diff options
| -rw-r--r-- | debian/control | 20 | ||||
| -rwxr-xr-x | gen-interface-policy-templates.pl | 18 | ||||
| -rwxr-xr-x | gen-interface-templates.pl | 30 |
3 files changed, 16 insertions, 52 deletions
diff --git a/debian/control b/debian/control index 2b31a4c..335bd13 100644 --- a/debian/control +++ b/debian/control @@ -3,7 +3,7 @@ Section: contrib/net Priority: extra Maintainer: VyOS Package Maintainers <maintainers@vyos.net> Build-Depends: debhelper (>= 5), autotools-dev -Standards-Version: 3.7.2 +Standards-Version: 3.9.1 Package: vyatta-cfg-firewall Architecture: all @@ -22,9 +22,9 @@ Depends: sed (>= 4.1.5), whois, sudo, snmpd, - ipset -Replaces: vyatta-serial, - vyatta-cfg-system, + ipset, + iptables +Replaces: vyatta-cfg-system, vyatta-openvpn, vyatta-wirelessmodem Suggests: util-linux (>= 2.13-5), @@ -32,13 +32,5 @@ Suggests: util-linux (>= 2.13-5), ethtool, ncurses-bin (>= 5.5-5), ntpdate -Description: Vyatta firewall configuration templates/scripts - Vyatta firewall configuration templates and scripts. - -Package: vyatta-cfg-firewall-serial -Architecture: all -Depends: vyatta-cfg-firewall, - vyatta-serial -Replaces: vyatta-cfg-firewall -Description: vyatta-cfg-firewall serial templates - Vyatta firewall configuration templates for serial devices +Description: VyOS firewall configuration templates/scripts + VyOS firewall configuration templates and scripts. diff --git a/gen-interface-policy-templates.pl b/gen-interface-policy-templates.pl index 884dc67..ae77a7f 100755 --- a/gen-interface-policy-templates.pl +++ b/gen-interface-policy-templates.pl @@ -19,6 +19,8 @@ # Description: Script to automatically generate per-interface firewall # templates. # +# Portions copyright by VyOS maintainers and contributors, 2015. +# # **** End License **** # use strict; @@ -34,11 +36,6 @@ my $debug = 0; # the partial pathname under the config template tree "interfaces/". # my %interface_hash = ( - 'adsl/node.tag/pvc/node.tag/bridged-ethernet' => '$VAR(../../../../@)', - 'adsl/node.tag/pvc/node.tag/classical-ipoa' => '$VAR(../../../../@)', - 'adsl/node.tag/pvc/node.tag/pppoa/node.tag' => 'pppoa$VAR(../../@)', - 'adsl/node.tag/pvc/node.tag/pppoe/node.tag' => 'pppoe$VAR(../../@)', - 'bonding/node.tag' => '$VAR(../../@)', 'bonding/node.tag/vif/node.tag' => '$VAR(../../../@).$VAR(../../@)', 'bonding/node.tag/vif-s/node.tag' => '$VAR(../../../@).$VAR(../../@)', @@ -68,16 +65,9 @@ my %interface_hash = ( 'vxlan/node.tag' => '$VAR(../../@)', - 'multilink/node.tag/vif/node.tag' => '$VAR(../../../@)', - - 'serial/node.tag/cisco-hdlc/vif/node.tag' => - '$VAR(../../../../@).$VAR(../../@)', - 'serial/node.tag/frame-relay/vif/node.tag' => - '$VAR(../../../../@).$VAR(../../@)', - 'serial/node.tag/ppp/vif/node.tag' => - '$VAR(../../../../@).$VAR(../../@)', - 'wirelessmodem/node.tag' => '$VAR(../../@)', + + 'dummy/node.tag' => '$VAR(../../@)' ); # The subdirectory where the generated templates will go diff --git a/gen-interface-templates.pl b/gen-interface-templates.pl index 7c037b6..2de86c5 100755 --- a/gen-interface-templates.pl +++ b/gen-interface-templates.pl @@ -19,6 +19,8 @@ # Description: Script to automatically generate per-interface firewall # templates. # +# Portions copyright by VyOS maintainers and contributors, 2015. +# # **** End License **** # use strict; @@ -34,11 +36,6 @@ my $debug = 0; # the partial pathname under the config template tree "interfaces/". # my %interface_hash = ( - 'adsl/node.tag/pvc/node.tag/bridged-ethernet' => '$VAR(../../../../../@)', - 'adsl/node.tag/pvc/node.tag/classical-ipoa' => '$VAR(../../../../../@)', - 'adsl/node.tag/pvc/node.tag/pppoa/node.tag' => 'pppoa$VAR(../../../@)', - 'adsl/node.tag/pvc/node.tag/pppoe/node.tag' => 'pppoe$VAR(../../../@)', - 'bonding/node.tag' => '$VAR(../../../@)', 'bonding/node.tag/vif/node.tag' => '$VAR(../../../../@).$VAR(../../../@)', 'bonding/node.tag/vif-s/node.tag' => '$VAR(../../../../@).$VAR(../../../@)', @@ -69,53 +66,38 @@ my %interface_hash = ( 'vxlan/node.tag' => '$VAR(../../../@)', - 'multilink/node.tag/vif/node.tag' => '$VAR(../../../../@)', - - 'serial/node.tag/cisco-hdlc/vif/node.tag' => - '$VAR(../../../../../@).$VAR(../../../@)', - 'serial/node.tag/frame-relay/vif/node.tag' => - '$VAR(../../../../../@).$VAR(../../../@)', - 'serial/node.tag/ppp/vif/node.tag' => - '$VAR(../../../../../@).$VAR(../../../@)', - 'wirelessmodem/node.tag' => '$VAR(../../../@)', + + 'dummy/node.tag' => '$VAR(../../../@)' ); # Firewall node hashes my %firewall_hash = ( - 'adsl/node.tag/pvc/node.tag/bridged-ethernet' => 'adsl $VAR(../../../@) pvc $VAR(../../@) bridged-ethernet', - 'adsl/node.tag/pvc/node.tag/classical-ipoa' => 'adsl $VAR(../../../@) pvc $VAR(../../@) classical-ipoa', - 'adsl/node.tag/pvc/node.tag/pppoa/node.tag' => 'adsl $VAR(../../../@) pvc $VAR(../../@) pppoa $VAR(../@)', - 'adsl/node.tag/pvc/node.tag/pppoe/node.tag' => 'adsl $VAR(../../../@) pvc $VAR(../../@) pppoe $VAR(../@)', 'bonding/node.tag' => 'bonding $VAR(../@)', 'bonding/node.tag/vif/node.tag' => 'bonding $VAR(../../../@) vif $VAR(../@)', 'bonding/node.tag/vif-s/node.tag' => 'bonding $VAR(../../../@) vif-s $VAR(../@)', 'bonding/node.tag/vif-s/node.tag/vif-c/node.tag' => 'bonding $VAR(../../../../@) vif-s $VAR(../../@) vif-c $VAR(../@)', 'bridge/node.tag' => 'bridge $VAR(../@)', 'ethernet/node.tag' => 'ethernet $VAR(../@)', - 'ethernet/node.tag/pppoa/node.tag' => 'ethernet $VAR(../../@) pppoa $VAR(../@)', 'ethernet/node.tag/pppoe/node.tag' => 'ethernet $VAR(../../@) pppoe $VAR(../@)', 'ethernet/node.tag/vif/node.tag' => 'ethernet $VAR(../../../@) vif $VAR(../@)', 'ethernet/node.tag/vif-s/node.tag' => 'ethernet $VAR(../../../@) vif-s $VAR(../@)', 'ethernet/node.tag/vif-s/node.tag/vif-c/node.tag' => 'ethernet $VAR(../../../../@) vif-s $VAR(../../@) vif-c $VAR(../@)', 'ethernet/node.tag/vif/node.tag/pppoe/node.tag' => 'ethernet $VAR(../../../../@) vif $VAR(../../@) pppoe $VAR(../@)', 'input/node.tag' => 'input $VAR(../@)', - 'multilink/node.tag/vif/node.tag' => 'multilink $VAR(../../../@) vif $VAR(../@)', 'openvpn/node.tag' => 'openvpn $VAR(../@)', 'pseudo-ethernet/node.tag' => 'pseudo-ethernet $VAR(../@)', 'pseudo-ethernet/node.tag/vif/node.tag' => 'pseudo-ethernet $VAR(../../../@) vif $VAR(../@)', 'pseudo-ethernet/node.tag/vif-s/node.tag' => 'pseudo-ethernet $VAR(../../../@) vif-s $VAR(../@)', 'pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.tag' => 'pseudo-ethernet $VAR(../../../../@) vif-s $VAR(../../@) vif-c $VAR(../@)', - 'serial/node.tag/cisco-hdlc/vif/node.tag' => 'serial $VAR(../../../@) cisco-hdlc vif $VAR(../@)', - 'serial/node.tag/frame-relay/vif/node.tag' => 'serial $VAR(../../../@) frame-relay vif $VAR(../@)', - 'serial/node.tag/ppp/vif/node.tag' => 'serial $VAR(../../../@) ppp vif $VAR(../@)', 'tunnel/node.tag' => 'tunnel $VAR(../@)', 'vti/node.tag' => 'vti $VAR(../@)', 'wireless/node.tag' => 'wireless $VAR(../@)', 'wireless/node.tag/vif/node.tag' => 'wireless $VAR(../../../@) vif $VAR(../@)', 'wirelessmodem/node.tag' => 'wirelessmodem $VAR(../@)', 'l2tpv3/node.tag' => 'l2tpv3 $VAR(../@)', - 'vxlan/node.tag' => 'vxlan $VAR(../@)' + 'vxlan/node.tag' => 'vxlan $VAR(../@)', + 'dummy/node.tag' => 'dummy $VAR(../@)' ); # Hash table to check if the priority needs to set @ root |