diff options
Diffstat (limited to 'src')
| -rwxr-xr-x | src/completion/list_interfaces.py | 1 | ||||
| -rwxr-xr-x | src/conf_mode/https.py | 18 | ||||
| -rwxr-xr-x | src/conf_mode/interfaces-openvpn.py | 9 | ||||
| -rwxr-xr-x | src/conf_mode/interfaces-pppoe.py | 5 | ||||
| -rwxr-xr-x | src/conf_mode/interfaces-wireless.py | 28 | ||||
| -rwxr-xr-x | src/conf_mode/interfaces-wirelessmodem.py | 19 | ||||
| -rwxr-xr-x | src/conf_mode/vpn_sstp.py | 12 | ||||
| -rwxr-xr-x | src/conf_mode/vrf.py | 7 | ||||
| -rwxr-xr-x | src/etc/ppp/ip-down.d/0020-wirelessmodem | 18 | ||||
| -rwxr-xr-x | src/etc/ppp/ip-up.d/0020-wirelessmodem | 18 | ||||
| -rw-r--r-- | src/etc/ppp/peers/chat/att | 6 | ||||
| -rw-r--r-- | src/etc/ppp/peers/chat/sc1 | 13 | ||||
| -rw-r--r-- | src/etc/ppp/peers/chat/verizon | 5 | ||||
| -rwxr-xr-x | src/helpers/run-config-migration.py | 19 | ||||
| -rwxr-xr-x | src/helpers/vyos-load-config.py | 8 | ||||
| -rwxr-xr-x | src/helpers/vyos-merge-config.py | 10 | ||||
| -rwxr-xr-x | src/op_mode/reset_openvpn.py | 21 | ||||
| -rwxr-xr-x | src/op_mode/wireguard.py | 2 |
18 files changed, 123 insertions, 96 deletions
diff --git a/src/completion/list_interfaces.py b/src/completion/list_interfaces.py index 77de4e327..98b32797a 100755 --- a/src/completion/list_interfaces.py +++ b/src/completion/list_interfaces.py @@ -2,7 +2,6 @@ import sys import argparse -import vyos.interfaces from vyos.ifconfig import Interface parser = argparse.ArgumentParser() diff --git a/src/conf_mode/https.py b/src/conf_mode/https.py index a0fe9cf2f..889b62cf4 100755 --- a/src/conf_mode/https.py +++ b/src/conf_mode/https.py @@ -96,6 +96,7 @@ server { """ default_server_block = { + 'id' : '', 'address' : '*', 'port' : '443', 'name' : ['_'], @@ -117,6 +118,7 @@ def get_config(): else: for vhost in conf.list_nodes('virtual-host'): server_block = deepcopy(default_server_block) + server_block['id'] = vhost if conf.exists(f'virtual-host {vhost} listen-address'): addr = conf.return_value(f'virtual-host {vhost} listen-address') server_block['address'] = addr @@ -156,9 +158,21 @@ def get_config(): if conf.exists('api port'): port = conf.return_value('api port') api_data['port'] = port + if conf.exists('api virtual-host'): + vhosts = conf.return_values('api virtual-host') + api_data['vhost'] = vhosts[:] + if api_data: - for block in server_block_list: - block['api'] = api_data + # we do not want to include 'vhost' key as part of + # vyos.defaults.api_data, so check for key existence + vhost_list = api_data.get('vhost') + if vhost_list is None: + for block in server_block_list: + block['api'] = api_data + else: + for block in server_block_list: + if block['id'] in vhost_list: + block['api'] = api_data https = {'server_block_list' : server_block_list, 'certbot': certbot} return https diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py index 17aa4697f..fb2d6e6d9 100755 --- a/src/conf_mode/interfaces-openvpn.py +++ b/src/conf_mode/interfaces-openvpn.py @@ -24,7 +24,6 @@ from stat import S_IRUSR,S_IRWXU,S_IRGRP,S_IXGRP,S_IROTH,S_IXOTH from grp import getgrnam from ipaddress import ip_address,ip_network,IPv4Interface from netifaces import interfaces -from psutil import pid_exists from pwd import getpwnam from subprocess import Popen, PIPE from time import sleep @@ -33,6 +32,7 @@ from shutil import rmtree from vyos import ConfigError from vyos.config import Config from vyos.ifconfig import VTunIf +from vyos.util import process_running from vyos.validate import is_addr_assigned user = 'openvpn' @@ -977,17 +977,12 @@ def generate(openvpn): return None def apply(openvpn): - pid = 0 pidfile = '/var/run/openvpn/{}.pid'.format(openvpn['intf']) - if os.path.isfile(pidfile): - pid = 0 - with open(pidfile, 'r') as f: - pid = int(f.read()) # Always stop OpenVPN service. We can not send a SIGUSR1 for restart of the # service as the configuration is not re-read. Stop daemon only if it's # running - it could have died or killed by someone evil - if pid_exists(pid): + if process_running(pidfile): cmd = 'start-stop-daemon' cmd += ' --stop ' cmd += ' --quiet' diff --git a/src/conf_mode/interfaces-pppoe.py b/src/conf_mode/interfaces-pppoe.py index 0c46dbecd..f318614db 100755 --- a/src/conf_mode/interfaces-pppoe.py +++ b/src/conf_mode/interfaces-pppoe.py @@ -325,6 +325,11 @@ def generate(pppoe): os.unlink(ip_pre_up_script_file) else: + # PPP peers directory + dirname = os.path.dirname(config_file_pppoe) + if not os.path.isdir(dirname): + os.mkdir(dirname) + # Create PPP configuration files tmpl = Template(config_pppoe_tmpl) config_text = tmpl.render(pppoe) diff --git a/src/conf_mode/interfaces-wireless.py b/src/conf_mode/interfaces-wireless.py index 454ad96dc..b6e62b0aa 100755 --- a/src/conf_mode/interfaces-wireless.py +++ b/src/conf_mode/interfaces-wireless.py @@ -25,15 +25,15 @@ from grp import getgrnam from re import findall from subprocess import Popen, PIPE -from psutil import pid_exists from netifaces import interfaces from netaddr import * -from vyos.ifconfig import WiFiIf -from vyos.ifconfig_vlan import apply_vlan_config, verify_vlan_config +from vyos import ConfigError from vyos.configdict import list_diff, vlan_to_dict from vyos.config import Config -from vyos import ConfigError +from vyos.ifconfig import WiFiIf +from vyos.ifconfig_vlan import apply_vlan_config, verify_vlan_config +from vyos.util import process_running user = 'root' group = 'vyattacfg' @@ -1364,15 +1364,9 @@ def verify(wifi): return None def generate(wifi): - pid = 0 # always stop hostapd service first before reconfiguring it pidfile = get_pid('hostapd', wifi['intf']) - if os.path.isfile(pidfile): - pid = 0 - with open(pidfile, 'r') as f: - pid = int(f.read()) - - if pid_exists(pid): + if process_running(pidfile): cmd = 'start-stop-daemon' cmd += ' --stop ' cmd += ' --quiet' @@ -1382,12 +1376,7 @@ def generate(wifi): # always stop wpa_supplicant service first before reconfiguring it pidfile = get_pid('wpa_supplicant', wifi['intf']) - if os.path.isfile(pidfile): - pid = 0 - with open(pidfile, 'r') as f: - pid = int(f.read()) - - if pid_exists(pid): + if process_running(pidfile): cmd = 'start-stop-daemon' cmd += ' --stop ' cmd += ' --quiet' @@ -1409,7 +1398,10 @@ def generate(wifi): # http://wiki.stocksy.co.uk/wiki/Multiple_SSIDs_with_hostapd # generate locally administered MAC address from used phy interface with open('/sys/class/ieee80211/{}/addresses'.format(wifi['phy']), 'r') as f: - tmp = EUI(f.read().rstrip()).value + # some PHYs tend to have multiple interfaces and thus supply multiple MAC + # addresses - we only need the first one for our calculation + tmp = f.readline().rstrip() + tmp = EUI(tmp).value # mask last nibble from the MAC address tmp &= 0xfffffffffff0 # set locally administered bit in MAC address diff --git a/src/conf_mode/interfaces-wirelessmodem.py b/src/conf_mode/interfaces-wirelessmodem.py index 14178d74c..9efad3b8d 100755 --- a/src/conf_mode/interfaces-wirelessmodem.py +++ b/src/conf_mode/interfaces-wirelessmodem.py @@ -31,19 +31,14 @@ config_wwan_tmpl = """### Autogenerated by interfaces-wirelessmodem.py ### {% if description %} # {{ description }} {% endif %} - -# physical device -/dev/{{ device }} - -ipparam {{ intf }} {{ metric }} ifname {{ intf }} +ipparam "{{ intf }} {{ metric }}" linkname {{ intf }} -{% if on_demand -%} -demand -{%- endif %} {% if name_server -%} usepeerdns {%- endif %} +# physical device +/dev/{{ device }} lcp-echo-failure 0 115200 debug @@ -56,6 +51,9 @@ noauth crtscts lock persist +{% if on_demand -%} +demand +{%- endif %} connect '/usr/sbin/chat -v -t6 -f {{ chat_script }}' @@ -187,6 +185,11 @@ def generate(wwan): os.unlink(wwan['chat_script']) else: + # PPP peers directory + dirname = os.path.dirname(config_file_wwan) + if not os.path.isdir(dirname): + os.mkdir(dirname) + # Create PPP configuration files tmpl = Template(config_wwan_tmpl) config_text = tmpl.render(wwan) diff --git a/src/conf_mode/vpn_sstp.py b/src/conf_mode/vpn_sstp.py index 8e5c7587c..070437443 100755 --- a/src/conf_mode/vpn_sstp.py +++ b/src/conf_mode/vpn_sstp.py @@ -23,9 +23,9 @@ from subprocess import Popen, PIPE, check_output from socket import socket, AF_INET, SOCK_STREAM from copy import deepcopy from stat import S_IRUSR, S_IWUSR, S_IRGRP -from psutil import pid_exists from vyos.config import Config +from vyos.util import process_running from vyos import ConfigError pidfile = r'/var/run/accel_sstp.pid' @@ -489,14 +489,8 @@ def generate(sstp): return sstp def apply(sstp): - pid = 0 - if os.path.isfile(pidfile): - pid = 0 - with open(pidfile, 'r') as f: - pid = int(f.read()) - if sstp is None: - if pid_exists(pid): + if process_running(pidfile): cmd = 'start-stop-daemon' cmd += ' --stop ' cmd += ' --quiet' @@ -509,7 +503,7 @@ def apply(sstp): return None - if not pid_exists(pid): + if not process_running(pidfile): if os.path.exists(pidfile): os.remove(pidfile) diff --git a/src/conf_mode/vrf.py b/src/conf_mode/vrf.py index 991c5cb2c..a74b79317 100755 --- a/src/conf_mode/vrf.py +++ b/src/conf_mode/vrf.py @@ -213,9 +213,10 @@ def apply(vrf_config): _cmd(f'sysctl -wq net.ipv4.tcp_l3mdev_accept={bind_all}') _cmd(f'sysctl -wq net.ipv4.udp_l3mdev_accept={bind_all}') - for vrf_name in vrf_config['vrf_remove']: - if os.path.isdir(f'/sys/class/net/{vrf_name}'): - _cmd(f'ip link delete dev {vrf_name}') + for vrf in vrf_config['vrf_remove']: + name = vrf['name'] + if os.path.isdir(f'/sys/class/net/{name}'): + _cmd(f'ip link delete dev {name}') for vrf in vrf_config['vrf_add']: name = vrf['name'] diff --git a/src/etc/ppp/ip-down.d/0020-wirelessmodem b/src/etc/ppp/ip-down.d/0020-wirelessmodem new file mode 100755 index 000000000..c93c7cabe --- /dev/null +++ b/src/etc/ppp/ip-down.d/0020-wirelessmodem @@ -0,0 +1,18 @@ +#!/bin/sh + +tty=$2 +ipparam=$6 + +# Only applicable for Wireless Modems (WWAN) +if [ -z "$(echo $tty | egrep "tty(USB|ACM)")" ]; then + exit 0 +fi + +# device name and metric are received using ipparam +device=`echo "$ipparam"|awk '{ print $1 }'` +metric=`echo "$ipparam"|awk '{ print $2 }'` + +vtysh -c "conf t" -c "no ip route 0.0.0.0/0 ${device} ${metric}" + +DIALER_PID=$(cat /var/run/${device}.pid) +logger -t pppd[$DIALER_PID] "removed default route via $device metric $metric" diff --git a/src/etc/ppp/ip-up.d/0020-wirelessmodem b/src/etc/ppp/ip-up.d/0020-wirelessmodem new file mode 100755 index 000000000..95549387b --- /dev/null +++ b/src/etc/ppp/ip-up.d/0020-wirelessmodem @@ -0,0 +1,18 @@ +#!/bin/sh + +tty=$2 +ipparam=$6 + +# Only applicable for Wireless Modems (WWAN) +if [ -z "$(echo $tty | egrep "tty(USB|ACM)")" ]; then + exit 0 +fi + +# device name and metric are received using ipparam +device=`echo "$ipparam"|awk '{ print $1 }'` +metric=`echo "$ipparam"|awk '{ print $2 }'` + +vtysh -c "conf t" -c "ip route 0.0.0.0/0 ${device} ${metric}" + +DIALER_PID=$(cat /var/run/${device}.pid) +logger -t pppd[$DIALER_PID] "added default route via $device metric $metric" diff --git a/src/etc/ppp/peers/chat/att b/src/etc/ppp/peers/chat/att deleted file mode 100644 index 7a02682f5..000000000 --- a/src/etc/ppp/peers/chat/att +++ /dev/null @@ -1,6 +0,0 @@ -ABORT 'NO DIAL TONE' ABORT 'NO ANSWER' ABORT 'NO CARRIER' ABORT DELAYED -'' AT -OK ATZ -OK 'AT+CGDCONT=1,"IP","ISP.CINGULAR"' -OK ATD*99# -CONNECT '' diff --git a/src/etc/ppp/peers/chat/sc1 b/src/etc/ppp/peers/chat/sc1 deleted file mode 100644 index fbfabd8c2..000000000 --- a/src/etc/ppp/peers/chat/sc1 +++ /dev/null @@ -1,13 +0,0 @@ -TIMEOUT 60 -ABORT ERROR -ABORT BUSY -ABORT VOICE -ABORT "NO CARRIER" -ABORT "NO DIALTONE" -ABORT "NO DIAL TONE" -ABORT "NO ANSWER" -"" "ATZ" -"" "AT&FH0M0" -OK-AT-OK "ATDT*99#" -TIMEOUT 75 -CONNECT diff --git a/src/etc/ppp/peers/chat/verizon b/src/etc/ppp/peers/chat/verizon deleted file mode 100644 index a36a3e915..000000000 --- a/src/etc/ppp/peers/chat/verizon +++ /dev/null @@ -1,5 +0,0 @@ -ABORT 'NO CARRIER' ABORT 'ERROR' ABORT 'NO DIALTONE' ABORT -'BUSY' ABORT 'NO ANSWER' -'' ATZ -OK-AT-OK ATDT#777 -CONNECT \d\c diff --git a/src/helpers/run-config-migration.py b/src/helpers/run-config-migration.py index a57a19cdf..3c06e38f8 100755 --- a/src/helpers/run-config-migration.py +++ b/src/helpers/run-config-migration.py @@ -69,15 +69,22 @@ def main(): sys.exit(1) if not virtual: - migration = Migrator(config_file_name, force=force_on, - set_vintage=vintage) + virtual_migration = VirtualMigrator(config_file_name) + virtual_migration.run() + + migration = Migrator(config_file_name, force=force_on) + migration.run() + + if not migration.config_changed(): + os.remove(backup_file_name) else: - migration = VirtualMigrator(config_file_name) + virtual_migration = VirtualMigrator(config_file_name, + set_vintage=vintage) - migration.run() + virtual_migration.run() - if not migration._changed: - os.remove(backup_file_name) + if not virtual_migration.config_changed(): + os.remove(backup_file_name) if __name__ == '__main__': main() diff --git a/src/helpers/vyos-load-config.py b/src/helpers/vyos-load-config.py index 4e6d67efa..693529c23 100755 --- a/src/helpers/vyos-load-config.py +++ b/src/helpers/vyos-load-config.py @@ -28,7 +28,7 @@ import tempfile import vyos.defaults import vyos.remote from vyos.config import Config, VyOSError -from vyos.migrator import Migrator, MigratorError +from vyos.migrator import Migrator, VirtualMigrator, MigratorError system_config_file = 'config.boot' @@ -73,6 +73,12 @@ with tempfile.NamedTemporaryFile() as fp: with open(fp.name, 'w') as fd: fd.write(config_file) + virtual_migration = VirtualMigrator(fp.name) + try: + virtual_migration.run() + except MigratorError as err: + sys.exit('{}'.format(err)) + migration = Migrator(fp.name) try: migration.run() diff --git a/src/helpers/vyos-merge-config.py b/src/helpers/vyos-merge-config.py index c5216daa6..10a5ea4bc 100755 --- a/src/helpers/vyos-merge-config.py +++ b/src/helpers/vyos-merge-config.py @@ -21,9 +21,9 @@ import subprocess import tempfile import vyos.defaults import vyos.remote -import vyos.migrator from vyos.config import Config from vyos.configtree import ConfigTree +from vyos.migrator import Migrator, VirtualMigrator if (len(sys.argv) < 2): @@ -61,9 +61,13 @@ with tempfile.NamedTemporaryFile() as file_to_migrate: with open(file_to_migrate.name, 'w') as fd: fd.write(config_file) - migration = vyos.migrator.Migrator(file_to_migrate.name) + virtual_migration = VirtualMigrator(file_to_migrate.name) + virtual_migration.run() + + migration = Migrator(file_to_migrate.name) migration.run() - if migration.config_changed(): + + if virtual_migration.config_changed() or migration.config_changed(): with open(file_to_migrate.name, 'r') as fd: config_file = fd.read() diff --git a/src/op_mode/reset_openvpn.py b/src/op_mode/reset_openvpn.py index 176cd51cf..4c29fbbba 100755 --- a/src/op_mode/reset_openvpn.py +++ b/src/op_mode/reset_openvpn.py @@ -17,10 +17,10 @@ import sys import os -from psutil import pid_exists from subprocess import Popen, PIPE from time import sleep from netifaces import interfaces +from vyos.util import process_running def get_config_name(intf): cfg_file = r'/opt/vyatta/etc/openvpn/openvpn-{}.conf'.format(intf) @@ -42,18 +42,13 @@ if __name__ == '__main__': interface = sys.argv[1] if os.path.isfile(get_config_name(interface)): pidfile = '/var/run/openvpn/{}.pid'.format(interface) - if os.path.isfile(pidfile): - pid = 0 - with open(pidfile, 'r') as f: - pid = int(f.read()) - - if pid_exists(pid): - cmd = 'start-stop-daemon' - cmd += ' --stop' - cmd += ' --oknodo' - cmd += ' --quiet' - cmd += ' --pidfile ' + pidfile - subprocess_cmd(cmd) + if process_running(pidfile): + cmd = 'start-stop-daemon' + cmd += ' --stop' + cmd += ' --oknodo' + cmd += ' --quiet' + cmd += ' --pidfile ' + pidfile + subprocess_cmd(cmd) # When stopping OpenVPN we need to wait for the 'old' interface to # vanish from the Kernel, if it is not gone, OpenVPN will report: diff --git a/src/op_mode/wireguard.py b/src/op_mode/wireguard.py index 38c061cf4..512c80dda 100755 --- a/src/op_mode/wireguard.py +++ b/src/op_mode/wireguard.py @@ -150,7 +150,7 @@ if __name__ == '__main__': if args.listkdir: list_key_dirs() if args.showinterface: - intf = WireGuardIf(args.showinterface) + intf = WireGuardIf(args.showinterface, debug=False) intf.op_show_interface() if args.delkdir: if args.location: |