diff options
author | Robert Bays <rbays@moresby.vyatta.com> | 2008-03-10 23:11:17 -0700 |
---|---|---|
committer | Robert Bays <rbays@moresby.vyatta.com> | 2008-03-10 23:11:17 -0700 |
commit | 456422fdc7c0cbe84ab837cba8f47270c0e75ad5 (patch) | |
tree | adb31916939cfc8556421d58275da68dc2ccdb6d | |
parent | 0797f7cd410ac7a3a5e2f9f28be90d5eb0e31366 (diff) | |
download | vyatta-cfg-quagga-456422fdc7c0cbe84ab837cba8f47270c0e75ad5.tar.gz vyatta-cfg-quagga-456422fdc7c0cbe84ab837cba8f47270c0e75ad5.zip |
fix for bugs 2541, 2888, 2676
5 files changed, 38 insertions, 7 deletions
diff --git a/scripts/policy/vyatta-policy.pl b/scripts/policy/vyatta-policy.pl index 51aa163a..b47d9c96 100755 --- a/scripts/policy/vyatta-policy.pl +++ b/scripts/policy/vyatta-policy.pl @@ -9,12 +9,14 @@ GetOptions("update-access-list=s" => \$accesslist, "update-aspath-list=s" => \$aspathlist, "update-community-list=s" => \$communitylist, "check-peer-syntax=s" => \$peer, + "check-routemap-action=s" => \$routemap, ); if (defined $accesslist) { update_access_list($accesslist); } if (defined $aspathlist) { update_as_path($aspathlist); } if (defined $communitylist) { update_community_list($communitylist); } if (defined $peer) { check_peer_syntax($peer); } +if (defined $routemap) { check_routemap_action($routemap); } exit 0; @@ -209,3 +211,25 @@ sub update_access_list() { exit 0; } +## check_routemap_action +# check if the action has been changed since the last commit. +# we need to do this because quagga will wipe the entire config if +# the action is changed. +# $1 = policy route-map <name> rule <num> +sub check_routemap_action() { + my $routemap = shift; + my $config = new VyattaConfig; + + my $action = $config->setLevel("$routemap"); + my $origvalue = $config->returnOrigValue(); + if ($origvalue) { + my $value = $config->returnValue(); + if ("$value" ne "$origvalue") { + print "You can not change the action for $routemap.\n"; + print "To change the action you must first delete the rule and commit it.\n\n"; + exit 1; + } + } + + exit 0; +} diff --git a/templates/policy/route-map/node.tag/rule/node.def b/templates/policy/route-map/node.tag/rule/node.def index c3079f54..7b96dd0d 100644 --- a/templates/policy/route-map/node.tag/rule/node.def +++ b/templates/policy/route-map/node.tag/rule/node.def @@ -2,7 +2,8 @@ tag: type: u32 help: Specify route-map rule number syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "route-map $VAR(../@): rule number $VAR(@) must be between 1 and 65535" -end:expression: "if [ -f /tmp/delete-policy-route-map-$VAR(../@)-rule-$VAR(@) ]; then \ - ${vyatta_sbindir}/vyatta-policy-action-verify.pl $VAR(../@) $VAR(@) $( cat /tmp/delete-policy-route-map-$VAR(../@)-rule-$VAR(@) ); \ - fi" - +delete:expression: "if [ -f /tmp/delete-policy-route-map-$VAR(../@)-rule-$VAR(@) ]; then \ + ${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \ + -c \"no route-map $VAR(../@) $VAR(./@/action/@) $VAR(@)\"; \ + rm -f /tmp/delete-policy-route-map-$VAR(../@)-rule-$VAR(@); \ + fi" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/action/node.def b/templates/policy/route-map/node.tag/rule/node.tag/action/node.def index 83e092e8..1fcc4a8c 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/action/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/action/node.def @@ -1,7 +1,11 @@ type: txt help: Action to take on prefixes matching this rule syntax:expression: $VAR(@) in "permit", "deny"; "route-map $VAR(../../@) $VAR(@) $VAR(../@) action: must be permit or deny" -update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c \"route-map $VAR(../../@) $VAR(@) $VAR(../@)\" " -update:expression: exec "sudo rm -f /tmp/delete-policy-route-map-$VAR(../../@)-rule-$VAR(../@) 2>/dev/null" +update:expression: "/opt/vyatta/sbin/vyatta-policy.pl --check-routemap-action \"policy route-map $VAR(../../@) rule $VAR(../@) action\"; \ + if [ \"$?\" -eq \"0\" ]; then \ + ${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c \"route-map $VAR(../../@) $VAR(@) $VAR(../@)\"; \ + else \ + exit 1; \ + fi ; " delete:expression: exec "sudo echo $VAR(@) > /tmp/delete-policy-route-map-$VAR(../../@)-rule-$VAR(../@)" - +# note: delete is handled by parent 'rule' node because the action is required for a route-map in quagga diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def index 29298fac..e7ff7a0f 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def @@ -1,5 +1,6 @@ help: Match BGP community list delete:expression: "touch /tmp/policy-route-map-$VAR(../../../@)-$VAR(../../action/@)-$VAR(../../@)-match-community.$PPID" +## this will always return exact-match pending bug 2525 being fixed end:expression: "if [ -z \"$VAR(./community-list/)\" ]; then \ echo You must configure a community-list ; \ exit 1 ; \ diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def index f1e98001..0dea5ab1 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def @@ -1,5 +1,6 @@ help: Set BGP community list delete:expression: "touch /tmp/policy-route-map-$VAR(../../../@)-$VAR(../../action/@)-$VAR(../../@)-set-comm-list.$PPID" +## this will always return delete pending bug 2525 being fixed end:expression: "if [ -z \"$VAR(./comm-list/)\" ]; then \ echo You must configure a comm-list ; \ exit 1 ; \ |