Reply
Ubiquiti Employee
UBNT-stig
Posts: 4,054
Registered: ‎06-09-2011
Posts: 4054
Kudos: 1303
Solutions: 357
Contributions: 14
Registered: 06-09-2011

EdgeOS CLI Primer (part 1)

Currently we only have the basic feature set implemented in the web UI, so until we get more implemented the CLI must be used to configure the other features.

- Operational mode vs Configuration mode

When you first login you are in operational mode. If you hit the '?' key it will display the commands available:
ubnt@ubnt:~$ ?                                                                   
add delete ping6 reset terminal
clear disconnect reboot restart traceroute
configure generate release set traceroute6
connect initial-setup remove show undebug
copy no rename shutdown
debug ping renew telnet

ubnt@ubnt:~$ show ?
arp flow-accounting nat table
bridge hardware ntp tech-support
configuration history openvpn ubnt
date host pppoe-server users
debugging incoming queueing version
dhcp interfaces reboot vpn
dhcpv6 ip route-map vrrp
disk ipv6 shutdown webproxy
dns lldp snmp zebra
file log switch
firewall login system

ubnt@ubnt:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address S/L Description
--------- ---------- --- -----------
eth0 - u/u
eth1 - u/D
eth2 - u/D
eth3 - u/D
eth4 - u/D
eth5 - u/D
eth6 - u/D
lo 127.0.0.1/8 u/u

To change the configuration we must go into configuration mode.
ubnt@ubnt:~$ configure                                                          

ubnt@ubnt#

The '?' or tab completions also work in config mode:
ubnt@ubnt# show ?                                                              
interfaces service system

ubnt@ubnt# show ?
Possible completions:
interfaces Network interfaces
service Services
system System parameters

To configure an IP address on eth0:
ubnt@ubnt# set interfaces ethernet eth0 address ?                                
Possible completions:
IP address and prefix length

IPv6 address and prefix length
dhcp Dynamic Host Configuration Protocol
dhcpv6 Dynamic Host Configuration Protocol for IPv6


ubnt@ubnt# set interfaces ethernet eth0 address 10.1.1.80/23

ubnt@ubnt# set interfaces ethernet eth0 description "production LAN"

These changes are only changes to the "working" configuration not the "active". To see what changes have been made in the "working" configuration, use the "compare" command:
ubnt@ubnt# compare                                                              

+address 10.1.1.2/24
+description "production LAN"

Then to make the changes active we use the "commit" command:
ubnt@ubnt# commit                                                               

Assuming the commit didn't fail, then the changes are active. However if we reboot now those changes will be lost until we use the "save" command to store the "active" configuration to the boot configuration.
ubnt@ubnt# save                                                                 
Saving configuration to '/config/config.boot'...
Done

ubnt@ubnt# exit
exit
ubnt@ubnt:~$

ubnt@ubnt:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address S/L Description
--------- ---------- --- -----------
eth0 10.1.1.80/23 u/u production LAN
eth1 - u/D
eth2 - u/D
eth3 - u/D
eth4 - u/D
eth5 - u/D
eth6 - u/D
lo 127.0.0.1/8 u/u
::1/128

ubnt@ubnt:~$ ping 10.1.0.1
PING 10.1.0.1 (10.1.0.1) 56(84) bytes of data.
64 bytes from 10.1.0.1: icmp_req=1 ttl=64 time=0.460 ms
64 bytes from 10.1.0.1: icmp_req=2 ttl=64 time=0.407 ms
^C
--- 10.1.0.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.407/0.433/0.460/0.033 ms
Ubiquiti Employee
UBNT-stig
Posts: 4,054
Registered: ‎06-09-2011
Posts: 4054
Kudos: 1303
Solutions: 357
Contributions: 14
Registered: 06-09-2011

Re: EdgeOS CLI Primer (part 1)

Ok, the forum wouldn't let me post my whole part 1, so here's the rest:
One of the first things you'll want to change is get rid of the default user and default password. To do that we create a new user, logout of the default user account, login with the new. Then delete the default user.
ubnt@ubnt:~$ configure 
ubnt@ubnt# set system login user stig authentication plaintext-password mypass

ubnt@ubnt# commit

ubnt@ubnt# save
Saving configuration to '/config/config.boot'...
Done

ubnt@ubnt# exit
exit
ubnt@ubnt:~$ exit
logout

Welcome to EdgeOS ubnt ttyS0

ubnt login: stig
Password:
Linux ubnt 2.6.32.13-UBNT #1 SMP Fri Jun 8 09:48:31 PDT 2012 mips64
Welcome to EdgeOS
stig@ubnt:~$ configure

stig@ubnt# delete system login user ubnt

stig@ubnt# commit

stig@ubnt# save
Saving configuration to '/config/config.boot'...
Done

stig@ubnt# exit
exit
stig@ubnt:~$

Note that the plaintext-password that you entered, gets converted to an encrypted password:
stig@ubnt:~$ configure                                                          

stig@ubnt# show system login
user stig {
authentication {
encrypted-password $1$mv8ERQ1T$7xq/eUDwy/5And7nV.9r6.
plaintext-password ""
}
}

stig@ubnt# exit
exit
stig@ubnt:~$


EdgeOS CLI Primer (part 2)
Regular Member
boydsoftprez
Posts: 402
Registered: ‎09-28-2009
Posts: 402
Kudos: 52
Registered: 09-28-2009

Re: EdgeOS CLI Primer (part 1)

Since this version of edgeOS seems to be based on Napa and big syntax changes were done in 6.4 it' probably better to look at these docs:

ftp.het.net/iso/vyatta/vc6.3/docs/


This is great. As someone who has never used a vyatta router this will be a great reference.

I noticed a few packages that I do not think I will find info in that documentation. ie. ubnt-pptp & ubnt-pppoe any cli primers for those?
Ubiquiti Employee
UBNT-stig
Posts: 4,054
Registered: ‎06-09-2011
Posts: 4054
Kudos: 1303
Solutions: 357
Contributions: 14
Registered: 06-09-2011

Re: EdgeOS CLI Primer (part 1)

This is great. As someone who has never used a vyatta router this will be a great reference.

I noticed a few packages that I do not think I will find info in that documentation. ie. ubnt-pptp & ubnt-pppoe any cli primers for those?
PPTP client and PPPOE server are packages we added (that's why they have a ubnt prefix instead of vyatta :icon_mrgreen:)
Ubiquiti Employee
UBNT-stig
Posts: 4,054
Registered: ‎06-09-2011
Posts: 4054
Kudos: 1303
Solutions: 357
Contributions: 14
Registered: 06-09-2011

Re: EdgeOS CLI Primer (part 1)

[ Edited ]
PPTP client and PPPOE server are packages we added (that's why they have a ubnt prefix instead of vyatta :icon_mrgreen:)

PPPoE server HOWTO

Member
marnog
Posts: 210
Registered: ‎07-30-2012
Posts: 210
Kudos: 40
Solutions: 6
Registered: 07-30-2012

Re: EdgeOS CLI Primer (part 1)

i try to access to the link  adn get this

 

Ubiquiti Employee
UBNT-stig
Posts: 4,054
Registered: ‎06-09-2011
Posts: 4054
Kudos: 1303
Solutions: 357
Contributions: 14
Registered: 06-09-2011

Re: EdgeOS CLI Primer (part 1)

[ Edited ]

marnog wrote:

i try to access to the link  adn get this


I'm not sure which link you tried to click, but it if was the pppoe server link, that was in the alpha forum and I have moved it to the public forum.  So try it again.

Member
marnog
Posts: 210
Registered: ‎07-30-2012
Posts: 210
Kudos: 40
Solutions: 6
Registered: 07-30-2012

Re: EdgeOS CLI Primer (part 1)

yes that the link of pppoe server link

 

now is ok

 

thank you..

 

have a nice time

Emerging Member
js
Posts: 104
Registered: ‎06-28-2013
Posts: 104
Kudos: 203
Registered: 06-28-2013

Re: EdgeOS CLI Primer (part 1)

Could you have this in PDF ? Would be nice to have a nicely formatted printout.

Regular Visitor
ryanhaver
Posts: 5
Registered: ‎11-02-2013
Posts: 5
Kudos: 10
Registered: 11-02-2013

Re: EdgeOS CLI Primer (part 1)

Is there a reference that is updated to show what functionality has been integrated into the GUI and what still needs to be managed from the CLI?

Thanks.

Ubiquiti Employee
UBNT-ancheng
Posts: 5,359
Registered: ‎06-10-2011
Posts: 5359
Kudos: 1570
Solutions: 641
Contributions: 2
Registered: 06-10-2011

Re: EdgeOS CLI Primer (part 1)

You can check out the User Guide, which can be downloaded from our Web site. It covers all the features in the GUI (currently it covers version 1.2 and is being updated for version 1.3).

Regular Visitor
ryanhaver
Posts: 5
Registered: ‎11-02-2013
Posts: 5
Kudos: 10
Registered: 11-02-2013

Re: EdgeOS CLI Primer (part 1)

Thanks for the quick response, that is a great place for me to start. :smileyvery-happy:

Wihtout some extra legwork I am still stuck not knowing what hasn't been implemented in the GUI yet. It would be fantastic if there was a quick reference that showed what currently hasn't been implemented.

Frequent Visitor
debdrup
Posts: 5
Registered: ‎02-24-2014
Posts: 5
Kudos: 2
Registered: 02-24-2014

Re: EdgeOS CLI Primer (part 1)

[ Edited ]

Quick question: Is there a way to do something similar to "show run | s <section>" which only shows a specific section of the configuration, rather than all of it as is printed by "show configuration" - I'm having pipe it like "show configuration | more" but sometimes it's easier to just grab a tiny section if you want to examine that.

Also, I'm not sure how many are aware of this, but EdgeOS includes "commit-confirm n" which will reboot the router to its previous configuration if you don't confirm a change within n minutes - quite useful when you're messing about with firewall rules and you don't have console access.

SuperUser
eejimm
Posts: 3,141
Registered: ‎12-08-2008
Posts: 3141
Kudos: 1693
Solutions: 70
Registered: 12-08-2008

Re: EdgeOS CLI Primer (part 1)

[ Edited ]

If you're logging in from something with a window manager there's always the scroll bar :biggrin:

Seriously, if you know the line number you can use head and tail, but the best way is to use vi and just edit the config file - /config/config.boot    Just don't save any changes you make unless you really want to...

Jim

 

"Excuse me, but I actually am a Rocket Scientist, and you, sir, are full of sh!t."
Best put-down ever...
Ubiquiti Employee
UBNT-stig
Posts: 4,054
Registered: ‎06-09-2011
Posts: 4054
Kudos: 1303
Solutions: 357
Contributions: 14
Registered: 06-09-2011

Re: EdgeOS CLI Primer (part 1)


debdrup wrote:

Quick question: Is there a way to do something similar to "show run | s <section>" which only shows a specific section of the configuration, rather than all of it as is printed by "show configuration" - I'm having pipe it like "show configuration | more" but sometimes it's easier to just grab a tiny section if you want to examine that.

Also, I'm not sure how many are aware of this, but EdgeOS includes "commit-confirm n" which will reboot the router to its previous configuration if you don't confirm a change within n minutes - quite useful when you're messing about with firewall rules and you don't have console access.


In configuration mode you can see just a section:

ubnt@WLB# show interfaces ethernet eth2
 address dhcp
 description WAN2
 duplex auto
 firewall {
     in {
         modify balance
         name WAN_IN
     }
     local {
         name WAN_LOCAL
     }
 }
 ip {
     source-validation strict
 }
 speed auto
[edit]

 Another this you can do from operational mode is:

ubnt@WLB:~$ show configuration commands | match dhcp-server
set service dhcp-server disabled false
set service dhcp-server hostfile-update disable
set service dhcp-server shared-network-name LAN authoritative enable
set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 default-router 192.168.1.1
set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 dns-server 8.8.8.8
set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 lease 86400
set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 start 192.168.1.10 stop 192.168.1.100
ubnt@WLB:~$ 
Ubiquiti Employee
UBNT-stig
Posts: 4,054
Registered: ‎06-09-2011
Posts: 4054
Kudos: 1303
Solutions: 357
Contributions: 14
Registered: 06-09-2011

Re: EdgeOS CLI Primer (part 1)

As for commit-confirm:

ubnt@WLB:~$ configure 
[edit]
ubnt@WLB# delete interfaces 
[edit]
ubnt@WLB# commit-confirm 3
commit confirm will be automatically reboot in 3 minutes unless confirmed
Proceed? [confirm][y]
[ interfaces ethernet eth0 ]
Can not delete eth0

[ interfaces ethernet eth2 address dhcp ]
Stopping DHCP client on eth2 ...
Stopping PPTP: pptpd.
Starting PPTP Daemon: pptpd.

[ interfaces ethernet eth2 ]
Can not delete eth2

[ interfaces ethernet eth1 ]
Can not delete eth1

[ interfaces loopback lo ]
Can not delete lo

Commit failed
[edit]

 Oh crap, if I was remote I'd be cut off now, but since I wasn't able to "confirm" it, it rebooted with the last config. :-)  Very handy for remote firewall changes.

Part 3 of the CLI Primer covers more config management.

SuperUser
mrjester
Posts: 994
Registered: ‎06-14-2012
Posts: 994
Kudos: 694
Solutions: 70
Contributions: 8
Registered: 06-14-2012

Re: EdgeOS CLI Primer (part 1)


debdrup wrote:

Quick question: Is there a way to do something similar to "show run | s <section>" which only shows a specific section of the configuration, rather than all of it as is printed by "show configuration" - I'm having pipe it like "show configuration | more" but sometimes it's easier to just grab a tiny section if you want to examine that.


From config mode, use the edit command to get to the level you want to show.  For example, if you want to see a firewall ruleset.  

edit firewall name eth0_in
show

 For the set command version

run show configuration commands

 

Ubiquiti Employee
UBNT-ancheng
Posts: 5,359
Registered: ‎06-10-2011
Posts: 5359
Kudos: 1570
Solutions: 641
Contributions: 2
Registered: 06-10-2011

Re: EdgeOS CLI Primer (part 1)


debdrup wrote:

Quick question: Is there a way to do something similar to "show run | s <section>" which only shows a specific section of the configuration, rather than all of it as is printed by "show configuration" - I'm having pipe it like "show configuration | more" but sometimes it's easier to just grab a tiny section if you want to examine that.


Actually the "CLI shell API" does provide such functions but they are not mapped to CLI commands yet. For example,

ubnt@ubnt:~$ cli-shell-api --show-active-only showConfig system syslog
global {
    facility all {
        level notice
    }
    facility protocols {
        level debug
    }
}
ubnt@ubnt:~$
Emerging Member
WhatTheHelll
Posts: 269
Registered: ‎03-19-2014
Posts: 269
Kudos: 22
Solutions: 1
Registered: 03-19-2014

Re: EdgeOS CLI Primer (part 1)

[ Edited ]

is there any chance to see both parts of CLI Primer - assembled together and published within small PDF file, available to download by consumers on relevant products, support pages ?

augmented by most popular examples fom "SOHO Config setup", probably.

also, CLI-part("Appendix A") of EdgeOS user manual - may welcome shortened version of all this above too, probably.

Member
CowboyJed
Posts: 682
Registered: ‎02-17-2014
Posts: 682
Kudos: 245
Solutions: 36
Registered: 02-17-2014

Re: EdgeOS CLI Primer (part 1)

For checking a particular portion of the configuration, I typically do it from configure mode.  IE:

configure

show firewall name LAN-WAN

Reply