nsh 
description
NSH is a CLI intended for OpenBSD-based network appliances. It replaces
ifconfig, sysctl and route with its own simple command language, and
consolidates configuration for other daemons into one place, effectively
replacing /etc/netstart and parts of /etc/rc for appliance-style usage.
NSH presents the user with a vaguely cisco-like
interface with all configuration in one easy to read text list.
It also gives the user access to system information and
diagnostics. NSH replaces the userland commands which handle these functions,
and talks directly to the OpenBSD kernel or control utility for daemon functionality.
Supported external utilities:
tftpd, npppd, inetd, smtpd, ldapd, ifstated
bgpd, dhcpd, dhcpleased, dhcrelay, dvmrpd, eigrpd, ftp-proxy, ifstated, inetd,
iked, ipsecctl, ldapd, ldpd, npppd, ntpd, ospfd, ospf6d, pf, rad, relayd,
resolvd, ripd, sasyncd, slaacd, smtpd, snmpd, sshd, tftpd, tftp-proxy.
license
NSH is completely free, it only incorporates code with BSD-style licenses.
status
Follow OpenBSD ports (shells/nsh) or the github repository for updates. NSH 1.1 is the latest release.
New in 1.1:
- mandoc format manual page
- configure is now part of the typical usage pattern
- show vlan command for a quick view of vlans
- show bridge command for a quick view of bridges
- show interface status command for a quick view of interfaces
- Wireguard support
- ndp support
- static arp interface support
- nameserver support through resolvd (replaces dns local-control)
- interface command mode now requires 'exit' or '..' or ^X to leave
- add several networking related sysctls
- slaacd support, including show autoconf
- dhcpleased support, replacing dhclient
- rc.d scripts
- rad replaces rtadvd
- rxprio/txprio for interfaces (incl. bridges)
- llpriority for interfaces
- eigrpd support
- pair/patch support
- more sensible isakmpd default flags
- show ipsec sadb and show ipsec flows for IPsec users
- pflow support
- Numerous bug fixes
New in 1.0:
- Full routing table support across all supported commands, daemons and routing configuration
- All daemons and commands can now be used in any routing table and will be saved as such in nshrc
- Multiple daemons can be configured to run each within their own routing table with non-overlapping configuration
- Full IPv6 support in interface and routing configuration
- Use of SQLite as back-end for temporal data
- Slightly improved documentation
- Code is somewhat easier to read if you want to expand features (see TODO)
- tftpd, tftp-proxy, ospf6d, npppd support in ctl handler
- CARP and pfsync work properly now
- Lots of bug fixes
New in 20120523:
- Add ifstated handler
- Fix interface start order (Configs will now be organized to start interfaces in the same order as /etc/netstart. This will fix problems for some trunk and carp users.)
New in 20120521:
- Various updates to support newer versions of OpenBSD
- Pflow sender/receiver/version support
- Fix ftp-proxy handler to not use match rules in anchor
- Support interface MPLS and MPLS label configuration
- rdomain/rtable controls (per-route rtable, per-tunnel destination rdomain, per-interface rdomain)
- Random lladdr option adopted from ifconfig
- ldpd, iked, smtpd, ldapd daemon control integration
- Add pfsync defer option
- Add CARP balancing and carppeer options
- Add GRE keepalive option
- Fix trunkproto, trunk config actually works now
- Rename reload to reboot since so many utilities have their own 'reload' function that doesn't also reboot the machine
details
Check out examples for example NSH configurations.
development
download