From e92085a125f70e346801c22fc530ed8c2a8447e4 Mon Sep 17 00:00:00 2001 From: John Southworth Date: Mon, 5 Dec 2011 16:29:46 -0800 Subject: add priorities to vrrp traffic-policy so that it is executed after keepalived has started add mirror and redirect to ethernet vrrp interfaces --- gen-interface-templates.pl | 9 +++++---- .../vrrp/vrrp-group/node.tag/interface/mirror/node.def | 17 +++++++++++++++++ .../vrrp-group/node.tag/interface/redirect/node.def | 17 +++++++++++++++++ 3 files changed, 39 insertions(+), 4 deletions(-) create mode 100644 templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/interface/mirror/node.def create mode 100644 templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/interface/redirect/node.def diff --git a/gen-interface-templates.pl b/gen-interface-templates.pl index a86ffa7..c2293aa 100755 --- a/gen-interface-templates.pl +++ b/gen-interface-templates.pl @@ -66,7 +66,7 @@ my %interface_hash = ( ); sub gen_template { - my ( $inpath, $outpath, $ifname ) = @_; + my ( $inpath, $outpath, $ifname, $iftree ) = @_; print $outpath, "\n" if ($debug); opendir my $d, $inpath @@ -86,14 +86,15 @@ sub gen_template { or mkdir($out) or die "Can't create $out: $!"; - gen_template( $in, $out, $subif ); + gen_template( $in, $out, $subif, $iftree); next; } print "in: $in out: $out\n" if ($debug); open my $inf, '<', $in or die "Can't open $in: $!"; open my $outf, '>', $out or die "Can't open $out: $!"; - + + print $outf "priority: 820 \# after vrrp\n" if ($iftree =~ /vrrp/); while ( my $line = <$inf> ) { $line =~ s#\$IFNAME#$ifname#; print $outf $line; @@ -126,5 +127,5 @@ foreach my $if_tree ( keys %interface_hash ) { or mkdir_p($outpath) or die "Can't create $outpath:$!"; - gen_template( $inpath, $outpath, $interface_hash{$if_tree} ); + gen_template( $inpath, $outpath, $interface_hash{$if_tree}, $if_tree ); } diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/interface/mirror/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/interface/mirror/node.def new file mode 100644 index 0000000..0b2ca8c --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/interface/mirror/node.def @@ -0,0 +1,17 @@ +priority: 820 +type: txt +help: Incoming packet mirroring destination +allowed: ${vyatta_sbindir}/vyatta-interfaces.pl --show=ethernet + +val_help: Interface for packet mirroring + +commit:expression: $VAR(../redirect) == ""; \ + "interface $VAR(../../../../@)v$VAR(../../@) : can not do both redirect and mirror" + +commit:expression: $VAR(../traffic-policy/in) == ""; \ + "interface $VAR(../../../../@)v$VAR(../../@) : can not use ingress policy and mirror" + +commit:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --dev $VAR(@) --check=all" + +update: /opt/vyatta/sbin/vyatta-qos.pl --update-action $VAR(../../../../@)v$VAR(../../@) +delete: /opt/vyatta/sbin/vyatta-qos.pl --delete-action $VAR(../../../../@)v$VAR(../../@) diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/interface/redirect/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/interface/redirect/node.def new file mode 100644 index 0000000..fcaaf15 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/interface/redirect/node.def @@ -0,0 +1,17 @@ +priority: 820 # after vrrp +type: txt +help: Incoming packet redirection destination +allowed: /opt/vyatta/sbin/vyatta-interfaces.pl --show=input + +val_help: Interface for packet redirection + +commit:expression: $VAR(../mirror) == "";\ + "interface $VAR(../../../../@)v$VAR(../../@) : can not do both redirect and mirror" + +commit:expression: $VAR(../traffic-policy/in) == ""; \ + "interface $VAR(../../../../@)v$VAR(../../@) : can not use ingress policy and redirect" + +commit:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --dev $VAR(@) --check=all" + +update: /opt/vyatta/sbin/vyatta-qos.pl --update-action $VAR(../../../../@)v$VAR(../../@) +delete: /opt/vyatta/sbin/vyatta-qos.pl --delete-action $VAR(../../../../@)v$VAR(../../@) -- cgit v1.2.3