diff options
author | Michael Larson <slioch@eng-140.vyatta.com> | 2008-02-20 13:36:00 -0800 |
---|---|---|
committer | Michael Larson <slioch@eng-140.vyatta.com> | 2008-02-20 13:36:00 -0800 |
commit | c3cf64a0273fd728d07a1ab7dd3a3a421d2f23f1 (patch) | |
tree | e4c289e33099612892c271ceeaacacf4a68bf2c3 | |
parent | 582eded822fadc05a1b60656e8c9920399e6a7f9 (diff) | |
download | vyatta-cfg-quagga-c3cf64a0273fd728d07a1ab7dd3a3a421d2f23f1.tar.gz vyatta-cfg-quagga-c3cf64a0273fd728d07a1ab7dd3a3a421d2f23f1.zip |
fix for bug 2541--requires saving temporary file, plus script to walk tree and redefined nodes. a bit of a
pain.
-rw-r--r-- | Makefile.am | 1 | ||||
-rw-r--r-- | scripts/vyatta-policy-action-verify.pl | 62 | ||||
-rw-r--r-- | templates/policy/route-map/node.def | 1 | ||||
-rw-r--r-- | templates/policy/route-map/node.tag/rule/node.def | 4 | ||||
-rw-r--r-- | templates/policy/route-map/node.tag/rule/node.tag/action/node.def | 4 |
5 files changed, 70 insertions, 2 deletions
diff --git a/Makefile.am b/Makefile.am index 154565fc..3f4f0328 100644 --- a/Makefile.am +++ b/Makefile.am @@ -6,6 +6,7 @@ sbin_SCRIPTS += scripts/vyatta_quagga_utils.pl sbin_SCRIPTS += scripts/policy/vyatta-check-as-prepend.pl sbin_SCRIPTS += scripts/vyatta-vtysh.pl sbin_SCRIPTS += scripts/vyatta-linkstatus.pl +sbin_SCRIPTS += scripts/vyatta-policy-action-verify.pl cpiop = find . ! -regex '\(.*~\|.*\.bak\|.*\.swp\|.*\#.*\#\)' -print0 | \ cpio -0pd diff --git a/scripts/vyatta-policy-action-verify.pl b/scripts/vyatta-policy-action-verify.pl new file mode 100644 index 00000000..2b656dcd --- /dev/null +++ b/scripts/vyatta-policy-action-verify.pl @@ -0,0 +1,62 @@ +#!/usr/bin/perl -w +# +# Module: vyatta-wanloadbalance.pl +# +# **** License **** +# Version: VPL 1.0 +# +# The contents of this file are subject to the Vyatta Public License +# Version 1.0 ("License"); you may not use this file except in +# compliance with the License. You may obtain a copy of the License at +# http://www.vyatta.com/vpl +# +# Software distributed under the License is distributed on an "AS IS" +# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See +# the License for the specific language governing rights and limitations +# under the License. +# +# This code was originally developed by Vyatta, Inc. +# Portions created by Vyatta are Copyright (C) 2008 Vyatta, Inc. +# All Rights Reserved. +# +# Author: Michael Larson +# Date: January 2008 +# Description: Writes exclusion list for linkstatus +# +# **** End License **** +# +use lib "/opt/vyatta/share/perl5/"; +use VyattaConfig; +use VyattaMisc; + +use warnings; +use strict; +use POSIX; +use File::Copy; + +#solution: put a commit statement in the rule node that does the action test and squirt out delete hook in rule node on a delete. + +my $route_map = shift; +my $rule = shift; +my $action = shift; + +if (!defined($rule) || !defined($route_map)) { + exit 1; +} + +my $config = new VyattaConfig; + +$config->setLevel('policy route-map $route_map rule $rule'); +if ($config->exists("action")) { + exit 0; +} +my @qualifiers = $config->listNodes(); +foreach my $qualifiers (@qualifiers) { + exit 1; #error! +} + +#need to get a count of what's left and if action is deleted, but other nodes are present then reject + +if (-e "/tmp/delete-policy-route-map-$route_map-rule-$rule") { + system "/opt/vyatta/sbin/vyatta-vtysh.pl -c \"configure terminal\" -c \"no route-map $route_map $action $rule\""; +} diff --git a/templates/policy/route-map/node.def b/templates/policy/route-map/node.def index 0a7c2841..dfdc6494 100644 --- a/templates/policy/route-map/node.def +++ b/templates/policy/route-map/node.def @@ -2,4 +2,3 @@ tag: type: txt help: Create route-map or enter route-map command mode syntax:expression: pattern $VAR(@) "^[-a-zA-Z0-9.]+$" ; "route-map $VAR(@): name must be alpha-numeric" -delete:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -n -c \"configure terminal\" -c \"no route-map $VAR(@)\" " diff --git a/templates/policy/route-map/node.tag/rule/node.def b/templates/policy/route-map/node.tag/rule/node.def index ccfad3ad..c3079f54 100644 --- a/templates/policy/route-map/node.tag/rule/node.def +++ b/templates/policy/route-map/node.tag/rule/node.def @@ -2,3 +2,7 @@ tag: type: u32 help: Specify route-map rule number syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "route-map $VAR(../@): rule number $VAR(@) must be between 1 and 65535" +end:expression: "if [ -f /tmp/delete-policy-route-map-$VAR(../@)-rule-$VAR(@) ]; then \ + ${vyatta_sbindir}/vyatta-policy-action-verify.pl $VAR(../@) $VAR(@) $( cat /tmp/delete-policy-route-map-$VAR(../@)-rule-$VAR(@) ); \ + fi" + diff --git a/templates/policy/route-map/node.tag/rule/node.tag/action/node.def b/templates/policy/route-map/node.tag/rule/node.tag/action/node.def index e06322dd..83e092e8 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/action/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/action/node.def @@ -2,4 +2,6 @@ type: txt help: Action to take on prefixes matching this rule syntax:expression: $VAR(@) in "permit", "deny"; "route-map $VAR(../../@) $VAR(@) $VAR(../@) action: must be permit or deny" update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c \"route-map $VAR(../../@) $VAR(@) $VAR(../@)\" " -delete:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c \"no route-map $VAR(../../@) $VAR(@) $VAR(../@)\" " +update:expression: exec "sudo rm -f /tmp/delete-policy-route-map-$VAR(../../@)-rule-$VAR(../@) 2>/dev/null" +delete:expression: exec "sudo echo $VAR(@) > /tmp/delete-policy-route-map-$VAR(../../@)-rule-$VAR(../@)" + |