Commit Briefs

321e4e2c02 Stefan Sperling

safely install configs by using rename(2) (install-conf)

Instead of opening config files in append mode, writing a single line and closing them again, over and over, use a temporary file which collects file contents and then rename this file on top of the actual config file stored in /var/run. This prevents a bug where config content was repeatedly appended to files in /var/run. Renaming files on top is also safer and more transactional because other programs reading these files won't see half-way written content.


1d023088c2 Stefan Sperling

don't skip empty lines in rules which store file contents


9bdde78d5a Stefan Sperling

make the rtable command actually update the rtable of the nsh process

The assumption that nsh always runs in rdomain 0 is invalid. Stop assuming that cli_rtable is set to zero by default, and switch the nsh process rdomain accordingly as needed. Tests + ok Tom


2fae624233 Stefan Sperling

on startup, initialize cli_rtable to the current rdomain

Fixes behaviour when nsh starts in a non-default rdomain. We used to assume to start out in rdomain 0, which is not necessarily the case. ok Tom


2a0ad55e61 Stefan Sperling

use cli_rtable to construct the bgp socket path, not getrtable(2)

ok Tom


b3ef1874c3 Stefan Sperling

remove fallback code for OpenBSD 6.8 and earlier


8b2d313fcf Stefan Sperling

remove references to dhclient(8); obsolete since OpenBSD 7.2

Should fix github issue #163 as a side effect


ce8077eccc GitHub

Merge pull request #161 from smytht/logger

add logger command for entering messages into the ..


309124c7f0 GitHub

Update extensive-nsh-openbsd-integrate.sh move motd on import

move /etc/motd on import so the sym link works then


4282096ce0 GitHub

add logger command for entering messages into the ..

system log or /var/log/messages


Branches
































Tags

Tree

.gitignorecommits | blame
COPYRIGHTcommits | blame
Makefilecommits | blame
README.mdcommits | blame
arp.ccommits | blame
bgpcommands.ccommits | blame
bgpnsh/
bridge.ccommits | blame
bridge.hcommits | blame
carp.ccommits | blame
cmdargs.ccommits | blame
commands.ccommits | blame
commands.hcommits | blame
compile.shcommits | blame
complete.ccommits | blame
conf.ccommits | blame
ctl.ccommits | blame
ctl.hcommits | blame
ctlargs.ccommits | blame
editing.hcommits | blame
externs.hcommits | blame
genget.ccommits | blame
hashtable.ccommits | blame
helpcommands.ccommits | blame
ieee80211.ccommits | blame
if.ccommits | blame
ip.hcommits | blame
kroute.ccommits | blame
main.ccommits | blame
makeargv.ccommits | blame
mantab.sh*commits | blame
media.ccommits | blame
more.ccommits | blame
nameserver.ccommits | blame
ndp.ccommits | blame
nopt.ccommits | blame
nsh-dist.txtcommits | blame
nsh-version.mkcommits | blame
nsh.8commits | blame
nsh.rccommits | blame
nshdoas/
passwd.ccommits | blame
pflow.ccommits | blame
pfsync.ccommits | blame
ppp.ccommits | blame
prompt.ccommits | blame
route.ccommits | blame
save-ro.sh*commits | blame
save-rw.sh*commits | blame
scripts/
show.ccommits | blame
sqlite3.ccommits | blame
stats.ccommits | blame
stringlist.ccommits | blame
stringlist.hcommits | blame
sysctl.ccommits | blame
sysctl.hcommits | blame
trunk.ccommits | blame
tunnel.ccommits | blame
umb.ccommits | blame
utf8.ccommits | blame
utils.ccommits | blame
version.ccommits | blame
wg.ccommits | blame
who.ccommits | blame

README.md

# nsh 

## network shell

---
Author and Founder of the project: Chris Cappuccio <chris@nmedia.net>

NSH is a CLI intended for OpenBSD-based network appliances. It replaces
ifconfig, sysctl and route with its own simple command language, and
encapsulates configuration for other daemons into one place, effectively
replacing /etc/netstart and parts of /etc/rc for appliance-style usage.

## Daemons and services encapsulated by nsh:

bgpd, dhcpd, dhcpleased, dhcrelay, dvmrpd, eigrpd, ftp-proxy, ifstated, inetd, 
iked, ipsecctl, ldapd, ldpd, npppd, ntpd, ospfd, ospf6d, pf, rad, relayd, 
resolvd, ripd, sasyncd, slaacd, smtpd, snmpd, sshd, tftpd, tftp-proxy.

---

## License 

NSH is freely licensed, in the BSD style.

In conjunction with the OpenBSD kernel and the daemons you wish to control,
you have a fully functioning network appliance type of system.

---

## NSH Manual

See [https://github.com/yellowman/nsh/wiki/NSH-Manual-page](https://github.com/yellowman/nsh/wiki/NSH-1.2.x-Manual-Page) 
or nsh.8 manual for detailed installation instructions and command set.

nsh manual is available on your system shell by simply typing the command:

```shell
 man nsh
```

---

## Manual pages from within NSH

For your convenience we have included handy manual page search  for commonly 
used network functionality. 

this feature is available in nsh by simply typing the command:

```shell
manual [searchterm]
```
E.g. searching vlan functionality 

```shell
manual vlan
```

The system also gives a list of searchable terms through double tab completion.

---

## Other Relevant NSH Documentation
See the to-do list on https://github.com/users/yellowman/projects/1 for 
details on implementation status and future ideas.

See http://github.com/yellowman/nsh/ for current source code repository.
See http://www.nmedia.net/nsh/ for example configurations and mailing
list.

See https://www.youtube.com/watch?v=9T9-v5NLjXk for a BSDCAN 2024 
Presentation on Supporting Business IT and network needs with OpenBSD and NSH By: Tom Smyth

See https://www.youtube.com/watch?v=WMKxIHaWaG0 for an EurobsdCon 2022 
Presentation on NSH for network administrators By: Tom Smyth 

---

## Quickstart Guide for installing and building **nsh** on an OpenBSD system

1. Install OpenBSD on your system  by running the following commands in your system shell

2. Install the OpenBSD port of nsh on your system (this will install the latest nsh release version)
```shell
pkg_add nsh  
```

3. Install git on your system to allow fetching more recent versions of nsh from github
```shell
pkg_add git
```

4. To download the latest development of nsh use git to download the latest nsh repository
```shell
git clone https://github.com/yellowman/nsh
```

5. Change directory to the downloaded nsh directory
```shell
cd nsh
```

6. Run make to build / compile the sources
```shell
make
```

7. Install the compiled nsh binaries and supporting files (you will need root privileges to do this).
```shell
make install
```

8. To have nsh take over the configuration of a system a number of steps that need to be carried out such as

9. Backup configuration of system, daemons and network in /etc 

10. Copy the configuration files to /var/run/example-configfilename.0  (the .0 file extension) implies running in the default rdomain / rtable (rdomain 0)

11. save the running config to /etc/nshrc

12. secure the /etc/nshrc file so that world cannot read, write or execute it . 

13. configure the system to run nsh -i /etc/nshrc  either adding a line to /etc/rc.local or using an rccctl script for nsh.

  For the users convenience, the above steps (9-13) can be largely automated by running  the **rc.local-nsh-openbsd-integrate.sh** script  in your system shell
  and following on screen instructions.

- If you have downloaded nsh via git you can run the integration script as follows 
```shell
cd nsh
cd scripts/shell
sh ./rc.local-nsh-openbsd-integrate.sh
```

- If you have installed nsh via the OpenBSD ports package you can run the integration script as follows
```shell
cd /usr/local/share/exampes/nsh
cd scripts/shell
sh ./rc.local-nsh-openbsd-integrate.sh
```

14. once configuration has been imported, restart the system and verify nsh config is running as expected.

15. Setting NSH as the default shell for a user

- Login as the user
- locate nsh binary, it is usually in /usr/local/bin/nsh
- at the command prompt run chsh -s command to set the shell to path to the nsh binary
by running the following command in your system shell
```shell
chsh -s /usr/local/bin/nsh
```

16. please provide feedback , bug repots and suggestions to the developers on	our mailing list  <nsh@lists.deschutesdigital.com> .