diff options
author | James Davidson <james.davidson@vyatta.com> | 2013-05-21 17:57:25 -0700 |
---|---|---|
committer | James Davidson <james.davidson@vyatta.com> | 2013-05-22 16:47:05 -0700 |
commit | 9339770e2f8a874c4f9befa05613c842f2b9b3a9 (patch) | |
tree | d9680ebc8316ed6e714b3997a83a8d0364739105 /gen-interface-templates.pl | |
parent | ebd75fd25ddede4a6797ebe5a9f4c0195d1dce17 (diff) | |
download | vyatta-cfg-firewall-9339770e2f8a874c4f9befa05613c842f2b9b3a9.tar.gz vyatta-cfg-firewall-9339770e2f8a874c4f9befa05613c842f2b9b3a9.zip |
Enable generation of SNMP traps on firewall config changes
Adds call to vyatta-firewall-trap.pl to end action of firewall
nodes.
Diffstat (limited to 'gen-interface-templates.pl')
-rwxr-xr-x | gen-interface-templates.pl | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/gen-interface-templates.pl b/gen-interface-templates.pl index 817aa4d..d22ab8a 100755 --- a/gen-interface-templates.pl +++ b/gen-interface-templates.pl @@ -71,6 +71,35 @@ my %interface_hash = ( 'wirelessmodem/node.tag' => '$VAR(../../../@)', ); +# Firewall node hashes +my %firewall_hash = ( + 'adsl/node.tag/pvc/node.tag/bridged-ethernet' => 'adsl $VAR(../../../@) pvc $VAR(../../@) bridged-ethernet', + 'adsl/node.tag/pvc/node.tag/classical-ipoa' => 'adsl $VAR(../../../@) pvc $VAR(../../@) classical-ipoa', + 'adsl/node.tag/pvc/node.tag/pppoa/node.tag' => 'adsl $VAR(../../../@) pvc $VAR(../../@) pppoa $VAR(../@)', + 'adsl/node.tag/pvc/node.tag/pppoe/node.tag' => 'adsl $VAR(../../../@) pvc $VAR(../../@) pppoe $VAR(../@)', + 'bonding/node.tag' => 'bonding $VAR(../@)', + 'bonding/node.tag/vif/node.tag' => 'bonding $VAR(../../../@) vif $VAR(../@)', + 'bridge/node.tag' => 'bridge $VAR(../@)', + 'ethernet/node.tag' => 'ethernet $VAR(../@)', + 'ethernet/node.tag/pppoa/node.tag' => 'ethernet $VAR(../../@) pppoa $VAR(../@)', + 'ethernet/node.tag/pppoe/node.tag' => 'ethernet $VAR(../../@) pppoe $VAR(../@)', + 'ethernet/node.tag/vif/node.tag' => 'ethernet $VAR(../../../@) vif $VAR(../@)', + 'ethernet/node.tag/vif/node.tag/pppoe/node.tag' => 'ethernet $VAR(../../../../@) vif $VAR(../../@) pppoe $VAR(../@)', + 'input/node.tag' => 'input $VAR(../@)', + 'multilink/node.tag/vif/node.tag' => 'multilink $VAR(../../../@) vif $VAR(../@)', + 'openvpn/node.tag' => 'openvpn $VAR(../@)', + 'pseudo-ethernet/node.tag' => 'pseudo-ethernet $VAR(../@)', + 'pseudo-ethernet/node.tag/vif/node.tag' => 'pseudo-ethernet $VAR(../../../@) vif $VAR(../@)', + 'serial/node.tag/cisco-hdlc/vif/node.tag' => 'serial $VAR(../../../@) cisco-hdlc vif $VAR(../@)', + 'serial/node.tag/frame-relay/vif/node.tag' => 'serial $VAR(../../../@) frame-relay vif $VAR(../@)', + 'serial/node.tag/ppp/vif/node.tag' => 'serial $VAR(../../../@) ppp vif $VAR(../@)', + 'tunnel/node.tag' => 'tunnel $VAR(../@)', + 'vti/node.tag' => 'vti $VAR(../@)', + 'wireless/node.tag' => 'wireless $VAR(../@)', + 'wireless/node.tag/vif/node.tag' => 'wireless $VAR(../../../@) vif $VAR(../@)', + 'wirelessmodem/node.tag' => 'wirelessmodem $VAR(../@)', +); + # Hash table to check if the priority needs to set @ root # of the node.def which is generated. my %interface_prio = ( @@ -113,6 +142,9 @@ sub gen_firewall_template { print $tp "priority: $interface_prio{ $if_tree }\n"; } print $tp "help: Firewall options\n"; + die "ERROR: No firewall hash for ${if_tree}" unless $firewall_hash{"${if_tree}"}; + print $tp 'end: ${vyatta_sbindir}/vyatta-firewall-trap.pl --level="interfaces '; + print $tp $firewall_hash{"${if_tree}"} . ' firewall"' . "\n"; close $tp or die "Can't write $path/$node_file: $!"; } |