millisecond accuracy.
@end deffn
+@deffn Command {log commands} {}
+This command enables the logging of all commands typed by a user to
+all enabled log destinations. The note that logging includes full
+command lines, including passwords. Once set, command logging can only
+be turned off by restarting the daemon.
+@end deffn
+
@deffn Command {service password-encryption} {}
Encrypt password.
@end deffn
/* Integrated configuration file path */
char integrate_default[] = SYSCONFDIR INTEGRATE_DEFAULT_CONFIG;
+static int do_log_commands = 0;
/* VTY standard output function. */
int
int ret;
vector vline;
const char *protocolname;
- char *cp;
+ char *cp = NULL;
/*
* Log non empty command lines
*/
- cp = buf;
+ if (do_log_commands)
+ cp = buf;
if (cp != NULL)
{
/* Skip white spaces. */
snprintf(prompt_str, sizeof(prompt_str), cmd_prompt (vty->node), vty_str);
/* now log the command */
- zlog(NULL, LOG_NOTICE, "%s%s", prompt_str, buf);
+ zlog(NULL, LOG_ERR, "%s%s", prompt_str, buf);
}
/* Split readline string up into the vector */
vline = cmd_make_strvec (buf);
return CMD_SUCCESS;
}
+/* vty login. */
+DEFUN (log_commands,
+ log_commands_cmd,
+ "log commands",
+ "Logging control\n"
+ "Log all commands (can't be unset without restart)\n")
+{
+ do_log_commands = 1;
+ return CMD_SUCCESS;
+}
+
/* Display current configuration. */
static int
vty_config_write (struct vty *vty)
else
vty_out (vty, " anonymous restricted%s", VTY_NEWLINE);
}
-
+
+ if (do_log_commands)
+ vty_out (vty, "log commands%s", VTY_NEWLINE);
+
vty_out (vty, "!%s", VTY_NEWLINE);
return CMD_SUCCESS;
install_element (CONFIG_NODE, &service_advanced_vty_cmd);
install_element (CONFIG_NODE, &no_service_advanced_vty_cmd);
install_element (CONFIG_NODE, &show_history_cmd);
+ install_element (CONFIG_NODE, &log_commands_cmd);
install_element (ENABLE_NODE, &terminal_monitor_cmd);
install_element (ENABLE_NODE, &terminal_no_monitor_cmd);
install_element (ENABLE_NODE, &no_terminal_monitor_cmd);
projects / matthieu / frr.git / commitdiff