47:21.284304 osdx systemd-journald[1908]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9e2a66651dea45ed982d8152051049c2. May 05 02:47:21.293070 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal clear'. May 05 02:47:21.497661 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system coredump delete all'. May 05 02:47:21.737465 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu. May 05 02:47:21.816747 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. May 05 02:47:21.883308 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack logging events destroy'. May 05 02:47:21.980094 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack timeout icmp 1'. May 05 02:47:22.028526 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set service ssh'. May 05 02:47:22.132028 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show working'. May 05 02:47:22.185879 osdx ubnt-cfgd[688467]: inactive May 05 02:47:22.249310 osdx INFO[688488]: FRR daemons did not change May 05 02:47:22.280170 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 May 05 02:47:22.326235 osdx WARNING[688562]: No supported link modes on interface eth0 May 05 02:47:22.327688 osdx modulelauncher[688562]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on May 05 02:47:22.327701 osdx modulelauncher[688562]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. May 05 02:47:22.328905 osdx modulelauncher[688562]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- May 05 02:47:22.328917 osdx modulelauncher[688562]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. May 05 02:47:22.396437 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:47:22.397111 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:47:22.397267 osdx ulogd[688587]: registering plugin `NFCT' May 05 02:47:22.397312 osdx ulogd[688587]: registering plugin `IP2STR' May 05 02:47:22.397348 osdx ulogd[688587]: registering plugin `PRINTFLOW' May 05 02:47:22.397389 osdx ulogd[688587]: registering plugin `SYSLOG' May 05 02:47:22.397393 osdx ulogd[688587]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' May 05 02:47:22.397432 osdx ulogd[688587]: NFCT plugin working in event mode May 05 02:47:22.397444 osdx ulogd[688587]: Changing UID / GID May 05 02:47:22.397518 osdx ulogd[688587]: initialization finished, entering main loop May 05 02:47:22.433643 osdx systemd[1]: Starting ssh.service - OpenBSD Secure Shell server... May 05 02:47:22.446144 osdx sshd[688608]: Server listening on 0.0.0.0 port 22. May 05 02:47:22.446166 osdx sshd[688608]: Server listening on :: port 22. May 05 02:47:22.446237 osdx systemd[1]: Started ssh.service - OpenBSD Secure Shell server. May 05 02:47:22.447000 osdx cfgd[1648]: [598646]Completed change to active configuration May 05 02:47:22.458078 osdx OSDxCLI[598646]: User 'admin' committed the configuration. May 05 02:47:22.477884 osdx OSDxCLI[598646]: User 'admin' left the configuration menu. May 05 02:47:24.326944 osdx ulogd[688587]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 May 05 02:47:25.350723 osdx ulogd[688587]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84
Default logging
Description
Set a simple configuration, send a ping command from one device to other
and check that default fields appear when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set system conntrack logging events all set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.562 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.562/0.562/0.562/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.380 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.380/0.380/0.380/0.000 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*SRC=192.168.100.2Show output
May 05 02:47:32.280150 osdx systemd-journald[1908]: Runtime Journal (/run/log/journal/9e2a66651dea45ed982d8152051049c2) is 1.9M, max 13.8M, 11.9M free. May 05 02:47:32.281229 osdx systemd-journald[1908]: Received client request to rotate journal, rotating. May 05 02:47:32.281275 osdx systemd-journald[1908]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9e2a66651dea45ed982d8152051049c2. May 05 02:47:32.290683 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal clear'. May 05 02:47:32.483897 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system coredump delete all'. May 05 02:47:32.684085 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu. May 05 02:47:32.769479 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. May 05 02:47:32.839867 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. May 05 02:47:32.900160 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show working'. May 05 02:47:32.983502 osdx ubnt-cfgd[688832]: inactive May 05 02:47:33.000227 osdx INFO[688838]: FRR daemons did not change May 05 02:47:33.029253 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 May 05 02:47:33.073966 osdx WARNING[688910]: No supported link modes on interface eth0 May 05 02:47:33.075225 osdx modulelauncher[688910]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on May 05 02:47:33.075236 osdx modulelauncher[688910]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. May 05 02:47:33.076360 osdx modulelauncher[688910]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- May 05 02:47:33.076367 osdx modulelauncher[688910]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. May 05 02:47:33.121485 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:47:33.122175 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:47:33.122300 osdx ulogd[688935]: registering plugin `NFCT' May 05 02:47:33.122335 osdx ulogd[688935]: registering plugin `IP2STR' May 05 02:47:33.122369 osdx ulogd[688935]: registering plugin `PRINTFLOW' May 05 02:47:33.122406 osdx ulogd[688935]: registering plugin `SYSLOG' May 05 02:47:33.122410 osdx ulogd[688935]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' May 05 02:47:33.122449 osdx ulogd[688935]: NFCT plugin working in event mode May 05 02:47:33.122457 osdx ulogd[688935]: Changing UID / GID May 05 02:47:33.122526 osdx ulogd[688935]: initialization finished, entering main loop May 05 02:47:33.123580 osdx cfgd[1648]: [598646]Completed change to active configuration May 05 02:47:33.137562 osdx OSDxCLI[598646]: User 'admin' committed the configuration. May 05 02:47:33.151541 osdx OSDxCLI[598646]: User 'admin' left the configuration menu. May 05 02:47:33.919922 osdx ulogd[688935]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:47:33.919944 osdx ulogd[688935]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:47:33.990554 osdx ulogd[688935]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:47:33.990575 osdx ulogd[688935]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0
Identity logging
Description
Set a simple configuration with identity OSDx_DUT0 for logs entries, send a ping command from one device to other
and check that the identity has changed when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set system conntrack logging events all set system conntrack logging identity OSDx_DUT0 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.584 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.584/0.584/0.584/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.566 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.566/0.566/0.566/0.000 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
OSDx_DUT0\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*SRC=192.168.100.2Show output
May 05 02:47:38.277773 osdx systemd-journald[1908]: Runtime Journal (/run/log/journal/9e2a66651dea45ed982d8152051049c2) is 1.9M, max 13.8M, 11.9M free. May 05 02:47:38.278905 osdx systemd-journald[1908]: Received client request to rotate journal, rotating. May 05 02:47:38.278946 osdx systemd-journald[1908]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9e2a66651dea45ed982d8152051049c2. May 05 02:47:38.287372 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal clear'. May 05 02:47:38.473568 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system coredump delete all'. May 05 02:47:38.670367 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu. May 05 02:47:38.790255 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. May 05 02:47:38.838572 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. May 05 02:47:38.933544 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack logging identity OSDx_DUT0'. May 05 02:47:38.995137 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show working'. May 05 02:47:39.082489 osdx ubnt-cfgd[689137]: inactive May 05 02:47:39.098909 osdx INFO[689143]: FRR daemons did not change May 05 02:47:39.126904 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 May 05 02:47:39.174479 osdx WARNING[689215]: No supported link modes on interface eth0 May 05 02:47:39.175843 osdx modulelauncher[689215]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on May 05 02:47:39.175854 osdx modulelauncher[689215]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. May 05 02:47:39.176918 osdx modulelauncher[689215]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- May 05 02:47:39.176924 osdx modulelauncher[689215]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. May 05 02:47:39.223595 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:47:39.225162 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:47:39.225749 osdx ulogd[689240]: registering plugin `NFCT' May 05 02:47:39.225876 osdx ulogd[689240]: registering plugin `IP2STR' May 05 02:47:39.226005 osdx ulogd[689240]: registering plugin `PRINTFLOW' May 05 02:47:39.226140 osdx ulogd[689240]: registering plugin `SYSLOG' May 05 02:47:39.226151 osdx ulogd[689240]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' May 05 02:47:39.226299 osdx ulogd[689240]: NFCT plugin working in event mode May 05 02:47:39.226327 osdx OSDx_DUT0[689240]: Changing UID / GID May 05 02:47:39.226569 osdx OSDx_DUT0[689240]: initialization finished, entering main loop May 05 02:47:39.228185 osdx cfgd[1648]: [598646]Completed change to active configuration May 05 02:47:39.244855 osdx OSDxCLI[598646]: User 'admin' committed the configuration. May 05 02:47:39.259573 osdx OSDxCLI[598646]: User 'admin' left the configuration menu. May 05 02:47:39.997715 osdx OSDx_DUT0[689240]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:47:39.997736 osdx OSDx_DUT0[689240]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:47:40.069619 osdx OSDx_DUT0[689240]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:47:40.069637 osdx OSDx_DUT0[689240]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0
Note
If the identity is not provided, “ulogd” will be used by default.
Step 6: Modify the following configuration lines in DUT0 :
delete system conntrack logging identity
Step 7: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.223 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.223/0.223/0.223/0.000 ms
Step 8: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*SRC=192.168.100.2Show output
May 05 02:47:38.277773 osdx systemd-journald[1908]: Runtime Journal (/run/log/journal/9e2a66651dea45ed982d8152051049c2) is 1.9M, max 13.8M, 11.9M free. May 05 02:47:38.278905 osdx systemd-journald[1908]: Received client request to rotate journal, rotating. May 05 02:47:38.278946 osdx systemd-journald[1908]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9e2a66651dea45ed982d8152051049c2. May 05 02:47:38.287372 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal clear'. May 05 02:47:38.473568 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system coredump delete all'. May 05 02:47:38.670367 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu. May 05 02:47:38.790255 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. May 05 02:47:38.838572 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. May 05 02:47:38.933544 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack logging identity OSDx_DUT0'. May 05 02:47:38.995137 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show working'. May 05 02:47:39.082489 osdx ubnt-cfgd[689137]: inactive May 05 02:47:39.098909 osdx INFO[689143]: FRR daemons did not change May 05 02:47:39.126904 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 May 05 02:47:39.174479 osdx WARNING[689215]: No supported link modes on interface eth0 May 05 02:47:39.175843 osdx modulelauncher[689215]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on May 05 02:47:39.175854 osdx modulelauncher[689215]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. May 05 02:47:39.176918 osdx modulelauncher[689215]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- May 05 02:47:39.176924 osdx modulelauncher[689215]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. May 05 02:47:39.223595 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:47:39.225162 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:47:39.225749 osdx ulogd[689240]: registering plugin `NFCT' May 05 02:47:39.225876 osdx ulogd[689240]: registering plugin `IP2STR' May 05 02:47:39.226005 osdx ulogd[689240]: registering plugin `PRINTFLOW' May 05 02:47:39.226140 osdx ulogd[689240]: registering plugin `SYSLOG' May 05 02:47:39.226151 osdx ulogd[689240]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' May 05 02:47:39.226299 osdx ulogd[689240]: NFCT plugin working in event mode May 05 02:47:39.226327 osdx OSDx_DUT0[689240]: Changing UID / GID May 05 02:47:39.226569 osdx OSDx_DUT0[689240]: initialization finished, entering main loop May 05 02:47:39.228185 osdx cfgd[1648]: [598646]Completed change to active configuration May 05 02:47:39.244855 osdx OSDxCLI[598646]: User 'admin' committed the configuration. May 05 02:47:39.259573 osdx OSDxCLI[598646]: User 'admin' left the configuration menu. May 05 02:47:39.997715 osdx OSDx_DUT0[689240]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:47:39.997736 osdx OSDx_DUT0[689240]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:47:40.069619 osdx OSDx_DUT0[689240]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:47:40.069637 osdx OSDx_DUT0[689240]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:47:40.182877 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal show | cat'. May 05 02:47:40.322081 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu. May 05 02:47:40.374600 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'delete system conntrack logging identity'. May 05 02:47:40.472475 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show changes'. May 05 02:47:40.526530 osdx ubnt-cfgd[689277]: inactive May 05 02:47:40.545339 osdx INFO[689283]: FRR daemons did not change May 05 02:47:40.554398 osdx OSDx_DUT0[689240]: Terminal signal received, exiting May 05 02:47:40.554503 osdx systemd[1]: Stopping ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:47:40.554941 osdx systemd[1]: ulogd2.service: Deactivated successfully. May 05 02:47:40.555052 osdx systemd[1]: Stopped ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:47:40.571224 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:47:40.571776 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:47:40.571910 osdx ulogd[689291]: registering plugin `NFCT' May 05 02:47:40.571945 osdx ulogd[689291]: registering plugin `IP2STR' May 05 02:47:40.571978 osdx ulogd[689291]: registering plugin `PRINTFLOW' May 05 02:47:40.572016 osdx ulogd[689291]: registering plugin `SYSLOG' May 05 02:47:40.572020 osdx ulogd[689291]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' May 05 02:47:40.572058 osdx ulogd[689291]: NFCT plugin working in event mode May 05 02:47:40.572065 osdx ulogd[689291]: Changing UID / GID May 05 02:47:40.572127 osdx ulogd[689291]: initialization finished, entering main loop May 05 02:47:40.572869 osdx cfgd[1648]: [598646]Completed change to active configuration May 05 02:47:40.574176 osdx ulogd[689291]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 May 05 02:47:40.574191 osdx ulogd[689291]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 May 05 02:47:40.574713 osdx OSDxCLI[598646]: User 'admin' committed the configuration. May 05 02:47:40.590320 osdx OSDxCLI[598646]: User 'admin' left the configuration menu. May 05 02:47:40.736658 osdx ulogd[689291]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:47:40.736676 osdx ulogd[689291]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0
Policies logging
Description
Set a simple configuration with mark and label traffic policies,
send a ping command from one device to other
and check that default, mark and label fields appear when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set interfaces ethernet eth0 traffic policy in POLICY set system conntrack logging events all set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set traffic label TEST set traffic policy POLICY rule 1 set connmark 33 set traffic policy POLICY rule 1 set label TEST
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.553 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.553/0.553/0.553/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 2 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.482 ms 64 bytes from 192.168.100.1: icmp_seq=2 ttl=64 time=0.209 ms --- 192.168.100.1 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1022ms rtt min/avg/max/mdev = 0.209/0.345/0.482/0.136 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*MARK=33.*LABELS=TESTShow output
May 05 02:47:44.285138 osdx systemd-journald[1908]: Runtime Journal (/run/log/journal/9e2a66651dea45ed982d8152051049c2) is 1.8M, max 13.8M, 11.9M free. May 05 02:47:44.288466 osdx systemd-journald[1908]: Received client request to rotate journal, rotating. May 05 02:47:44.288514 osdx systemd-journald[1908]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9e2a66651dea45ed982d8152051049c2. May 05 02:47:44.294467 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal clear'. May 05 02:47:44.489309 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system coredump delete all'. May 05 02:47:44.690072 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu. May 05 02:47:44.771372 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 traffic policy in POLICY'. May 05 02:47:44.826281 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set traffic label TEST'. May 05 02:47:44.923884 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set traffic policy POLICY rule 1 set connmark 33'. May 05 02:47:44.975180 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set traffic policy POLICY rule 1 set label TEST'. May 05 02:47:45.066215 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. May 05 02:47:45.120068 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. May 05 02:47:45.225248 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show working'. May 05 02:47:45.282937 osdx ubnt-cfgd[689471]: inactive May 05 02:47:45.307624 osdx INFO[689485]: FRR daemons did not change May 05 02:47:45.336469 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 May 05 02:47:45.384288 osdx WARNING[689557]: No supported link modes on interface eth0 May 05 02:47:45.385750 osdx modulelauncher[689557]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on May 05 02:47:45.385763 osdx modulelauncher[689557]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. May 05 02:47:45.386823 osdx modulelauncher[689557]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- May 05 02:47:45.386831 osdx modulelauncher[689557]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. May 05 02:47:45.420707 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:47:45.421589 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:47:45.421647 osdx ulogd[689582]: registering plugin `NFCT' May 05 02:47:45.421684 osdx ulogd[689582]: registering plugin `IP2STR' May 05 02:47:45.421715 osdx ulogd[689582]: registering plugin `PRINTFLOW' May 05 02:47:45.421751 osdx ulogd[689582]: registering plugin `SYSLOG' May 05 02:47:45.421754 osdx ulogd[689582]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' May 05 02:47:45.421790 osdx ulogd[689582]: NFCT plugin working in event mode May 05 02:47:45.421797 osdx ulogd[689582]: Changing UID / GID May 05 02:47:45.421860 osdx ulogd[689582]: initialization finished, entering main loop May 05 02:47:45.430691 osdx ulogd[689582]: Terminal signal received, exiting May 05 02:47:45.430779 osdx systemd[1]: Stopping ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:47:45.431060 osdx systemd[1]: ulogd2.service: Deactivated successfully. May 05 02:47:45.431150 osdx systemd[1]: Stopped ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:47:45.431942 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:47:45.432661 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:47:45.432770 osdx ulogd[689588]: registering plugin `NFCT' May 05 02:47:45.432805 osdx ulogd[689588]: registering plugin `IP2STR' May 05 02:47:45.432836 osdx ulogd[689588]: registering plugin `PRINTFLOW' May 05 02:47:45.432882 osdx ulogd[689588]: registering plugin `SYSLOG' May 05 02:47:45.432886 osdx ulogd[689588]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' May 05 02:47:45.432921 osdx ulogd[689588]: NFCT plugin working in event mode May 05 02:47:45.432927 osdx ulogd[689588]: Changing UID / GID May 05 02:47:45.432987 osdx ulogd[689588]: initialization finished, entering main loop May 05 02:47:45.647468 osdx cfgd[1648]: [598646]Completed change to active configuration May 05 02:47:45.661202 osdx OSDxCLI[598646]: User 'admin' committed the configuration. May 05 02:47:45.676493 osdx OSDxCLI[598646]: User 'admin' left the configuration menu. May 05 02:47:46.409920 osdx ulogd[689588]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 MARK=33 LABELS=TEST May 05 02:47:46.409939 osdx ulogd[689588]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 MARK=33 May 05 02:47:46.481696 osdx ulogd[689588]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 MARK=33 LABELS=TEST May 05 02:47:46.481715 osdx ulogd[689588]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 MARK=33
VRF logging
Description
Set a simple configuration with a vrf,
send a ping command from one device to other
and check that default and vrf fields appear when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set interfaces ethernet eth0 vrf RED set protocols vrf RED static route 0.0.0.0/0 next-hop 192.168.100.2 set system conntrack logging events all set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set system vrf RED
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.466 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.466/0.466/0.466/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.486 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.486/0.486/0.486/0.000 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*VRF=REDShow output
May 05 02:47:52.282167 osdx systemd-journald[1908]: Runtime Journal (/run/log/journal/9e2a66651dea45ed982d8152051049c2) is 1.8M, max 13.8M, 11.9M free. May 05 02:47:52.283009 osdx systemd-journald[1908]: Received client request to rotate journal, rotating. May 05 02:47:52.283049 osdx systemd-journald[1908]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9e2a66651dea45ed982d8152051049c2. May 05 02:47:52.291309 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal clear'. May 05 02:47:52.480035 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system coredump delete all'. May 05 02:47:52.674190 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu. May 05 02:47:52.751057 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 vrf RED'. May 05 02:47:52.822035 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set protocols vrf RED static route 0.0.0.0/0 next-hop 192.168.100.2'. May 05 02:47:52.867794 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system vrf RED'. May 05 02:47:52.962040 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. May 05 02:47:53.011293 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. May 05 02:47:53.118842 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show working'. May 05 02:47:53.173587 osdx ubnt-cfgd[689838]: inactive May 05 02:47:53.193042 osdx INFO[689844]: FRR daemons did not change May 05 02:47:53.201795 osdx (udev-worker)[689854]: RED: Could not disable auto negotiation, ignoring: Operation not supported May 05 02:47:53.201817 osdx (udev-worker)[689854]: Network interface NamePolicy= disabled on kernel command line. May 05 02:47:53.238918 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 May 05 02:47:53.279051 osdx WARNING[689937]: No supported link modes on interface eth0 May 05 02:47:53.280450 osdx modulelauncher[689937]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on May 05 02:47:53.280462 osdx modulelauncher[689937]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. May 05 02:47:53.281902 osdx modulelauncher[689937]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- May 05 02:47:53.281910 osdx modulelauncher[689937]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. May 05 02:47:53.294943 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 May 05 02:47:53.379259 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:47:53.379968 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:47:53.380107 osdx ulogd[690023]: registering plugin `NFCT' May 05 02:47:53.380152 osdx ulogd[690023]: registering plugin `IP2STR' May 05 02:47:53.380194 osdx ulogd[690023]: registering plugin `PRINTFLOW' May 05 02:47:53.380242 osdx ulogd[690023]: registering plugin `SYSLOG' May 05 02:47:53.380246 osdx ulogd[690023]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' May 05 02:47:53.380298 osdx ulogd[690023]: NFCT plugin working in event mode May 05 02:47:53.380308 osdx ulogd[690023]: Changing UID / GID May 05 02:47:53.380387 osdx ulogd[690023]: initialization finished, entering main loop May 05 02:47:53.381053 osdx cfgd[1648]: [598646]Completed change to active configuration May 05 02:47:53.391914 osdx OSDxCLI[598646]: User 'admin' committed the configuration. May 05 02:47:53.406224 osdx OSDxCLI[598646]: User 'admin' left the configuration menu. May 05 02:47:54.155674 osdx ulogd[690023]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:47:54.155698 osdx ulogd[690023]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:47:54.228045 osdx ulogd[690023]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:47:54.228068 osdx ulogd[690023]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 VRF=RED PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0
Not-Bypass logging
Description
Set a simple configuration with a firewall service,
send a ping command from one device to other
and check that default and bypass fields appear when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth1 address 10.215.168.64/24 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Ping IP address 10.215.168.1 from DUT0:
admin@DUT0$ ping 10.215.168.1 count 1 size 56 timeout 1Show output
PING 10.215.168.1 (10.215.168.1) 56(84) bytes of data. 64 bytes from 10.215.168.1: icmp_seq=1 ttl=64 time=0.208 ms --- 10.215.168.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.208/0.208/0.208/0.000 ms
Step 3: Run command file copy http://10.215.168.1/~robot/test-performance.rules running:// force at DUT0 and expect this output:
Show output
% Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 129 100 129 0 0 23849 0 --:--:-- --:--:-- --:--:-- 25800
Step 4: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set interfaces ethernet eth0 traffic policy in POLICY set interfaces ethernet eth1 address 10.215.168.64/24 set service firewall FW mode inline queue FW_Q set service firewall FW ruleset file 'running://test-performance.rules' set service firewall FW stream bypass mark 129834765 set service firewall FW stream bypass mask 129834765 set service firewall FW stream bypass set-connmark set system conntrack logging events all set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set traffic policy POLICY rule 1 action enqueue FW_Q set traffic queue FW_Q elements 1
Step 5: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 6: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.659 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.659/0.659/0.659/0.000 ms
Step 7: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.362 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.362/0.362/0.362/0.000 ms
Step 8: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*Sc: not-bypassShow output
May 05 02:47:57.000248 osdx systemd-timedated[685192]: Changed local time to Tue 2026-05-05 02:47:57 UTC May 05 02:47:57.001483 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'set date 2026-05-05 02:47:57'. May 05 02:47:57.002217 osdx systemd-journald[1908]: Time jumped backwards, rotating. May 05 02:47:57.282162 osdx systemd-journald[1908]: Runtime Journal (/run/log/journal/9e2a66651dea45ed982d8152051049c2) is 1.8M, max 13.8M, 11.9M free. May 05 02:47:57.282569 osdx systemd-journald[1908]: Received client request to rotate journal, rotating. May 05 02:47:57.282603 osdx systemd-journald[1908]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9e2a66651dea45ed982d8152051049c2. May 05 02:47:57.291351 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal clear'. May 05 02:47:57.482511 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system coredump delete all'. May 05 02:47:57.685317 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu. May 05 02:47:57.770735 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth1 address 10.215.168.64/24'. May 05 02:47:57.849578 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show working'. May 05 02:47:57.902874 osdx ubnt-cfgd[690310]: inactive May 05 02:47:57.919405 osdx INFO[690316]: FRR daemons did not change May 05 02:47:57.946256 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth1 May 05 02:47:57.994616 osdx WARNING[690385]: No supported link modes on interface eth1 May 05 02:47:57.995962 osdx modulelauncher[690385]: osdx.utils.xos cmd error: /sbin/ethtool -A eth1 autoneg on May 05 02:47:57.995976 osdx modulelauncher[690385]: Command '/sbin/ethtool -A eth1 autoneg on' returned non-zero exit status 76. May 05 02:47:57.997110 osdx modulelauncher[690385]: osdx.utils.xos cmd error: /sbin/ethtool -s eth1 autoneg on advertise Pause off Asym_Pause off -- May 05 02:47:57.997121 osdx modulelauncher[690385]: Command '/sbin/ethtool -s eth1 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. May 05 02:47:58.007069 osdx cfgd[1648]: [598646]Completed change to active configuration May 05 02:47:58.017788 osdx OSDxCLI[598646]: User 'admin' committed the configuration. May 05 02:47:58.033166 osdx OSDxCLI[598646]: User 'admin' left the configuration menu. May 05 02:47:58.184684 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'ping 10.215.168.1 count 1 size 56 timeout 1'. May 05 02:47:58.303520 osdx file_operation[690442]: using src url: http://10.215.168.1/~robot/test-performance.rules dst url: running:// May 05 02:47:58.327198 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'file copy http://10.215.168.1/~robot/test-performance.rules running:// force'. May 05 02:47:58.461821 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu. May 05 02:47:58.530273 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 traffic policy in POLICY'. May 05 02:47:58.621492 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set service firewall FW mode inline queue FW_Q'. May 05 02:47:58.677613 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set service firewall FW ruleset file running://test-performance.rules'. May 05 02:47:58.772254 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set service firewall FW stream bypass'. May 05 02:47:58.831389 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set service firewall FW stream bypass mark 129834765'. May 05 02:47:58.927082 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set service firewall FW stream bypass mask 129834765'. May 05 02:47:58.985541 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set service firewall FW stream bypass set-connmark'. May 05 02:47:59.068926 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set traffic queue FW_Q elements 1'. May 05 02:47:59.130530 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set traffic policy POLICY rule 1 action enqueue FW_Q'. May 05 02:47:59.244397 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. May 05 02:47:59.292491 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. May 05 02:47:59.395271 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show working'. May 05 02:47:59.455899 osdx ubnt-cfgd[690477]: inactive May 05 02:47:59.493951 osdx INFO[690494]: FRR daemons did not change May 05 02:47:59.522245 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 May 05 02:47:59.566885 osdx WARNING[690566]: No supported link modes on interface eth0 May 05 02:47:59.568238 osdx modulelauncher[690566]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on May 05 02:47:59.568248 osdx modulelauncher[690566]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. May 05 02:47:59.569325 osdx modulelauncher[690566]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- May 05 02:47:59.569332 osdx modulelauncher[690566]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. May 05 02:47:59.618942 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:47:59.620591 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:47:59.621089 osdx ulogd[690591]: registering plugin `NFCT' May 05 02:47:59.621220 osdx ulogd[690591]: registering plugin `IP2STR' May 05 02:47:59.621337 osdx ulogd[690591]: registering plugin `PRINTFLOW' May 05 02:47:59.621468 osdx ulogd[690591]: registering plugin `SYSLOG' May 05 02:47:59.621480 osdx ulogd[690591]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' May 05 02:47:59.621631 osdx ulogd[690591]: NFCT plugin working in event mode May 05 02:47:59.621663 osdx ulogd[690591]: Changing UID / GID May 05 02:47:59.621879 osdx ulogd[690591]: initialization finished, entering main loop May 05 02:47:59.776678 osdx ulogd[690591]: Terminal signal received, exiting May 05 02:47:59.776890 osdx systemd[1]: Stopping ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:47:59.777353 osdx systemd[1]: ulogd2.service: Deactivated successfully. May 05 02:47:59.777509 osdx systemd[1]: Stopped ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:47:59.799000 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:47:59.800704 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:47:59.800989 osdx ulogd[690615]: registering plugin `NFCT' May 05 02:47:59.801103 osdx ulogd[690615]: registering plugin `IP2STR' May 05 02:47:59.801193 osdx ulogd[690615]: registering plugin `PRINTFLOW' May 05 02:47:59.801298 osdx ulogd[690615]: registering plugin `SYSLOG' May 05 02:47:59.801307 osdx ulogd[690615]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' May 05 02:47:59.801411 osdx ulogd[690615]: NFCT plugin working in event mode May 05 02:47:59.801435 osdx ulogd[690615]: Changing UID / GID May 05 02:47:59.801618 osdx ulogd[690615]: initialization finished, entering main loop May 05 02:47:59.848042 osdx systemd[1]: Reloading. May 05 02:47:59.886220 osdx systemd-sysv-generator[690636]: stat() failed on /etc/init.d/README, ignoring: No such file or directory May 05 02:48:00.006909 osdx systemd[1]: Starting logrotate.service - Rotate log files... May 05 02:48:00.014052 osdx systemd[1]: Starting suricata@FW.service - Suricata client "FW" service... May 05 02:48:00.035891 osdx systemd[1]: Started suricata@FW.service - Suricata client "FW" service. May 05 02:48:00.044352 osdx systemd[1]: logrotate.service: Deactivated successfully. May 05 02:48:00.046935 osdx systemd[1]: Finished logrotate.service - Rotate log files. May 05 02:48:00.057842 osdx INFO[690617]: Rules successfully loaded May 05 02:48:00.058393 osdx cfgd[1648]: [598646]Completed change to active configuration May 05 02:48:00.069409 osdx OSDxCLI[598646]: User 'admin' committed the configuration. May 05 02:48:00.127697 osdx OSDxCLI[598646]: User 'admin' left the configuration menu. May 05 02:48:00.866427 osdx ulogd[690615]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 (Sc: not-bypass) May 05 02:48:00.866452 osdx ulogd[690615]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 (Sc: not-bypass) May 05 02:48:00.942674 osdx ulogd[690615]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 (Sc: not-bypass) May 05 02:48:00.942694 osdx ulogd[690615]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 (Sc: not-bypass)
Offload flag
Description
Set a simple configuration with DUT0 as an intermediary between DUT1
and DUT2. Initiate a ssh connection from DUT1 to DUT2
and check that default and offload fields appear when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set interfaces ethernet eth1 address 192.168.200.1/24 set system conntrack logging events all set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Set the following configuration in DUT2 :
set interfaces ethernet eth0 address 192.168.200.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.200.1 set service ssh set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.492 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.492/0.492/0.492/0.000 ms
Step 5: Ping IP address 192.168.200.1 from DUT2:
admin@DUT2$ ping 192.168.200.1 count 1 size 56 timeout 1Show output
PING 192.168.200.1 (192.168.200.1) 56(84) bytes of data. 64 bytes from 192.168.200.1: icmp_seq=1 ttl=64 time=0.545 ms --- 192.168.200.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.545/0.545/0.545/0.000 ms
Step 6: Init an SSH connection from DUT1 to IP address 192.168.200.2 with the user admin:
admin@DUT1$ ssh admin@192.168.200.2 option StrictHostKeyChecking=no option UserKnownHostsFile=/dev/nullShow output
Warning: Permanently added '192.168.200.2' (ECDSA) to the list of known hosts. admin@192.168.200.2's password: Welcome to Teldat OSDx v4.2.9.3 This system includes free software. Contact Teldat for licenses information and source code. Last login: Tue May 5 02:42:09 2026 from 10.215.168.64 admin@osdx$
Step 7: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*\[OFFLOAD\]Show output
May 05 02:48:08.273207 osdx systemd-journald[1908]: Runtime Journal (/run/log/journal/9e2a66651dea45ed982d8152051049c2) is 1.9M, max 13.8M, 11.9M free. May 05 02:48:08.277197 osdx systemd-journald[1908]: Received client request to rotate journal, rotating. May 05 02:48:08.277242 osdx systemd-journald[1908]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9e2a66651dea45ed982d8152051049c2. May 05 02:48:08.282911 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal clear'. May 05 02:48:08.475230 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system coredump delete all'. May 05 02:48:08.669782 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu. May 05 02:48:08.751461 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth1 address 192.168.200.1/24'. May 05 02:48:08.826589 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. May 05 02:48:08.877258 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. May 05 02:48:08.982340 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show working'. May 05 02:48:09.038277 osdx ubnt-cfgd[690964]: inactive May 05 02:48:09.061334 osdx INFO[690970]: FRR daemons did not change May 05 02:48:09.097250 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth1 May 05 02:48:09.139927 osdx WARNING[691042]: No supported link modes on interface eth1 May 05 02:48:09.141249 osdx modulelauncher[691042]: osdx.utils.xos cmd error: /sbin/ethtool -A eth1 autoneg on May 05 02:48:09.141259 osdx modulelauncher[691042]: Command '/sbin/ethtool -A eth1 autoneg on' returned non-zero exit status 76. May 05 02:48:09.142376 osdx modulelauncher[691042]: osdx.utils.xos cmd error: /sbin/ethtool -s eth1 autoneg on advertise Pause off Asym_Pause off -- May 05 02:48:09.142382 osdx modulelauncher[691042]: Command '/sbin/ethtool -s eth1 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. May 05 02:48:09.173216 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 May 05 02:48:09.221213 osdx WARNING[691122]: No supported link modes on interface eth0 May 05 02:48:09.222634 osdx modulelauncher[691122]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on May 05 02:48:09.222647 osdx modulelauncher[691122]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. May 05 02:48:09.223738 osdx modulelauncher[691122]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- May 05 02:48:09.223747 osdx modulelauncher[691122]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. May 05 02:48:09.269433 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:48:09.270145 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:48:09.270311 osdx ulogd[691148]: registering plugin `NFCT' May 05 02:48:09.270358 osdx ulogd[691148]: registering plugin `IP2STR' May 05 02:48:09.270395 osdx ulogd[691148]: registering plugin `PRINTFLOW' May 05 02:48:09.270438 osdx ulogd[691148]: registering plugin `SYSLOG' May 05 02:48:09.270442 osdx ulogd[691148]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' May 05 02:48:09.270489 osdx ulogd[691148]: NFCT plugin working in event mode May 05 02:48:09.270498 osdx ulogd[691148]: Changing UID / GID May 05 02:48:09.270576 osdx ulogd[691148]: initialization finished, entering main loop May 05 02:48:09.271298 osdx cfgd[1648]: [598646]Completed change to active configuration May 05 02:48:09.282620 osdx OSDxCLI[598646]: User 'admin' committed the configuration. May 05 02:48:09.297623 osdx OSDxCLI[598646]: User 'admin' left the configuration menu. May 05 02:48:10.856272 osdx ulogd[691148]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:48:10.856292 osdx ulogd[691148]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:48:10.931952 osdx ulogd[691148]: [NEW] ORIG: SRC=192.168.200.2 DST=192.168.200.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.1 DST=192.168.200.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:48:10.931969 osdx ulogd[691148]: [UPDATE] ORIG: SRC=192.168.200.2 DST=192.168.200.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.1 DST=192.168.200.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:48:11.019601 osdx ulogd[691148]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.200.2 PROTO=TCP SPT=49276 DPT=22 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.2 DST=192.168.100.2 PROTO=TCP SPT=22 DPT=49276 PKTS=0 BYTES=0 May 05 02:48:11.019733 osdx ulogd[691148]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.200.2 PROTO=TCP SPT=49276 DPT=22 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.2 DST=192.168.100.2 PROTO=TCP SPT=22 DPT=49276 PKTS=0 BYTES=0 May 05 02:48:11.019834 osdx ulogd[691148]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.200.2 PROTO=TCP SPT=49276 DPT=22 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.2 DST=192.168.100.2 PROTO=TCP SPT=22 DPT=49276 PKTS=0 BYTES=0 [OFFLOAD] May 05 02:48:11.260116 osdx ulogd[691148]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.200.2 PROTO=TCP SPT=49276 DPT=22 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.2 DST=192.168.100.2 PROTO=TCP SPT=22 DPT=49276 PKTS=0 BYTES=0 May 05 02:48:11.260140 osdx ulogd[691148]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.200.2 PROTO=TCP SPT=49276 DPT=22 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.2 DST=192.168.100.2 PROTO=TCP SPT=22 DPT=49276 PKTS=0 BYTES=0 [OFFLOAD] May 05 02:48:11.261107 osdx ulogd[691148]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.200.2 PROTO=TCP SPT=49276 DPT=22 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.2 DST=192.168.100.2 PROTO=TCP SPT=22 DPT=49276 PKTS=0 BYTES=0 May 05 02:48:11.261174 osdx ulogd[691148]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.200.2 PROTO=TCP SPT=49276 DPT=22 PKTS=0 BYTES=0 , REPLY: SRC=192.168.200.2 DST=192.168.100.2 PROTO=TCP SPT=22 DPT=49276 PKTS=0 BYTES=0 [OFFLOAD]
App detect logging
Description
Set a simple configuration enabling app detection in system conntrack, send a ping command from DUT1
and check app detect field appears when running system journal show. After that, enabling app detection
in system conntrack for http host, try to copy index.html from a http server
and check that the app detect field appears and belongs to the http server when running system journal show.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set system conntrack app-detect set system conntrack logging events all set system conntrack timeout icmp 1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.615 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.615/0.615/0.615/0.000 ms
Step 4: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 3 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.206 ms 64 bytes from 192.168.100.1: icmp_seq=2 ttl=64 time=0.233 ms 64 bytes from 192.168.100.1: icmp_seq=3 ttl=64 time=0.426 ms --- 192.168.100.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2040ms rtt min/avg/max/mdev = 0.206/0.288/0.426/0.097 ms
Step 5: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[NEW\].*APPDETECT\[L3:1\]Show output
May 05 02:48:15.281794 osdx systemd-journald[1908]: Runtime Journal (/run/log/journal/9e2a66651dea45ed982d8152051049c2) is 1.9M, max 13.8M, 11.8M free. May 05 02:48:15.284303 osdx systemd-journald[1908]: Received client request to rotate journal, rotating. May 05 02:48:15.284369 osdx systemd-journald[1908]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9e2a66651dea45ed982d8152051049c2. May 05 02:48:15.305928 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal clear'. May 05 02:48:15.543976 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system coredump delete all'. May 05 02:48:15.780711 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu. May 05 02:48:15.834502 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack app-detect'. May 05 02:48:15.925978 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack timeout icmp 1'. May 05 02:48:16.002456 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. May 05 02:48:16.070232 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. May 05 02:48:16.132652 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show working'. May 05 02:48:16.223003 osdx ubnt-cfgd[691384]: inactive May 05 02:48:16.250150 osdx INFO[691390]: FRR daemons did not change May 05 02:48:16.419983 osdx kernel: nfUDPlink: module init May 05 02:48:16.420032 osdx kernel: app-detect: module init May 05 02:48:16.420044 osdx kernel: app-detect: registered: sysctl net.appdetect May 05 02:48:16.420052 osdx kernel: nfUDPlink: connected 127.0.0.1:49000 May 05 02:48:16.420060 osdx kernel: nfUDPlink: added destination 127.0.0.1:49000 May 05 02:48:16.420067 osdx kernel: app-detect: expression init May 05 02:48:16.420075 osdx kernel: app-detect: appid cache initialized (override=yes, chained=yes) May 05 02:48:16.420082 osdx kernel: app-detect: cache changes counter set appid_changes_count found (klen=4, dlen=4) May 05 02:48:16.425054 osdx modulelauncher[691393]: AppDetect: no appdetect_chain refresh needed, nothing more to do May 05 02:48:16.427415 osdx INFO[691418]: Stopping Traffic Categorization (TCATD) service ... May 05 02:48:16.467999 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 May 05 02:48:16.511634 osdx WARNING[691493]: No supported link modes on interface eth0 May 05 02:48:16.513010 osdx modulelauncher[691493]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on May 05 02:48:16.513021 osdx modulelauncher[691493]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. May 05 02:48:16.514079 osdx modulelauncher[691493]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- May 05 02:48:16.514087 osdx modulelauncher[691493]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. May 05 02:48:16.548295 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:48:16.548878 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:48:16.548956 osdx ulogd[691518]: registering plugin `NFCT' May 05 02:48:16.548992 osdx ulogd[691518]: registering plugin `IP2STR' May 05 02:48:16.549023 osdx ulogd[691518]: registering plugin `PRINTFLOW' May 05 02:48:16.549066 osdx ulogd[691518]: registering plugin `SYSLOG' May 05 02:48:16.549069 osdx ulogd[691518]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' May 05 02:48:16.549110 osdx ulogd[691518]: NFCT plugin working in event mode May 05 02:48:16.549118 osdx ulogd[691518]: Changing UID / GID May 05 02:48:16.549180 osdx ulogd[691518]: initialization finished, entering main loop May 05 02:48:16.550014 osdx cfgd[1648]: [598646]Completed change to active configuration May 05 02:48:16.561011 osdx OSDxCLI[598646]: User 'admin' committed the configuration. May 05 02:48:16.575080 osdx OSDxCLI[598646]: User 'admin' left the configuration menu. May 05 02:48:17.359653 osdx ulogd[691518]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:17.359672 osdx ulogd[691518]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:17.430677 osdx ulogd[691518]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:17.430701 osdx ulogd[691518]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:18.446528 osdx ulogd[691518]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] May 05 02:48:18.446551 osdx ulogd[691518]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:18.446565 osdx ulogd[691518]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:19.470670 osdx ulogd[691518]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] May 05 02:48:19.470709 osdx ulogd[691518]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:19.470736 osdx ulogd[691518]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1]
Step 6: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[UPDATE\].*APPDETECT\[L3:1\]Show output
May 05 02:48:15.281794 osdx systemd-journald[1908]: Runtime Journal (/run/log/journal/9e2a66651dea45ed982d8152051049c2) is 1.9M, max 13.8M, 11.8M free. May 05 02:48:15.284303 osdx systemd-journald[1908]: Received client request to rotate journal, rotating. May 05 02:48:15.284369 osdx systemd-journald[1908]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9e2a66651dea45ed982d8152051049c2. May 05 02:48:15.305928 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal clear'. May 05 02:48:15.543976 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system coredump delete all'. May 05 02:48:15.780711 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu. May 05 02:48:15.834502 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack app-detect'. May 05 02:48:15.925978 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack timeout icmp 1'. May 05 02:48:16.002456 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. May 05 02:48:16.070232 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. May 05 02:48:16.132652 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show working'. May 05 02:48:16.223003 osdx ubnt-cfgd[691384]: inactive May 05 02:48:16.250150 osdx INFO[691390]: FRR daemons did not change May 05 02:48:16.419983 osdx kernel: nfUDPlink: module init May 05 02:48:16.420032 osdx kernel: app-detect: module init May 05 02:48:16.420044 osdx kernel: app-detect: registered: sysctl net.appdetect May 05 02:48:16.420052 osdx kernel: nfUDPlink: connected 127.0.0.1:49000 May 05 02:48:16.420060 osdx kernel: nfUDPlink: added destination 127.0.0.1:49000 May 05 02:48:16.420067 osdx kernel: app-detect: expression init May 05 02:48:16.420075 osdx kernel: app-detect: appid cache initialized (override=yes, chained=yes) May 05 02:48:16.420082 osdx kernel: app-detect: cache changes counter set appid_changes_count found (klen=4, dlen=4) May 05 02:48:16.425054 osdx modulelauncher[691393]: AppDetect: no appdetect_chain refresh needed, nothing more to do May 05 02:48:16.427415 osdx INFO[691418]: Stopping Traffic Categorization (TCATD) service ... May 05 02:48:16.467999 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 May 05 02:48:16.511634 osdx WARNING[691493]: No supported link modes on interface eth0 May 05 02:48:16.513010 osdx modulelauncher[691493]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on May 05 02:48:16.513021 osdx modulelauncher[691493]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. May 05 02:48:16.514079 osdx modulelauncher[691493]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- May 05 02:48:16.514087 osdx modulelauncher[691493]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. May 05 02:48:16.548295 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:48:16.548878 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:48:16.548956 osdx ulogd[691518]: registering plugin `NFCT' May 05 02:48:16.548992 osdx ulogd[691518]: registering plugin `IP2STR' May 05 02:48:16.549023 osdx ulogd[691518]: registering plugin `PRINTFLOW' May 05 02:48:16.549066 osdx ulogd[691518]: registering plugin `SYSLOG' May 05 02:48:16.549069 osdx ulogd[691518]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' May 05 02:48:16.549110 osdx ulogd[691518]: NFCT plugin working in event mode May 05 02:48:16.549118 osdx ulogd[691518]: Changing UID / GID May 05 02:48:16.549180 osdx ulogd[691518]: initialization finished, entering main loop May 05 02:48:16.550014 osdx cfgd[1648]: [598646]Completed change to active configuration May 05 02:48:16.561011 osdx OSDxCLI[598646]: User 'admin' committed the configuration. May 05 02:48:16.575080 osdx OSDxCLI[598646]: User 'admin' left the configuration menu. May 05 02:48:17.359653 osdx ulogd[691518]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:17.359672 osdx ulogd[691518]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:17.430677 osdx ulogd[691518]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:17.430701 osdx ulogd[691518]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:18.446528 osdx ulogd[691518]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] May 05 02:48:18.446551 osdx ulogd[691518]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:18.446565 osdx ulogd[691518]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:19.470670 osdx ulogd[691518]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] May 05 02:48:19.470709 osdx ulogd[691518]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:19.470736 osdx ulogd[691518]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:19.564130 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal show | cat'.
Step 7: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[DESTROY\].*APPDETECT\[L3:1\]Show output
May 05 02:48:15.281794 osdx systemd-journald[1908]: Runtime Journal (/run/log/journal/9e2a66651dea45ed982d8152051049c2) is 1.9M, max 13.8M, 11.8M free. May 05 02:48:15.284303 osdx systemd-journald[1908]: Received client request to rotate journal, rotating. May 05 02:48:15.284369 osdx systemd-journald[1908]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9e2a66651dea45ed982d8152051049c2. May 05 02:48:15.305928 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal clear'. May 05 02:48:15.543976 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system coredump delete all'. May 05 02:48:15.780711 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu. May 05 02:48:15.834502 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack app-detect'. May 05 02:48:15.925978 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack timeout icmp 1'. May 05 02:48:16.002456 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. May 05 02:48:16.070232 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. May 05 02:48:16.132652 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show working'. May 05 02:48:16.223003 osdx ubnt-cfgd[691384]: inactive May 05 02:48:16.250150 osdx INFO[691390]: FRR daemons did not change May 05 02:48:16.419983 osdx kernel: nfUDPlink: module init May 05 02:48:16.420032 osdx kernel: app-detect: module init May 05 02:48:16.420044 osdx kernel: app-detect: registered: sysctl net.appdetect May 05 02:48:16.420052 osdx kernel: nfUDPlink: connected 127.0.0.1:49000 May 05 02:48:16.420060 osdx kernel: nfUDPlink: added destination 127.0.0.1:49000 May 05 02:48:16.420067 osdx kernel: app-detect: expression init May 05 02:48:16.420075 osdx kernel: app-detect: appid cache initialized (override=yes, chained=yes) May 05 02:48:16.420082 osdx kernel: app-detect: cache changes counter set appid_changes_count found (klen=4, dlen=4) May 05 02:48:16.425054 osdx modulelauncher[691393]: AppDetect: no appdetect_chain refresh needed, nothing more to do May 05 02:48:16.427415 osdx INFO[691418]: Stopping Traffic Categorization (TCATD) service ... May 05 02:48:16.467999 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 May 05 02:48:16.511634 osdx WARNING[691493]: No supported link modes on interface eth0 May 05 02:48:16.513010 osdx modulelauncher[691493]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on May 05 02:48:16.513021 osdx modulelauncher[691493]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. May 05 02:48:16.514079 osdx modulelauncher[691493]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- May 05 02:48:16.514087 osdx modulelauncher[691493]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. May 05 02:48:16.548295 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:48:16.548878 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:48:16.548956 osdx ulogd[691518]: registering plugin `NFCT' May 05 02:48:16.548992 osdx ulogd[691518]: registering plugin `IP2STR' May 05 02:48:16.549023 osdx ulogd[691518]: registering plugin `PRINTFLOW' May 05 02:48:16.549066 osdx ulogd[691518]: registering plugin `SYSLOG' May 05 02:48:16.549069 osdx ulogd[691518]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' May 05 02:48:16.549110 osdx ulogd[691518]: NFCT plugin working in event mode May 05 02:48:16.549118 osdx ulogd[691518]: Changing UID / GID May 05 02:48:16.549180 osdx ulogd[691518]: initialization finished, entering main loop May 05 02:48:16.550014 osdx cfgd[1648]: [598646]Completed change to active configuration May 05 02:48:16.561011 osdx OSDxCLI[598646]: User 'admin' committed the configuration. May 05 02:48:16.575080 osdx OSDxCLI[598646]: User 'admin' left the configuration menu. May 05 02:48:17.359653 osdx ulogd[691518]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:17.359672 osdx ulogd[691518]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:17.430677 osdx ulogd[691518]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:17.430701 osdx ulogd[691518]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:18.446528 osdx ulogd[691518]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] May 05 02:48:18.446551 osdx ulogd[691518]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:18.446565 osdx ulogd[691518]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:19.470670 osdx ulogd[691518]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] May 05 02:48:19.470709 osdx ulogd[691518]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:19.470736 osdx ulogd[691518]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:19.564130 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal show | cat'. May 05 02:48:19.667093 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal show | cat'.
Step 8: Modify the following configuration lines in DUT0 :
set interfaces ethernet eth1 address 10.215.168.64/24 set system conntrack app-detect http-host
Step 9: Ping IP address 10.215.168.1 from DUT0:
admin@DUT0$ ping 10.215.168.1 count 1 size 56 timeout 1Show output
PING 10.215.168.1 (10.215.168.1) 56(84) bytes of data. 64 bytes from 10.215.168.1: icmp_seq=1 ttl=64 time=0.306 ms --- 10.215.168.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.306/0.306/0.306/0.000 ms
Step 10: Run command file copy http://10.215.168.1/~robot/ running://index.html force at DUT0 and expect this output:
Show output
% Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 4818 0 4818 0 0 893k 0 --:--:-- --:--:-- --:--:-- 941k
Step 11: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
ulogd\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*APPDETECT\[L4:80 http-host:10.215.168.1\]Show output
May 05 02:48:15.281794 osdx systemd-journald[1908]: Runtime Journal (/run/log/journal/9e2a66651dea45ed982d8152051049c2) is 1.9M, max 13.8M, 11.8M free. May 05 02:48:15.284303 osdx systemd-journald[1908]: Received client request to rotate journal, rotating. May 05 02:48:15.284369 osdx systemd-journald[1908]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9e2a66651dea45ed982d8152051049c2. May 05 02:48:15.305928 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal clear'. May 05 02:48:15.543976 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system coredump delete all'. May 05 02:48:15.780711 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu. May 05 02:48:15.834502 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack app-detect'. May 05 02:48:15.925978 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack timeout icmp 1'. May 05 02:48:16.002456 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. May 05 02:48:16.070232 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. May 05 02:48:16.132652 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show working'. May 05 02:48:16.223003 osdx ubnt-cfgd[691384]: inactive May 05 02:48:16.250150 osdx INFO[691390]: FRR daemons did not change May 05 02:48:16.419983 osdx kernel: nfUDPlink: module init May 05 02:48:16.420032 osdx kernel: app-detect: module init May 05 02:48:16.420044 osdx kernel: app-detect: registered: sysctl net.appdetect May 05 02:48:16.420052 osdx kernel: nfUDPlink: connected 127.0.0.1:49000 May 05 02:48:16.420060 osdx kernel: nfUDPlink: added destination 127.0.0.1:49000 May 05 02:48:16.420067 osdx kernel: app-detect: expression init May 05 02:48:16.420075 osdx kernel: app-detect: appid cache initialized (override=yes, chained=yes) May 05 02:48:16.420082 osdx kernel: app-detect: cache changes counter set appid_changes_count found (klen=4, dlen=4) May 05 02:48:16.425054 osdx modulelauncher[691393]: AppDetect: no appdetect_chain refresh needed, nothing more to do May 05 02:48:16.427415 osdx INFO[691418]: Stopping Traffic Categorization (TCATD) service ... May 05 02:48:16.467999 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 May 05 02:48:16.511634 osdx WARNING[691493]: No supported link modes on interface eth0 May 05 02:48:16.513010 osdx modulelauncher[691493]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on May 05 02:48:16.513021 osdx modulelauncher[691493]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. May 05 02:48:16.514079 osdx modulelauncher[691493]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- May 05 02:48:16.514087 osdx modulelauncher[691493]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. May 05 02:48:16.548295 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:48:16.548878 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:48:16.548956 osdx ulogd[691518]: registering plugin `NFCT' May 05 02:48:16.548992 osdx ulogd[691518]: registering plugin `IP2STR' May 05 02:48:16.549023 osdx ulogd[691518]: registering plugin `PRINTFLOW' May 05 02:48:16.549066 osdx ulogd[691518]: registering plugin `SYSLOG' May 05 02:48:16.549069 osdx ulogd[691518]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' May 05 02:48:16.549110 osdx ulogd[691518]: NFCT plugin working in event mode May 05 02:48:16.549118 osdx ulogd[691518]: Changing UID / GID May 05 02:48:16.549180 osdx ulogd[691518]: initialization finished, entering main loop May 05 02:48:16.550014 osdx cfgd[1648]: [598646]Completed change to active configuration May 05 02:48:16.561011 osdx OSDxCLI[598646]: User 'admin' committed the configuration. May 05 02:48:16.575080 osdx OSDxCLI[598646]: User 'admin' left the configuration menu. May 05 02:48:17.359653 osdx ulogd[691518]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:17.359672 osdx ulogd[691518]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:17.430677 osdx ulogd[691518]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:17.430701 osdx ulogd[691518]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:18.446528 osdx ulogd[691518]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] May 05 02:48:18.446551 osdx ulogd[691518]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:18.446565 osdx ulogd[691518]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:19.470670 osdx ulogd[691518]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] May 05 02:48:19.470709 osdx ulogd[691518]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:19.470736 osdx ulogd[691518]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:19.564130 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal show | cat'. May 05 02:48:19.667093 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal show | cat'. May 05 02:48:19.774262 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal show | cat'. May 05 02:48:19.946451 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu. May 05 02:48:20.025364 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth1 address 10.215.168.64/24'. May 05 02:48:20.092390 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack app-detect http-host'. May 05 02:48:20.188832 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show changes'. May 05 02:48:20.242960 osdx ubnt-cfgd[691571]: inactive May 05 02:48:20.263858 osdx INFO[691577]: FRR daemons did not change May 05 02:48:20.303981 osdx kernel: app-detect: expression destroy May 05 02:48:20.315993 osdx kernel: app-detect: expression init May 05 02:48:20.316047 osdx kernel: app-detect: appid cache initialized (override=yes, chained=yes) May 05 02:48:20.316061 osdx kernel: app-detect: cache changes counter set appid_changes_count found (klen=4, dlen=4) May 05 02:48:20.322489 osdx modulelauncher[691580]: AppDetect: no appdetect_chain refresh needed, nothing more to do May 05 02:48:20.325210 osdx INFO[691596]: Stopping Traffic Categorization (TCATD) service ... May 05 02:48:20.360059 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth1 May 05 02:48:20.405760 osdx WARNING[691666]: No supported link modes on interface eth1 May 05 02:48:20.407090 osdx modulelauncher[691666]: osdx.utils.xos cmd error: /sbin/ethtool -A eth1 autoneg on May 05 02:48:20.407102 osdx modulelauncher[691666]: Command '/sbin/ethtool -A eth1 autoneg on' returned non-zero exit status 76. May 05 02:48:20.408243 osdx modulelauncher[691666]: osdx.utils.xos cmd error: /sbin/ethtool -s eth1 autoneg on advertise Pause off Asym_Pause off -- May 05 02:48:20.408251 osdx modulelauncher[691666]: Command '/sbin/ethtool -s eth1 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. May 05 02:48:20.419225 osdx cfgd[1648]: [598646]Completed change to active configuration May 05 02:48:20.429990 osdx ulogd[691518]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] May 05 02:48:20.430009 osdx ulogd[691518]: [DESTROY] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=1 BYTES=84 APPDETECT[L3:1] May 05 02:48:20.430580 osdx OSDxCLI[598646]: User 'admin' committed the configuration. May 05 02:48:20.444580 osdx OSDxCLI[598646]: User 'admin' left the configuration menu. May 05 02:48:20.588743 osdx ulogd[691518]: [NEW] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:20.588982 osdx ulogd[691518]: [UPDATE] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 APPDETECT[L3:1] May 05 02:48:20.591403 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'ping 10.215.168.1 count 1 size 56 timeout 1'. May 05 02:48:20.711352 osdx file_operation[691723]: using src url: http://10.215.168.1/~robot/ dst url: running://index.html May 05 02:48:20.716465 osdx ulogd[691518]: [NEW] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=TCP SPT=39536 DPT=80 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=TCP SPT=80 DPT=39536 PKTS=0 BYTES=0 APPDETECT[L4:80] May 05 02:48:20.716577 osdx ulogd[691518]: [UPDATE] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=TCP SPT=39536 DPT=80 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=TCP SPT=80 DPT=39536 PKTS=0 BYTES=0 APPDETECT[L4:80] May 05 02:48:20.716600 osdx ulogd[691518]: [UPDATE] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=TCP SPT=39536 DPT=80 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=TCP SPT=80 DPT=39536 PKTS=0 BYTES=0 APPDETECT[L4:80] May 05 02:48:20.718421 osdx ulogd[691518]: [UPDATE] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=TCP SPT=39536 DPT=80 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=TCP SPT=80 DPT=39536 PKTS=0 BYTES=0 APPDETECT[L4:80 http-host:10.215.168.1] May 05 02:48:20.718482 osdx ulogd[691518]: [UPDATE] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=TCP SPT=39536 DPT=80 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=TCP SPT=80 DPT=39536 PKTS=0 BYTES=0 APPDETECT[L4:80 http-host:10.215.168.1] May 05 02:48:20.718495 osdx ulogd[691518]: [UPDATE] ORIG: SRC=10.215.168.64 DST=10.215.168.1 PROTO=TCP SPT=39536 DPT=80 PKTS=0 BYTES=0 , REPLY: SRC=10.215.168.1 DST=10.215.168.64 PROTO=TCP SPT=80 DPT=39536 PKTS=0 BYTES=0 APPDETECT[L4:80 http-host:10.215.168.1] May 05 02:48:20.734570 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'file copy http://10.215.168.1/~robot/ running://index.html force'.
App Detect Drop Packet
Description
Set a traffic policy with action drop for all the packets matching an appid specified by a traffic selector.
Enable http-host and http-url option in system conntrack appdetect path in order to see relevant information about http packets.
Finnally, log that packets with app-id option and check that appdetect field appear in journal when
running system journal show
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth1 address 10.215.168.64/24 set interfaces ethernet eth1 traffic policy out DROP set system conntrack app-detect dictionary 130 custom app-id 155 fqdn 10.215.168.1 set system conntrack app-detect enable_dict_match_priv_ip set system conntrack app-detect http-host set system conntrack app-detect http-url set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set traffic policy DROP rule 1 action drop set traffic policy DROP rule 1 log app-id set traffic policy DROP rule 1 selector APPID set traffic selector APPID rule 1 app-detect app-id custom 155
Step 2: Ping IP address 10.215.168.1 from DUT0:
admin@DUT0$ ping 10.215.168.1 count 1 size 56 timeout 1Show output
PING 10.215.168.1 (10.215.168.1) 56(84) bytes of data. 64 bytes from 10.215.168.1: icmp_seq=1 ttl=64 time=0.241 ms --- 10.215.168.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.241/0.241/0.241/0.000 ms
Step 3: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
osdx kernel:.*APPDETECT\[U6:155 http-url:/~robot/ http-host:10.215.168.1\]Show output
May 05 02:48:25.282723 osdx systemd-journald[1908]: Runtime Journal (/run/log/journal/9e2a66651dea45ed982d8152051049c2) is 1.8M, max 13.8M, 11.9M free. May 05 02:48:25.285483 osdx systemd-journald[1908]: Received client request to rotate journal, rotating. May 05 02:48:25.285530 osdx systemd-journald[1908]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9e2a66651dea45ed982d8152051049c2. May 05 02:48:25.291598 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal clear'. May 05 02:48:25.485987 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system coredump delete all'. May 05 02:48:25.682575 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu. May 05 02:48:25.740188 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack app-detect dictionary 130 custom app-id 155 fqdn 10.215.168.1'. May 05 02:48:25.825874 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack app-detect enable_dict_match_priv_ip'. May 05 02:48:25.876092 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack app-detect http-url'. May 05 02:48:25.975094 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set traffic selector APPID rule 1 app-detect app-id custom 155'. May 05 02:48:26.023976 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set traffic policy DROP rule 1 selector APPID'. May 05 02:48:26.112885 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set traffic policy DROP rule 1 action drop'. May 05 02:48:26.162848 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set traffic policy DROP rule 1 log app-id'. May 05 02:48:26.284822 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth1 traffic policy out DROP'. May 05 02:48:26.332305 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth1 address 10.215.168.64/24'. May 05 02:48:26.422348 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack app-detect http-host'. May 05 02:48:26.486667 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show working'. May 05 02:48:26.578056 osdx ubnt-cfgd[691969]: inactive May 05 02:48:26.619252 osdx INFO[691993]: FRR daemons did not change May 05 02:48:26.781486 osdx kernel: nfUDPlink: module init May 05 02:48:26.781531 osdx kernel: app-detect: module init May 05 02:48:26.781541 osdx kernel: app-detect: registered: sysctl net.appdetect May 05 02:48:26.781552 osdx kernel: nfUDPlink: connected 127.0.0.1:49000 May 05 02:48:26.781560 osdx kernel: nfUDPlink: added destination 127.0.0.1:49000 May 05 02:48:26.781568 osdx kernel: app-detect: expression init May 05 02:48:26.781576 osdx kernel: app-detect: appid cache initialized (override=yes, chained=yes) May 05 02:48:26.781588 osdx kernel: app-detect: cache changes counter set appid_changes_count found (klen=4, dlen=4) May 05 02:48:26.804076 osdx INFO[692028]: Updated /etc/default/osdx_tcatd.conf May 05 02:48:26.804111 osdx INFO[692028]: Restarting Traffic Categorization (TCATD) service ... May 05 02:48:26.830154 osdx systemd[1]: Starting osdx-tcatd.service - App-Detect Traffic Categorization daemon... May 05 02:48:26.843729 osdx systemd[1]: Started osdx-tcatd.service - App-Detect Traffic Categorization daemon. May 05 02:48:26.881500 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth1 May 05 02:48:26.930965 osdx WARNING[692102]: No supported link modes on interface eth1 May 05 02:48:26.932252 osdx modulelauncher[692102]: osdx.utils.xos cmd error: /sbin/ethtool -A eth1 autoneg on May 05 02:48:26.932263 osdx modulelauncher[692102]: Command '/sbin/ethtool -A eth1 autoneg on' returned non-zero exit status 76. May 05 02:48:26.933753 osdx modulelauncher[692102]: osdx.utils.xos cmd error: /sbin/ethtool -s eth1 autoneg on advertise Pause off Asym_Pause off -- May 05 02:48:26.933760 osdx modulelauncher[692102]: Command '/sbin/ethtool -s eth1 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. May 05 02:48:27.165072 osdx cfgd[1648]: [598646]Completed change to active configuration May 05 02:48:27.180578 osdx OSDxCLI[598646]: User 'admin' committed the configuration. May 05 02:48:27.195797 osdx OSDxCLI[598646]: User 'admin' left the configuration menu. May 05 02:48:27.340480 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'ping 10.215.168.1 count 1 size 56 timeout 1'. May 05 02:48:27.457535 osdx file_operation[692182]: using src url: http://10.215.168.1/~robot/ dst url: running://index.html May 05 02:48:27.465478 osdx kernel: [DROP-1] DROP IN= OUT=eth1 SRC=10.215.168.64 DST=10.215.168.1 LEN=306 TOS=0x00 PREC=0x00 TTL=64 ID=40613 DF PROTO=TCP SPT=35664 DPT=80 WINDOW=502 RES=0x00 ACK PSH URGP=0 APPDETECT[U6:155 http-url:/~robot/ http-host:10.215.168.1] May 05 02:48:27.669519 osdx kernel: [DROP-1] DROP IN= OUT=eth1 SRC=10.215.168.64 DST=10.215.168.1 LEN=306 TOS=0x00 PREC=0x00 TTL=64 ID=40614 DF PROTO=TCP SPT=35664 DPT=80 WINDOW=502 RES=0x00 ACK PSH URGP=0 APPDETECT[U6:155 http-url:/~robot/ http-host:10.215.168.1] May 05 02:48:28.077597 osdx kernel: [DROP-1] DROP IN= OUT=eth1 SRC=10.215.168.64 DST=10.215.168.1 LEN=306 TOS=0x00 PREC=0x00 TTL=64 ID=40615 DF PROTO=TCP SPT=35664 DPT=80 WINDOW=502 RES=0x00 ACK PSH URGP=0 APPDETECT[U6:155 http-url:/~robot/ http-host:10.215.168.1] May 05 02:48:28.909584 osdx kernel: [DROP-1] DROP IN= OUT=eth1 SRC=10.215.168.64 DST=10.215.168.1 LEN=306 TOS=0x00 PREC=0x00 TTL=64 ID=40616 DF PROTO=TCP SPT=35664 DPT=80 WINDOW=502 RES=0x00 ACK PSH URGP=0 APPDETECT[U6:155 http-url:/~robot/ http-host:10.215.168.1] May 05 02:48:30.475333 osdx file_operation.py[692182]: Operation aborted by user. May 05 02:48:30.485487 osdx kernel: [DROP-1] DROP IN= OUT=eth1 SRC=10.215.168.64 DST=10.215.168.1 LEN=306 TOS=0x00 PREC=0x00 TTL=64 ID=40617 DF PROTO=TCP SPT=35664 DPT=80 WINDOW=502 RES=0x00 ACK PSH FIN URGP=0 APPDETECT[U6:155 http-url:/~robot/ http-host:10.215.168.1] May 05 02:48:30.489549 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'file copy http://10.215.168.1/~robot/ running://index.html force'. May 05 02:48:30.549487 osdx kernel: [DROP-1] DROP IN= OUT=eth1 SRC=10.215.168.64 DST=10.215.168.1 LEN=306 TOS=0x00 PREC=0x00 TTL=64 ID=40618 DF PROTO=TCP SPT=35664 DPT=80 WINDOW=502 RES=0x00 ACK PSH FIN URGP=0 APPDETECT[U6:155 http-url:/~robot/ http-host:10.215.168.1]
Identity Values
Description
Conntrack identity is able to contain any printed character (max 92 characters) but not spaces
Scenario
Step 1: Run command configure at DUT0 and expect this output:
Show output
admin@osdx#
Step 2: Run command set system conntrack logging identity "he||o w@rld!" at DUT0 and check if output contains the following tokens:
Identity name must be 92 characters or less and must contain printable characters except those defined as part of the space character classShow output
Identity name must be 92 characters or less and must contain printable characters except those defined as part of the space character class Value validation failed CLI Error: Command error
Step 3: Run command set system conntrack logging identity Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-amet-vita at DUT0 and check if output contains the following tokens:
Identity name must be 92 characters or less and must contain printable characters except those defined as part of the space character classShow output
Identity name must be 92 characters or less and must contain printable characters except those defined as part of the space character class Value validation failed CLI Error: Command error
Step 4: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set system conntrack logging events all set system conntrack logging identity Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 5: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols static route 0.0.0.0/0 next-hop 192.168.100.1 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 6: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.835 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.835/0.835/0.835/0.000 ms
Step 7: Ping IP address 192.168.100.1 from DUT1:
admin@DUT1$ ping 192.168.100.1 count 1 size 56 timeout 1Show output
PING 192.168.100.1 (192.168.100.1) 56(84) bytes of data. 64 bytes from 192.168.100.1: icmp_seq=1 ttl=64 time=0.463 ms --- 192.168.100.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.463/0.463/0.463/0.000 ms
Step 8: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit\[.*\]:.*\[((NEW)|(UPDATE)|(DESTROY))\].*SRC=192.168.100.2Show output
May 05 02:48:34.284666 osdx systemd-journald[1908]: Runtime Journal (/run/log/journal/9e2a66651dea45ed982d8152051049c2) is 1.8M, max 13.8M, 11.9M free. May 05 02:48:34.285068 osdx systemd-journald[1908]: Received client request to rotate journal, rotating. May 05 02:48:34.285096 osdx systemd-journald[1908]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9e2a66651dea45ed982d8152051049c2. May 05 02:48:34.293784 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal clear'. May 05 02:48:34.477685 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system coredump delete all'. May 05 02:48:34.669113 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu. May 05 02:48:34.725002 osdx cfgd[1648]: [598646]Command output: Identity name must be 92 characters or less and must contain printable characters except those defined as part of the space character class Value validation failed May 05 02:48:34.725603 osdx OSDxCLI[598646]: User 'admin' entered an invalid command: 'set system conntrack logging identity "he||o w@rld!"'. May 05 02:48:34.825984 osdx cfgd[1648]: [598646]Command output: Identity name must be 92 characters or less and must contain printable characters except those defined as part of the space character class Value validation failed May 05 02:48:34.826574 osdx OSDxCLI[598646]: User 'admin' entered an invalid command: 'set system conntrack logging identity Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-amet-vita'. May 05 02:48:34.842078 osdx OSDxCLI[598646]: User 'admin' left the configuration menu. May 05 02:48:34.997888 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu. May 05 02:48:35.076292 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 192.168.100.1/24'. May 05 02:48:35.143123 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack logging events all'. May 05 02:48:35.196799 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system conntrack logging identity Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit'. May 05 02:48:35.295156 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show working'. May 05 02:48:35.350614 osdx ubnt-cfgd[692397]: inactive May 05 02:48:35.368254 osdx INFO[692403]: FRR daemons did not change May 05 02:48:35.400829 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 May 05 02:48:35.440941 osdx WARNING[692475]: No supported link modes on interface eth0 May 05 02:48:35.442259 osdx modulelauncher[692475]: osdx.utils.xos cmd error: /sbin/ethtool -A eth0 autoneg on May 05 02:48:35.442270 osdx modulelauncher[692475]: Command '/sbin/ethtool -A eth0 autoneg on' returned non-zero exit status 76. May 05 02:48:35.443396 osdx modulelauncher[692475]: osdx.utils.xos cmd error: /sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off -- May 05 02:48:35.443403 osdx modulelauncher[692475]: Command '/sbin/ethtool -s eth0 autoneg on advertise Pause off Asym_Pause off --' returned non-zero exit status 75. May 05 02:48:35.537143 osdx systemd[1]: Starting ulogd2.service - Netfilter Userspace Logging Daemon... May 05 02:48:35.537880 osdx systemd[1]: Started ulogd2.service - Netfilter Userspace Logging Daemon. May 05 02:48:35.538007 osdx ulogd[692500]: registering plugin `NFCT' May 05 02:48:35.538046 osdx ulogd[692500]: registering plugin `IP2STR' May 05 02:48:35.538078 osdx ulogd[692500]: registering plugin `PRINTFLOW' May 05 02:48:35.538115 osdx ulogd[692500]: registering plugin `SYSLOG' May 05 02:48:35.538118 osdx ulogd[692500]: building new pluginstance stack: 'ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,sys1:SYSLOG' May 05 02:48:35.538157 osdx ulogd[692500]: NFCT plugin working in event mode May 05 02:48:35.538164 osdx Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit[692500]: Changing UID / GID May 05 02:48:35.538235 osdx Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit[692500]: initialization finished, entering main loop May 05 02:48:35.539003 osdx cfgd[1648]: [598646]Completed change to active configuration May 05 02:48:35.550011 osdx OSDxCLI[598646]: User 'admin' committed the configuration. May 05 02:48:35.569273 osdx OSDxCLI[598646]: User 'admin' left the configuration menu. May 05 02:48:36.323658 osdx Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit[692500]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:48:36.323678 osdx Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit[692500]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:48:36.395422 osdx Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit[692500]: [NEW] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 May 05 02:48:36.395445 osdx Lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-quisque-lorem-ipsum-dolor-sit-ame-vit[692500]: [UPDATE] ORIG: SRC=192.168.100.2 DST=192.168.100.1 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0 , REPLY: SRC=192.168.100.1 DST=192.168.100.2 PROTO=ICMP TYPE=0 CODE=8 PKTS=0 BYTES=0